Re: Technological Solution
At 06:32 PM 4/28/01 -0700, Tim May wrote: People don't need to spend several months wading through cryptography textbooks to come up to a level that is sufficient to understand the real issues.) --Tim May In fact, crypto textbooks will teach you about the tensile strength of steel, but not that you can build bridges and cars and guns from it. They'll teach you protocols, but not how much it costs to bribe a counter-intelligence manager. They'll teach you Chaum's math but not May's inevitabilities. This list is uniquely useful (indeed, 'chartered' (snicker)) for the study of the social impacts of crypto. Note that studying something doesn't mean endorsing it. I end with two examples. * we may lament the death of copyright but acknowledge certain socially interesting technological trends (Moore's 'law', bandwith-doubling-every-9-month, TCP/IP (snicker), N*pster, Gnut*lla) leading to its demise are inevitable. * we may lament the death of tyrants, but we acknowledge that shit happens. Much like conventional historians, eh? We may regret that certain species are extinct but we are not making the rules here.
Re: Technological Solution
Quoting Tim May [EMAIL PROTECTED]: At 6:32 PM -0700 4/28/01, Tim May wrote: (You see, the quick review process is much better than the method you suggested re: economics, that people read the main textbooks. People don't need to spend several months wading through cryptography textbooks to come up to a level that is sufficient to understand the real issues.) I erred. I got Aimee mixed-up with Faustine. It is Faustine who argues for reading Samuelson instead of the books we normally recommend. For the record, I also said that any econ 101 textbook would do just as well: the only reason his name was mentioned at all was that he wrote the first intro textbook that came to mind. And I never said not to read the books on your list, never offered an alternate list, etc. If you'd like to point me to the ambiguous part of my saying it's a great list please do...otherwise, no need to misrepresent me. Quick review is great in that you can absorb a lot of relevant information that way--but you inevitably end up missing a lot too. Personally, I'm glad I spent about a week intensely digesting the Schneier. You only have to read an intro once, and I think it really helped me be able to put things in a broader perspective, faster. There's a whole continuum between sufficient to understand the issues and mastery of the subject(s) comprising the issues. You might say that feeling completely at home with the issues is something inbetween to shoot for. And how much you demand of yourself before you feel like you got there is entirely up to you. ~Faustine. 'We live in a century in which obscurity protects better than the law--and reassures more than innocence can.' Antoine Rivarol (1753-1801).
Re: Technological Solution
On Sat, 28 Apr 2001, Declan McCullagh wrote: If only they worked. There was an interesting paper presented here in Pittsburgh at the info hiding workshop this week that suggested a way to strengthen the somewhat-suckful mixmaster network. (Of That would be A Reputation System To Increase MIX-net Reliability Roger Dingledine, Michael Freedman, David Hopwood, and David Molnar IHW pre-proceedings version here: http://www.freehaven.net/doc/mix-acc/mix-acc.ps Slightly longer version with more discussion: http://www.freehaven.net/doc/mix-acc/mix-acc2.ps Three guesses as to where (some of) the authors' interests in reputations come from. We are currently revising the paper for the final proceedings version. Comments welcome. thanks, -David
Re: Technological Solution
On Sat, Apr 28, 2001 at 08:49:43PM -0700, Tim May wrote: Well, better than nothing. (Like I said in another article tonight, the best is often the enemy of the good.) We knew even in 1992 that remailers were a pale imitation of the DC Nets discussed a few years earlier by Chaum and analyzed by others as well. But there were no DC Nets in 1992, and so remailers were nonetheless a step above what existed then (basically, the Kremvax/Kleinpaste/Julf approach). Better than nothing is understating the case a bit, I think. The info hiding workshop was a very interesting one that was almost entirely cypherpunk-relevant. It seems like researchers are choosing to present less-polished work here rather than waiting in line at eurocrypt, for instance, which makes it more timely, probably. The program's at: http://www.cert.org/IHW2001/ There's always a tension between the corporate-watermarking folks and the anon-privacy folks at these types of events, and this year was no exception. But it hasn't split into two yet, and seems set to stay intact for at least one more round in 18 months. -Declan
Re: Technological Solution
