Re: FW: on FPGAs vs ASICs

[Tyler Durden]

How much off-the-shelf crypto IP is available to be plopped on a crypto net 
processor? Are their stego detection/cracking Development kits and so on?

-TD
From: "Major Variola (ret)" <[EMAIL PROTECTED]>
To: "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
Subject: Re: FW: on FPGAs vs ASICs
Date: Mon, 21 Mar 2005 18:34:07 -0800
At 05:44 PM 3/20/05 -0500, Tyler Durden wrote:
>What I suspect is that there's already some crypto net processors out
there,
>though they may be classified, or the commercial equivalent (ie, I
assume
>there are 'classified' catalogs from companies like General Dynamics
that
>normal clients never see).
I've programmed (well, microcoded) the Intel IXA family.   Some variants
of that family can do line-rate AES.  They can handle insane line rates,
thanks
to hardware everything and an array of hyperthreaded RISCs.   Not
at all classified.
At 09:49 AM 3/21/05 -0500, Trei, Peter wrote:
>One of the interesting twists of FPGAs is that you can
>optimize the circuit to the actual data being processed.
>For example, in DES keysearch you could hardwire into
>the circuit some of the subkey bits (which were determined
>by, say, high order key bits you rarely changed), thus
>simplifying the circuit. When those bits changed, you
>re-wrote the circuilt.
Its quite possible that reconfigurability is part of the future.
Your N-way x86 die will come with a few hundred thou reconfigurable
gates, which you'll reconfigure to do your Photoshop or MPEG
or rendering or speech recognition or modular exponentiation
tasks.   Obviously this is a big change and there's a lot of software
support required (from OS to app) to make it happen.  Also
there are fascinating tech problems in coupling the reconfig hardware
to high bandwidth data flows, required to keep it busy.  But the
benefits
are substantial.
Tangentially,
I should note that there are "modes of encryption" which can be scaled
infinitely
with parallel hardware; they use interleaved blocks so each chip sees
every Nth
block of the real stream.  So high clock rates are not required to
crypt.
It seems that hashing can be parallelized that way too, run a hash-chip
on
every Nth bit, and hash those partial results.   Both ends have to agree
on the N-way division (as with the infinitely scalable crypto) but
that's all.
With regular hashing (and attacks thereof that require grinding out a
lot
of hashes in order to find a collision, to go back to the original
topic)
single-chip parallel hardware hacks could speed things up, but (given
that modern hashes
are designed for CPUs, like AES) I don't ever expect to see DESCrack
like
gains there.
And while TD keeps alluding to the DESCrack suitcase, I'll point out
that a GSM Cracker
could fit in your carry-on luggage nowadays.   Every 'embassy' ought to
have one :-)

Re: FW: on FPGAs vs ASICs

[Jack Lloyd]

On Mon, Mar 21, 2005 at 06:34:07PM -0800, Major Variola (ret) wrote:

> Tangentially, I should note that there are "modes of encryption" which can be
> scaled infinitely with parallel hardware; they use interleaved blocks so each
> chip sees every Nth block of the real stream.  So high clock rates are not
> required to crypt.

Counter mode works this way, and is a fairly common mode in any case.

> It seems that hashing can be parallelized that way too, run a hash-chip on
> every Nth bit, and hash those partial results.  Both ends have to agree on
> the N-way division (as with the infinitely scalable crypto) but that's all.

Depending on the interconnect it would probably be faster to do it in blocks of
8-64k, doing it a bit at a time would eat your standard PCI bus alive.

There are message authentication modes which can scale 'infinitely' (assuming a
sufficiently long message), and don't depend on the number of functional units,
so for example I could generate a MAC using my regular single core CPU and you
could verify it on a machine with N functional units with a cooresponding
speedup of N (modulo some fixed per-message overhead) without us having to
agree on anything in advance. For example there is the MAC used in Rogoway's
OCB. Unfortunately most (all?) of these algorithms have been patented.

-Jack

Re: FW: on FPGAs vs ASICs

[Major Variola (ret)]

At 05:44 PM 3/20/05 -0500, Tyler Durden wrote:
>What I suspect is that there's already some crypto net processors out
there,
>though they may be classified, or the commercial equivalent (ie, I
assume
>there are 'classified' catalogs from companies like General Dynamics
that
>normal clients never see).

