No Subject

[Rob Henry]

Explain what this site is please!

cos' i'm very confused

Re:

[Tim May]

At 6:10 PM +1000 9/3/00, Rob Henry wrote:
>Explain what this site is please!
>
>cos' i'm very confused

You're much more than confused. You're stupid.

For starters, this is not "a site."

Some people are too stupid to be allowed to live.



--Tim May
-- 
-:-:-:-:-:-:-:
Timothy C. May  | Crypto Anarchy: encryption, digital money,
ComSec 3DES:   831-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
"Cyphernomicon" | black markets, collapse of governments.

Re: Whipped Europenas

[Sampo A Syreeni]

On Fri, 1 Sep 2000, No User wrote:

>> Nuh. I think they should be happy about biology education - might one day
>> give them a nice young crackpot with the talent to create a drug user
>> killing flu...
>
>Or better yet, a flu that killed everybody without sufficient THC residue
>in their body. 

Or a modified influenza (which I think is a retrovirus - anybody?) which
actually splices your THC gene into the subject's own genes for good,
perhaps with a promoter area borrowed from some suitably chosen selectively
activated gene (say, the gene controlling lactic acid metabolism which could
make for a high every time the person engages in anything 
physical). Whatever. Of course there are lots of variations.

Actually I think that the post about THC producing oranges is a bit far
flung. From what I know about THC, it's pretty far from a protein, which are
the only things produced under the control of a single gene. I also think
that oranges are not very close relatives of hemp, so it is unlikely that
close enough precursors to THC would be present to enable us to produce THC
with the addition of a single enzymatic cleavage stage or some such simple
step. And from what I know about genetic technology, it isn't quite on the
level of enabling complicated (i.e. considerably more than a single
gene) biochemical syntheses to be transferred from species to species. In a
word, I think the magic oranges might be legend. Of course, there might be
shortcuts - instead of using recombinant DNA techniques, we could perhaps
try to get cells with both orange and hemp cellular nuclei to divide. I
don't think either of these particular plants is prone to accepting such a
treatment (unlike, I think, rye).

Sampo Syreeni <[EMAIL PROTECTED]>, aka decoy, student/math/Helsinki university

Re: Re: Is kerberos broken?

[Sampo A Syreeni]

On Fri, 1 Sep 2000, petro wrote:

>   Of course, a *simple* substitution of one word (or even 
>spaces) would make this *much* harder.

As I said, people on this list hardly have a problem with dictionary
attacks.

>   "Friends, Romulans, fellow countrymen, lend me your beers..."
>
>   (I probably buthered the hell out of that, never having heard 
>or read the original, but I think it gets the point across)

Wasn't that your whole point? ;)

Sampo Syreeni <[EMAIL PROTECTED]>, aka decoy, student/math/Helsinki university

auditable gaming PRNGs (Re: PRNG server)

[Adam Back]

Seems to me you can do better with a gaming server.  If the gaming
server servers RNGs in a sequence such that each sample in the
sequence can be verified, they don't need to trust the server; or at
least there is an audit function.

Eg. say that the server publishes subsequent pre-images in a
hashchain.

h_0 
h_{i+1} = h_i

and the server computes h_i values up to i = 10^8 and then publishes
them starting with h_{10^8}, h_{10^8-1}, ...

Then anyone can verify that the random number is the preimage of the
previous random number.

You do something similar with a more efficient (log(n)) auditing
function with merkle authentication trees.

If they aren't doing this someone should clue them in.

Adam

Re: export reg timewarp? (Re: RC4 source as a literate program)

[John Young]

Adam Back wrote:

>The US export regulations no longer prevent export of crypto.  PGP
>exported binary copies of PGP from US websites, as now do many other
>companies.  Crypto source is exported also from numerous web sites.
>
>I don't follow why all the discussion talking as if ITAR and EARs were
>still in effect in unmodified form.

Good point, except that PGP.com and Freeware still have export
restrictions on downloads, as do most other US crypto export
sites. This is probably due to the fact that nobody understands
the export regs and better safe than lose out on fat government
contracts, and corollary contracts with other corporations who
dare not offend the authorities.

Even some private sites which rushed to offer crypto on the Internet
have withdrawn their offerings. And, according to Matt Blaze's
tabulation of such offerings, they have nearly petered out.

Don't forget that there is till a review required by BXA for strongest 
products. What happens in those reviews has not been disclosed 
as far as I know. Whether the NDA is voluntary to hide trade
secrets, compulsary to hide dirty dealing, or worse to hide
really nasty access requirements -- probably some of all
these in the great American tradition of promising much and
delivering not so much unless you play ball under the umpires
clubhouse rules.

Nicky Hager (of Secret Power fame) co-wrote another book
on a PR war in NZ in which he covered at length the practice
of governments and corporations hiding their filthy deals from
freedom of information access through the loophole of
protecting proprietary information from the public.

Another commentator pointed out recently that the vast
majority of FOIA requests are indeed made by people
seeking commercial intelligence which is not intended to
be made public , and relatively few seeking information 
to release to the public.

So there is a bind on getting info on what actually happens
at BXA and its co-agencies during crypto export review.
However, in contrast to a few years back, I don't see 
many corporations or individuals calling for greater access 
to closed information about crypto export procedures.

Could be all the crypto folks are doing just fine under
the system, so why bitch about making it into the comfort
zone. And, oh yeah, fuck the public interest now that
the crypto public outreach PR campaigns did their job to 
get inside the sweetheart PR loophole.

Doug Porter has written an interesting update about all this 
crypto flim-flam in the "Pocket Guide to NSA Sabotage:"

   http://cryptome.org/nsa-sabotage.htm

And what the fuck is Schneier doing trashing crypto to build
his security consulting business? That sounds like priests
preaching Our Church Alone salvation to keep the flock 
frightened, dependent and shelling out for long term 
protection contracts. You know, like the one-world feds 
and all-world spooks.