At 11:22 PM -0400 4/28/01, Declan McCullagh wrote: On Sat, Apr 28, 2001 at 06:32:08PM -0700, Tim May wrote: None of the non-cryptographic methods are very resistant to legal, technical, sniffing, and black bag attacks. And only multiply-chained encrypted-at-each-stage messages, a la remailers, are adequate for high-value messages. If only they worked. There was an interesting paper presented here in Pittsburgh at the info hiding workshop this week that suggested a way to strengthen the somewhat-suckful mixmaster network. (Of course, the network will never be even somewhat reliable until sufficient incentive -- ie digital cash or somesuch -- exists for running one.) At least one active cypherpunk was involved in writing that paper, and I cited it in my Wired article this week. Well, better than nothing. (Like I said in another article tonight, the best is often the enemy of the good.) We knew even in 1992 that remailers were a pale imitation of the DC Nets discussed a few years earlier by Chaum and analyzed by others as well. But there were no DC Nets in 1992, and so remailers were nonetheless a step above what existed then (basically, the Kremvax/Kleinpaste/Julf approach). I also saw at least two list members cited in your article (or perhaps in other articles dealing with the same conference): Ulf Moeller and David Molnar. I didn't check out the program for the conference, but it seems to me beyond any doubt that a lot of the current work at IBM and NRL and whatever on information hiding was outlined by our own posts in 1992-94, the period of major ferment. (My own first article on Usenet on using the LSBs of sound files and images for steganography was in around 1990-91. Someday the Usenet archives for sci.crypt will go back that far and I'll be able to prove it. There may have been ideas prior to mine, of course, but mine was pretty early in the game.) --Tim May -- Timothy C. May [EMAIL PROTECTED]Corralitos, California Political: Co-founder Cypherpunks/crypto anarchy/Cyphernomicon Technical: physics/soft errors/Smalltalk/Squeak/agents/games/Go Personal: b.1951/UCSB/Intel '74-'86/retired/investor/motorcycles/guns
Re: Technological Solution
Tim May wrote: None of the non-cryptographic methods are very resistant to legal, technical, sniffing, and black bag attacks. And only multiply-chained encrypted-at-each-stage messages, a la remailers, are adequate for high-value messages. Those who've read it know that Jim Bamford's Body of Secrets ends with a paragraph on NSA's being unable to cope with the spread of communications protection technology and has come to rely more and more on the Special Collection Service, a joint NSA-CIA black bag operation and other methods of gaining access to targeted material. This comes after decades of NSA disparaging the CIA's reliance on HUMINT in favor of COMINT, ELINT, and a host of technological intelligence gathering methods. Bamford says that NSA's prowess in these methods accounts for its humongous growth into the premier intel agency -- in budget and in personnel. Until the technology it invented, fostered and funded made its way into the private world and then to other countries intel (and allegedly criminal) organizations. From computers to crypto to means to crack or get around those. What will come of Special Collection Service application inside the United States as the fervor for homeland defense burgeons and the redefinition of foreign enemies to include anyone in the US considered to be a threat, is worth pondering, in particular as SCS techniques are shared with domestic agencies to fight the drug war and for counterterrorism -- all domestic agencies now becoming rapidly militarized in policy, training, equipment and close working with DoD. Recall DEA planting the bug on Jim Bell for IRS -- the agency is the most militarized due to the DoD and intel agencies being ordered to fight the drug war in the US and overseas. Recall, too, the amazing 30 agents which raided Jim's home, according to trial testimony by Jeff Gordon, the were all shocked and frightened at the chem-warfare stuff allegedly found there, until the EPA calmed the tough guys. That's the reason Jim's home is listed in the EPA's most hazardous sites compendium for the year of the raid. Last week, as Declan noted there were a series of congressional hearings on homeland security legislation and increased funding for combating high-tech crime. We offer the lengthy testimony on several bills providing for homeland defense and combating terrorism: http://cryptome.org/homeland-terr.htm (286K) As I noted a few days ago, information is now listed with nuclear, biological and chemical threats to the nation, and requires similar intelligence about its danger to the homeland. This could lead to the the technologies Tim lists being defined as homeland information-terrorist threats as our very own Stasi secret police grows rapidly -- informers squealing on family members, vast lists of suspects, and so on. No wonder the CIA has held on to the East German lists of enemies of the state -- its own citizenry -- so fervently. US intel is looking for reasons to live and where best than pursuing you know who, ably assisted by the industry set up by ex-intel members. Those down-sized by the end of the Cold War got bills to pay. Finally, reading the NYT account of Kerry's team killing the Vietnamese is sobering. The article is much more disturbing than accounts of it have portrayed. Kerry's and other killers' spin over the years have induced an intolerance for reading the grim shit that the military does when it is out of control. And be sure to reflect on Bamford's account of the Joint Chiefs planning to fake a terrorist attack on the US to warrant a Cuban offensive. That shit could be in the works even now -- homeland defense is aiming to be a humongous growth industry. One easy way to get that underway is to fake a nationally disruptive infowar attack -- or is that already underway.