I've programmed (well, microcoded) the Intel IXA family.   Some variants

of that family can do line-rate AES.  They can handle insane line rates,
thanks
to hardware everything and an array of hyperthreaded RISCs.   Not
at all classified.


At 09:49 AM 3/21/05 -0500, Trei, Peter wrote:
>One of the interesting twists of FPGAs is that you can
>optimize the circuit to the actual data being processed.
>For example, in DES keysearch you could hardwire into
>the circuit some of the subkey bits (which were determined
>by, say, high order key bits you rarely changed), thus
>simplifying the circuit. When those bits changed, you
>re-wrote the circuilt.

Its quite possible that reconfigurability is part of the future.
Your N-way x86 die will come with a few hundred thou reconfigurable
gates, which you'll reconfigure to do your Photoshop or MPEG
or rendering or speech recognition or modular exponentiation
tasks.   Obviously this is a big change and there's a lot of software
support required (from OS to app) to make it happen.  Also
there are fascinating tech problems in coupling the reconfig hardware
to high bandwidth data flows, required to keep it busy.  But the
benefits
are substantial.

Tangentially,
I should note that there are "modes of encryption" which can be scaled
infinitely
with parallel hardware; they use interleaved blocks so each chip sees
every Nth
block of the real stream.  So high clock rates are not required to
crypt.

It seems that hashing can be parallelized that way too, run a hash-chip
on
every Nth bit, and hash those partial results.   Both ends have to agree

on the N-way division (as with the infinitely scalable crypto) but
that's all.
With regular hashing (and attacks thereof that require grinding out a
lot
of hashes in order to find a collision, to go back to the original
topic)
single-chip parallel hardware hacks could speed things up, but (given
that modern hashes
are designed for CPUs, like AES) I don't ever expect to see DESCrack
like
gains there.

And while TD keeps alluding to the DESCrack suitcase, I'll point out
that a GSM Cracker
could fit in your carry-on luggage nowadays.   Every 'embassy' ought to
have one :-)

Re: on FPGAs vs ASICs

[Bill Stewart]

At 11:11 AM 3/19/2005, Major Variola (ret) wrote:
 ---useful if you can't afford an ASIC run (a million bucks a mask...)
...
For someone making 10,000 routers, you use FPGAs.
DESCrack was solving a problem for which the x86 is not very efficient
at computing --all the sub-byte bit-diddling--
and hardware is very efficient (by design in DES, after all).
EFF's DESCrack cost $200K in 1998 and used ASICs.
(It's really only six years since we killed off single-DES!)
There were 1500 DES-cracker ASIC chips in it.
ASICs may cost a bit more today - Moore's Law helps,
but it also means that chip designs can become
larger and more complex, though code-cracker applications
have a lot of uniformity in their design,
and we've got six more years of experience
building ASIC cell libraries that can be reused.
I suspect a similar-sized machine would cost a similar amount
but have a lot more DES functional units in it.
FPGAs probably make more sense for routers,
because you want the ability to change the firmware more often,
and a router has a bunch of other parts as well,
and realistically, cypher-cracking is not an
economically viable activity for most people,
so the cost-benefit tradeoffs are a bit twisted.

Re: on FPGAs vs ASICs

[Tyler Durden]

FPGAs probably make more sense for routers,
because you want the ability to change the firmware more often,
and a router has a bunch of other parts as well,
and realistically, cypher-cracking is not an
economically viable activity for most people,
so the cost-benefit tradeoffs are a bit twisted.
The router world seems to use a good mixture. At a startup we were 
purchasing nice off-the-shelf MPLS ASICs, which did MPLS route setup and 
forwarding (and some enforcement) while the 'software'/control plane (eg, 
OSPF, RSVP-TE, etc...) was largely in FPGAs of our own brew.

At that time (ca, 2000/2001) some vendors were starting to push net 
processors, which were somewhere in between, and at the time just weren't 
quite fast enough for ASIC-busting applications and not quite flexible 
enough for FPGA-ish applications. Now, however, I'd bet net processors are 
very effective for metro-edge applications.

What I suspect is that there's already some crypto net processors out there, 
though they may be classified, or the commercial equivalent (ie, I assume 
there are 'classified' catalogs from companies like General Dynamics that 
normal clients never see). They can periodically upgrade the code when they 
discover that some new form of stego (for instance) has become in-vogue at 
Al Qaeda.

These won't be Variola Suitcase-type applications, though, but perhaps for 
special situations where they know the few locations in Cobble Hill Brooklyn 
they want to monitor and decrypt.

-TD

Re: on FPGAs vs ASICs

[Riad S. Wahby]

"Major Variola (ret)" <[EMAIL PROTECTED]> wrote:
> Riad doesn't seem to appreciate this.

Of course I do.  I'm saying that for our purposes (a dedicated
hashcracker) we want an ASIC.  Whether we can afford one or not is
another question (obviously if we can't, we buy the best FPGA we can).

...or are we no longer assuming an adversary with unlimited resources?

-- 
Riad S. Wahby
[EMAIL PROTECTED]

FW: on FPGAs vs ASICs

[Trei, Peter]

>From Major Variola (ret)

> Tyler, Riad, etc:
 
> FPGAs are used in telecom because the volumes do not support an ASIC
> run.
> Riad doesn't seem to appreciate this.  He does understand that an ASIC
> is more
> efficient because its gates are used only for 1 computation, 
> rather than
> most
> (FPGA) gates being used for reconfigurability ---useful if you can't
> afford
> an ASIC run (a million bucks a mask...) or if algorithms get tweaked
> (eg you release before the Spec comes out, or you are shooting for
> time-to-market).  Clockwise an FPGA wastes time in extra wire routing
> although since an FPGA may be made in state of the art processes,
> and your ASIC may not, its a complex tradeoff.  (Albeit some circuit
> topologies
> work very well on FPGAs)
> 
> So for the Cypherpunk wanting hardware (vs cluster) 
> acceleration, FPGAs
> are the way to go.  For TLAs, you prototype in FPGAs of course, and
> then make some chips in your private fab.  (Same for Broadcom, etc.)
> 
> For someone making 10,000 routers, you use FPGAs.
> 
> DESCrack was solving a problem for which the x86 is not very efficient
> at computing --all the sub-byte bit-diddling-- and hardware is very
> efficient
> (by design in DES, after all).

Indeed, during the initial DESCrack effort, I spent some time
investigating FPGAs. I came to the conclusion that it was
definitely possible to build a Weiner-style pipeline machine
(ie, one key tested per clock cycle), but it would be more
costly than I could afford. 

One of the interesting twists of FPGAs is that you can
optimize the circuit to the actual data being processed. 
For example, in DES keysearch you could hardwire into
the circuit some of the subkey bits (which were determined
by, say, high order key bits you rarely changed), thus
simplifying the circuit. When those bits changed, you
re-wrote the circuilt.

Peter Trei

on FPGAs vs ASICs

[Major Variola (ret)]

Tyler, Riad, etc:

FPGAs are used in telecom because the volumes do not support an ASIC
run.
Riad doesn't seem to appreciate this.  He does understand that an ASIC
is more
efficient because its gates are used only for 1 computation, rather than
most
(FPGA) gates being used for reconfigurability ---useful if you can't
afford
an ASIC run (a million bucks a mask...) or if algorithms get tweaked
(eg you release before the Spec comes out, or you are shooting for
time-to-market).  Clockwise an FPGA wastes time in extra wire routing
although since an FPGA may be made in state of the art processes,
and your ASIC may not, its a complex tradeoff.  (Albeit some circuit
topologies
work very well on FPGAs)

So for the Cypherpunk wanting hardware (vs cluster) acceleration, FPGAs
are the way to go.  For TLAs, you prototype in FPGAs of course, and
then make some chips in your private fab.  (Same for Broadcom, etc.)

For someone making 10,000 routers, you use FPGAs.

DESCrack was solving a problem for which the x86 is not very efficient
at computing --all the sub-byte bit-diddling-- and hardware is very
efficient
(by design in DES, after all).

CodeCon vs. Demo: A Tale of Two Conferences

[R.A. Hettinga]

The Wall Street Journal

  February 28, 2005

 PORTALS
 By LEE GOMES



Tale of 2 Conferences:
 High-Tech Innovation
 Comes in Many Guises
February 28, 2005

Through an unusual alignment of the planets, two conferences that featured
aspiring innovator-entrepreneurs eager to take the world by storm had their
start on the same weekend this month.