Re: Technological Solution
At 6:32 PM -0700 4/28/01, Tim May wrote: (You see, the quick review process is much better than the method you suggested re: economics, that people read the main textbooks. People don't need to spend several months wading through cryptography textbooks to come up to a level that is sufficient to understand the real issues.) I erred. I got Aimee mixed-up with Faustine. It is Faustine who argues for reading Samuelson instead of the books we normally recommend. Apologies to both chicks. --Tim May -- Timothy C. May [EMAIL PROTECTED]Corralitos, California Political: Co-founder Cypherpunks/crypto anarchy/Cyphernomicon Technical: physics/soft errors/Smalltalk/Squeak/agents/games/Go Personal: b.1951/UCSB/Intel '74-'86/retired/investor/motorcycles/guns
Re: Technological Solution
At 2:24 PM -0500 4/28/01, Aimee Farr wrote: Reading the IMC gag order, Henson, the latest anonymous poster stuff, and Tim et. al. beating my head in pavement Since many forums don't allow for 'nymity, (or people just don't), what about a protected/offshore self-destruct quicktopic-like service: http://www.quicktopic.com/7/H/Kf6X7D9whDPx I use a quicktopic link in hyperlinked forums and email lists to avoid snoop bots, archival, and to disassociate the conversation to someplace that allows people to slip into a nym jacket. (I even have Aimee's Fightin' Rooster Pit for flame warrin' lawyers.) I'm sure this is a stunningly stupid idea... but it would seem to put people in (more) control of their content, instead of depending on the web site or service to adopt a solution for them. You're conflating many diverse issues, and, yes, picking a weak approach as a cure-all. (Note that I didn't even choose to heed your Kick me! sign by agreeing with you that it is a stunningly stupid idea. It's not stunningly stupid to use Hotmail, MyDeja (before it went away), etc. Many on this list have been doing so for years.) The conflation comes as follows: * Keith Henson chose to post under his own name, to appear in person at COS offices and recruiting centers, to picket, and so on. He was not trying to be anonymous or pseudonymous, so your proposal above would be pointless in his case. Likewise, I choose to post under my own name for most of my posts. (And, BTW, as you are new, Keith was on our list for a while. I've known Keith since 1976, and he's in the same Bay Area circles that overlap so often.) * Lots of ways exist to disassociate articles and comments from True Names. Remailers, nym servers, Hotmail, MyDeja, throwaway accounts, Web-to-mail, etc. Not having looked at the quicktopic thing you recommend, I can't say whether it's better or worse than most of these other methods. * Many posters on Cypherpunks are already using such methods...or did you think Lucky Green and Eric Cordian are government-sanctioned meatspace names? * Interestingly, most of the recent publicity over courts being asked to force names to be revealed has involved services like Silicon Investor, Raging Bull, and Yahoo fora, which DO support pseudonyms. In some cases the services have refused to reveal the true names associated with nyms on their boards. None of the non-cryptographic methods are very resistant to legal, technical, sniffing, and black bag attacks. And only multiply-chained encrypted-at-each-stage messages, a la remailers, are adequate for high-value messages. If you plan to stay on this list, I think it's long past time that you spend several hours reviewing past developments in these areas. (You see, the quick review process is much better than the method you suggested re: economics, that people read the main textbooks. People don't need to spend several months wading through cryptography textbooks to come up to a level that is sufficient to understand the real issues.) --Tim May -- Timothy C. May [EMAIL PROTECTED]Corralitos, California Political: Co-founder Cypherpunks/crypto anarchy/Cyphernomicon Technical: physics/soft errors/Smalltalk/Squeak/agents/games/Go Personal: b.1951/UCSB/Intel '74-'86/retired/investor/motorcycles/guns
Re: Technological Solution