Both gatherings lasted three days; both featured speakers getting up on
stage and describing a new product, usually a piece of software.

Beyond that, though, the gatherings couldn't have been more different. The
first, called CodeCon, drew 100 or so mostly young programmers, many from
the open-source software movement, to a dark and cavernous San Francisco
dance club, the venue chosen largely because it was cheap. Attendance cost
$80, but you got to go to a Friday night reception at a nearby restaurant
with burgers, pizza and beer.

The second event was Demo, and it took place at a Scottsdale, Ariz., desert
resort that was selected for its golf course, plush rooms, gourmet food and
free-flowing open bars. The entry price there was $3,000, and more than 600
people showed up, though many were journalists who got in free.

While Demo -- and elite industry shows like it -- are sometimes portrayed
as carefully juried competitions of the current crop of tech innovation, in
fact, the main prerequisite for getting up on stage in Scottsdale was a
willingness to write a check for up to $16,000 to Demo's organizers. There
were an eye-glazing 75 presentations in all, most lasting six minutes.

At CodeCon, by contrast, it didn't cost anything for the 15 featured
speakers to present their ideas. They did, however, have to be selected in
advance by conference planners Len Sassaman and Bram Cohen.

If that last name sounds familiar, it's because Mr. Cohen is the author of
BitTorrent, the file-sharing software that is often used to download
pirated movies and that, by one estimate, is now responsible for 30% of all
Web traffic because those files are so big. BitTorrent, which has legal
uses too, was unveiled at the first CodeCon back in 2002, and it remains
the show's greatest hit.

Most of the folks presenting at Demo were small start-up companies in
"heat-seeking" mode, eager to snag a write-up from one of the freeloading
reporters or, better yet, an investment from one of the many venture
capitalists, hedge-fund managers, angel investors and other moneymen
working the halls.

At CodeCon, presenters tended to be small groups of programmers with far
more modest goals. A mention of your project in Slashdot, the blog of
record for techies, would be considered a home run. If, as a result of the
buzz from your presentation, you got a job interview at Google, that might
be a double.

The Luddites among you out there will probably be pleased to learn that
both gatherings were plagued by technical snafus. At CodeCon, the bulb in
the projector that speakers used to show their slides blew out on the first
day. One presenter improvised during the blackout by inviting the crowd to
gather around his laptop as he put his software through its paces.

At Demo, the whole network kept going down, which is no small detail when
you are trying to demonstrate something that works over the Internet. A
number of presenters thus found themselves living the entrepreneur's fever
dream of being on stage in a crowded hotel ballroom in front of a blank
screen, saying, in effect, "Trust me, the product really works."

A lot of Demo was focused on the computing needs of big companies, while
CodeCon was skewed to the sorts of computer-programming projects that would
interest computer programmers. But there was some overlap, too. See if you
can guess which of these programs was introduced at which conference:

A) Gleeper, for discovering new Web sites.

B) Browster, for speeding up Web searches.

C) IntelleDox, for coordinating changes to word-processing documents.

D) ApacheCA, for coordinating changes to a software project.

(Answers: CodeCon, Demo, Demo, CodeCon.)

If, through some space-time warp, the Demo people had found themselves at
CodeCon, they would probably have regarded many of the projects as crude,
unfinished or of limited appeal. Conversely, those at CodeCon would likely
have sneered that the Demo products were often me-too entrants into
already-crowded markets, innovative mainly in their use of the current
buzzwords.

But it's not as though the two groups are inherently antagonistic to each
other. While open-source buffs like those at CodeCon are sometimes
described as the Bolsheviks of the tech world, most would only too happily
start a company, and many probably will when they get a little older. The
Demo people, mostly in their 40s and 50s, haven't become too ossified to
remember that earth-shaking innovations in these days of Linux and the
Internet can turn up anywhere, even a San Francisco nightclub.

Indeed, venture

Technology vs social solutions

[Major Variola (ret)]

At 12:06 PM 1/4/05 -0500, John Kelsey wrote:
>>From: "Major Variola (ret)" <[EMAIL PROTECTED]>
>>3. Homebrew warning systems will face the same problems as eg pro
>>volcano warning systems: too many false alarms and no one cares.
>
>The best defense would seem to be a population with a lot of TVs and
radios.  At least after the first tsunami hit, the news would quickly
spread, and there were several hours between when the waves arrived at
different shores.  (And a 9.0 earthquake on the seafloor, or even a 7.0
earthquake on the seafloor, is a rare enough event that it's not crazy
to at least issue a "stay off the beach" kind of warning.)