I wrote: --- If you plan to stay on this list, I think it's long past time that you spend several hours reviewing past developments in these areas. (You see, the quick review process is much better than the method you suggested re: economics, that people read the main textbooks. People don't need to spend several months wading through cryptography textbooks to come up to a level that is sufficient to understand the real issues.) --- This is still an important issue, even though Aimee seems to think her head is being bashed on the pavement on this issue. The best is often the enemy of the good. My reading list suggestion had included several important books for list members to read that covered the economics topics of most interest and importance to our themes. The authors you have already seen. The topics are, roughly: libertarian viewpoints, public choice theory, game theory, the role of evolution and learning, preference revealing, etc. It is not essential to become an expert in game theory, or cryptography, or economics, or law. Rather, it is important to get up to speed quickly...IF one plans to contribute to a mailing list or discussion forum. As this applies to crypto, for example, it is very important important that members of the list understand roughly how PGP is used, how remailers work, what the BlackNet experiment showed, how reputations solve many distributed problems of interest to us, and so on--I could generate a long list of topics, and in fact _have_ generated such a list in the form of the Cyphernomicon. This is _much_ more important than that they spend several months reading Schneier, or Koblitz, or any of the dozen or so main textbooks. (Ideally, they should have one of these books to look at while reading about PGP, remailers, etc.) --Tim May -- Timothy C. May [EMAIL PROTECTED]Corralitos, California Political: Co-founder Cypherpunks/crypto anarchy/Cyphernomicon Technical: physics/soft errors/Smalltalk/Squeak/agents/games/Go Personal: b.1951/UCSB/Intel '74-'86/retired/investor/motorcycles/guns
RE: Technological Solution
Tim said: At 2:24 PM -0500 4/28/01, Aimee Farr wrote: Reading the IMC gag order, Henson, the latest anonymous poster stuff, and Tim et. al. beating my head in pavement Since many forums don't allow for 'nymity, (or people just don't), what about a protected/offshore self-destruct quicktopic-like service: http://www.quicktopic.com/7/H/Kf6X7D9whDPx I use a quicktopic link in hyperlinked forums and email lists to avoid snoop bots, archival, and to disassociate the conversation to someplace that allows people to slip into a nym jacket. (I even have Aimee's Fightin' Rooster Pit for flame warrin' lawyers.) I'm sure this is a stunningly stupid idea... but it would seem to put people in (more) control of their content, instead of depending on the web site or service to adopt a solution for them. You're conflating many diverse issues, and, yes, picking a weak approach as a cure-all. Well, if you tricked out an offlink solution, maybe it wouldn't be weak. Obviously, if there was a solution here, somebody would have already done it. (Note that I didn't even choose to heed your Kick me! sign by agreeing with you that it is a stunningly stupid idea. Always the gentleman, Mr. May. It's not stunningly stupid to use Hotmail, MyDeja (before it went away), etc. Many on this list have been doing so for years.) The conflation comes as follows: * Keith Henson chose to post under his own name, to appear in person at COS offices and recruiting centers, to picket, and so on. He was not trying to be anonymous or pseudonymous, so your proposal above would be pointless in his case. Likewise, I choose to post under my own name for most of my posts. Yes. (And, BTW, as you are new, Keith was on our list for a while. I've known Keith since 1976, and he's in the same Bay Area circles that overlap so often.) Hm. * Lots of ways exist to disassociate articles and comments from True Names. Remailers, nym servers, Hotmail, MyDeja, throwaway accounts, Web-to-mail, etc. Not having looked at the quicktopic thing you recommend, I can't say whether it's better or worse than most of these other methods. Look it up. It's easy, 20 seconds. Sheeple food. Again, I was thinking about a crypto-savvy offlinking solution. Obviously, this is a dumb idea for some reason, or not doable. * Many