Actually, people should know this as *background* in the same way that
you know
not to stand in open fields during lightening, play with downed
powerlines, or
walk into tail rotors.  I think some places have signs pointing
to higher elevations, with wave-glyphs.  I know that FLA has signs like
that for
hurricane storm-surges, and there are tornado signs in the midwest.

The rational explanation, I suppose, is that tsunami are so rare that
the knowledge is not
maintained.  (How many 'Merkins would know how to construct a nukebomb
shelter
these days?  How many SoCal'ians know how to drive on icy roads?)

Of course, broadcast media are used to tell people the obvious, eg don't
play in
channellized rivers during storms, and the evolution of the species
suffers slightly
but not entirely from the caveats.

Re: [i2p] I2P vs. Tor (fwd from [EMAIL PROTECTED])

[Eugen Leitl]

- Forwarded message from "Matthew P. Cashdollar" <[EMAIL PROTECTED]> -

From: "Matthew P. Cashdollar" <[EMAIL PROTECTED]>
Date: Tue, 07 Dec 2004 21:56:22 -0600
To: [EMAIL PROTECTED]
Subject: Re: [i2p] I2P vs. Tor
User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206)

Daniel Burton wrote:
>I was wondering if someone in the know could explain the principal
>differences between I2P and Tor to me, in both maturity level and
>connection methodology.

http://www.i2p.net/how_networkcomparisons

(Although I find it hard to imagine how Java rather than C is a /benefit/ :)
___
i2p mailing list
[EMAIL PROTECTED]
http://i2p.dnsalias.net/mailman/listinfo/i2p

- End forwarded message -
-- 
Eugen* Leitl http://leitl.org";>leitl
__
ICBM: 48.07078, 11.61144http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
http://moleculardevices.org http://nanomachines.net


pgpsRR95uBnEr.pgp
Description: PGP signature

The Challenge: Pepsi(R) vs. Coca-Cola(R)

[Taste-Test from OSG]

Pepsi(R) vs. Coca-Cola(R)

Re: [p2p-hackers] MixMinion vs. onion routing & GNUnet question (fwd from seberino@spawar.navy.mil)

[Eugen Leitl]

- Forwarded message from [EMAIL PROTECTED] -

From: [EMAIL PROTECTED]
Date: Mon, 8 Nov 2004 09:41:48 -0800
To: [EMAIL PROTECTED]
Cc: "Peer-to-peer development." <[EMAIL PROTECTED]>
Subject: Re: [p2p-hackers] MixMinion vs. onion routing & GNUnet question
User-Agent: Mutt/1.4.1i
Reply-To: "Peer-to-peer development." <[EMAIL PROTECTED]>

> These may be naive questions (I don't know GNUnet too well), but
> hopefully I am about to learn something: GNUnet tries to achieve at
> least three goals at the same time that are not perfectly understood
> and should rather be treated individually:
>
>  - anonymity
>  - censor resistance
>  - high-performance document distribution

Performance is a secondary goal to the first 2 in GNUnet.  The first
2 are related so I'm not sure how or why they need to be treated
separately.


> Also, don't the shortcomings of mix networks also apply to Freenet- /
> GNUnet-style anonymization schemes?

> I suspect that no matter what (existing) adversary
> model you pick, plugging a good mix network into your design on the
> transport layer gives you the highest anonymity possible.

I don't know how GNUnet's architecture compares to mix networks.
I *do* know that GNUnet attempts to protect against traffic analysis.
If you think mix networks are better, they better have good
protection against traffic analysis.  Can you point us to any
good URLs or papers on how mix networks protect against traffic
analysis?