posters on Cypherpunks are already using such methods...or did you think Lucky Green and Eric Cordian are government-sanctioned meatspace names? No, I did not think so. * Interestingly, most of the recent publicity over courts being asked to force names to be revealed has involved services like Silicon Investor, Raging Bull, and Yahoo fora, which DO support pseudonyms. In some cases the services have refused to reveal the true names associated with nyms on their boards. I know this. None of the non-cryptographic methods are very resistant to legal, technical, sniffing, and black bag attacks. And only multiply-chained encrypted-at-each-stage messages, a la remailers, are adequate for high-value messages. Well, I was thinking obviously something dumb. If you plan to stay on this list, I think it's long past time that you spend several hours reviewing past developments in these areas. I think it's long past time that you spent several hours kissing my ass. I too, suffer from delusional fantasies. :) (You see, the quick review process is much better than the method you suggested re: economics, that people read the main textbooks. People don't need to spend several months wading through cryptography textbooks to come up to a level that is sufficient to understand the real issues.) That other chick said that, as you were kind enough to note. ~Aimee
RE: Technological Solution
At 9:43 PM -0500 4/28/01, Aimee Farr wrote: Tim said: * Keith Henson chose to post under his own name, to appear in person at COS offices and recruiting centers, to picket, and so on. He was not trying to be anonymous or pseudonymous, so your proposal above would be pointless in his case. Likewise, I choose to post under my own name for most of my posts. Yes. (And, BTW, as you are new, Keith was on our list for a while. I've known Keith since 1976, and he's in the same Bay Area circles that overlap so often.) Hm. Hm, indeed. The Church of Scientology case is a good example to look at. First, I am not a COS critic. Yeah, I've known since I was knee high to a hobbit that Dianetics, er, Scientology was a crock. That is, since I first read up on it in about 1967 (a Life magazine article, IIRC.) I followed the crapola about the engrams and the clams and Xenu for the next 30 years or so. When my friend Keith Henson decided to make war on the Church of Scientology, I said to him Why bother? They're no worse than Catholics who practice ritual cannibalism and induce gullible peasants to help build their churches of ivory and gold. Keith got a rush out of fighting the war. Me, I hate lawyers, I hate the term pro se, and I have seen too many of my friends wading out into the Big Muddy of the law. Also, I _despise_ the enthusiasm I see in the anti-COS movement toward moves by fascist states like France and Germany to declare Scientology an illegal religion. And I despise the calls for revocation of their tax status, etc. What's good enough for the Baptists and Rastafarians and Fribtertarians ought to be good enough for the Scientologists. Nevertheless, I remain a friend of Keith Henson. However, there are interesting links between the COS issue and Cypherpunks. Turns out that the war really started when someone posted the NOTS secret Church doctrines on alt.religion.scientology using Julf Helsingius' PENET mailing service. The Church flipped out, this was in early 1995, and launched a court battle to force Julf to reveal who the author was. The Julf mailing service was based on the work of an American, Karl Kleinpaste. It was not a true Cypherpunks-style remailer (based on the ideas of David Chaum, myself, Eric Hughes, Hal Finney, and others). Eventually the Finnish courts forced Julf to reveal the mapping. _Then_ it traced back to a Cypherpunks remailer chain, to a nym account at C2.net. That is, to more remailers. The trail stopped cold. (C2Net was run by our own Sameer Parekh and several other list members, including Doug Barnes and Sandy Sandfort. When C2Net changed its business model, most of its nym services transferred to Lance Cottrell, who still runs various services.) Is this too much history? Perhaps. But it shows the deep links between topics some so glibly comment on and what we've been working on for more than a decade. Much of this is covered in my Cyphernomicon. I urge you to get yourself up to speed, or to leave the list. Your provocative quarrels have grown tiresome. * Lots of ways exist to disassociate articles and comments from True Names. Remailers, nym servers, Hotmail, MyDeja, throwaway accounts, Web-to-mail, etc. Not having looked at the quicktopic thing you recommend, I can't say whether it's better or worse than most of these other methods. Look it up. It's easy, 20 seconds. Sheeple food. Again, I was thinking about a crypto-savvy offlinking solution. Obviously, this is a dumb idea for some reason, or not doable. I specifically didn't say it was dumb--that's your chick insecurity thing showing. What I pointed out is that such forms of weak nyms have been common for half a dozen years. * Interestingly, most of the recent publicity over courts being asked to force names to be revealed has involved services like Silicon Investor, Raging Bull, and Yahoo fora, which DO support pseudonyms. In some cases the services have refused to reveal the true names associated with nyms on their boards. I know this. But you were the one who suggested a solution to the linkability problem...when in fact your solution is no stronger than what Silicon Investor and Raging Bull already have as the default. None of the non-cryptographic methods are very resistant to legal, technical, sniffing, and black bag attacks. And only multiply-chained encrypted-at-each-stage messages, a la remailers, are adequate for high-value messages. Well, I was thinking obviously something dumb. There's that chick thing again. If you plan to stay on this list, I think it's long past time that you spend several hours reviewing past developments in these areas. I think it's long past time that you spent several hours kissing my ass. I too, suffer from delusional fantasies. :) I suggest that you spend a few hours or tens of hours catching up and your response is some kind of 8th-grade schoolgirl joke. --Tim May
Re: Technological Solution
At 10:09 PM -0400 4/28/01, John Young wrote: Finally, reading the NYT account of Kerry's team killing the Vietnamese is sobering. The article is much more disturbing than accounts of it have portrayed. Kerry's and other killers' spin over the years have induced an intolerance for reading the grim shit that the military does when it is out of control. We sent Lt. Calley to prison for life for being the officer in charge during My Lai. Will we send Lt. Kerry to prison for life for the same thing? Don't count on it. Calley was a red neck, what the COS calls fair game. Kerry is a Beloved Liberal. Hence his crimes must be Explained Away. Already this is happening. Kerry will likely end up a Victim. And be sure to reflect on Bamford's account of the Joint Chiefs planning to fake a terrorist attack on the US to warrant a Cuban offensive. And the plan to pin the blame on a possible John Glenn space failure on information warfare from Cuba. (The plan was that if John Glenn's mission in 1962 failed, the story would be that Havana had been beaming interference rays at Cape Canaveral.) Fidel was the Jim Bell of 1962. --Tim May -- Timothy C. May [EMAIL PROTECTED]Corralitos, California Political: Co-founder Cypherpunks/crypto anarchy/Cyphernomicon Technical: physics/soft errors/Smalltalk/Squeak/agents/games/Go Personal: b.1951/UCSB/Intel '74-'86/retired/investor/motorcycles/guns
Re: Technological Solution
On Sat, Apr 28, 2001 at 06:32:08PM -0700, Tim May wrote: None of the non-cryptographic methods are very resistant to legal, technical, sniffing, and black bag attacks. And only multiply-chained encrypted-at-each-stage messages, a la remailers, are adequate for high-value messages. If only they worked. There was an interesting paper presented here in Pittsburgh at the info hiding workshop this week that suggested a way to strengthen the somewhat-suckful mixmaster network. (Of course, the network will never be even somewhat reliable until sufficient incentive -- ie digital cash or somesuch -- exists for running one.) At least one active cypherpunk was involved in writing that paper, and I cited it in my Wired article this week. -Declan