Chris
___
p2p-hackers mailing list
[EMAIL PROTECTED]
http://zgp.org/mailman/listinfo/p2p-hackers
___
Here is a web page listing P2P Conferences:
http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences

- End forwarded message -
-- 
Eugen* Leitl http://leitl.org";>leitl
__
ICBM: 48.07078, 11.61144http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
http://moleculardevices.org http://nanomachines.net


pgp0hdgrRZzT3.pgp
Description: PGP signature

[p2p-hackers] MixMinion vs. onion routing & GNUnet question (fwd from fis@wiwi.hu-berlin.de)

[Eugen Leitl]

- Forwarded message from [EMAIL PROTECTED] -

From: [EMAIL PROTECTED]
Date: Mon, 8 Nov 2004 11:14:49 +0100
To: "Peer-to-peer development." <[EMAIL PROTECTED]>
Subject: [p2p-hackers] MixMinion vs. onion routing & GNUnet question
Reply-To: "Peer-to-peer development." <[EMAIL PROTECTED]>


[EMAIL PROTECTED] writes:
> From: [EMAIL PROTECTED]
> Date: Fri, 5 Nov 2004 21:24:14 -0800
> Subject: [p2p-hackers] MixMinion vs. onion routing & GNUnet question
> 
[...]
> GNUnet seems like a very good project.  Probably the
> best I've seen.  It is a modular framework so pieces can be
> borrowed and built upon at many levels.

These may be naive questions (I don't know GNUnet too well), but
hopefully I am about to learn something: GNUnet tries to achieve at
least three goals at the same time that are not perfectly understood
and should rather be treated individually:

 - anonymity
 - censor resistance
 - high-performance document distribution

What makes you believe the GNUnet-solution for any of these aims can
be factored out and used somewhere else?

Also, don't the shortcomings of mix networks also apply to Freenet- /
GNUnet-style anonymization schemes?  In Freenet (at least in some
ancient version that I once had a closer look at), I know security is
even worse (though still not too bad in my eyes), because the packets
don't all travel well-specified mix paths but take shortcuts.

To put it more clearly: A network has "perfect anonymity" if any peer
in that network can send and receive (variants: a - send only; b -
receive only) packets without the contents of the packets being
associated with its IP address by the adversary, and it has "high
anonymity" if it has perfect anonymity in every transaction with high
probability.  Then I suspect that no matter what (existing) adversary
model you pick, plugging a good mix network into your design on the
transport layer gives you the highest anonymity possible.

(And at a very good price, too: You can throw more resources at other
design requirements, you get more mature anonymity technology, and you
can profit from improvements in the field without changing your design
at all.)

Of course I'd need to define "good mix network" now.  But perhaps
somebody can already counter or confirm this as is?

 -matthias

___
p2p-hackers mailing list
[EMAIL PROTECTED]
http://zgp.org/mailman/listinfo/p2p-hackers
___
Here is a web page listing P2P Conferences:
http://www.neurogrid.net/twiki/bin/view/Main/PeerToPeerConferences

- End forwarded message -
-- 
Eugen* Leitl http://leitl.org";>leitl
__
ICBM: 48.07078, 11.61144http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
http://moleculardevices.org http://nanomachines.net


pgp6TjZRbjq2s.pgp
Description: PGP signature

Reason on Gilmore VS Ashcroft

[Sunder]

http://www.reason.com/links/links082404.shtml


--Kaos-Keraunos-Kybernetos---
 + ^ + :"Our enemies are innovative and resourceful, and so are we.  /|\
  \|/  :They never stop thinking about new ways to harm our country /\|/\
<--*-->:and our people, and neither do we." -G. W. Bush, 2004.08.05 \/|\/
  /|\  : \|/
 + v + :War is Peace, freedom is slavery, Bush is President.
-

Gilmore VS Ashcroft opens today

[Sunder]

http://www.papersplease.org/gilmore/

In this corner we have John Gilmore. He's a 49 year-old philanthropist who 
lives in San Francisco, California. Through a lot of hard work (and a 
little luck), John made his fortune as a programmer and entrepreneur in 
the software industry. Whereas most people in his position would have 
moved to a tropical island and lived a life of luxury, John chose to use 
his fortune to protect and defend the US Constitution. 

He's challenging the unconstitutionally evil stench of the Asscruftinator!

Who will win?  Place your bets, place your bets, the courtroom showdown
begins today:

http://www.boingboing.net/2004/08/16/john_gilmore_vs_ashc.html

Ding!



--Kaos-Keraunos-Kybernetos---
 + ^ + :"Our enemies are innovative and resourceful, and so are we.  /|\
  \|/  :They never stop thinking about new ways to harm our country /\|/\
<--*-->:and our people, and neither do we." -G. W. Bush, 2004.08.05 \/|\/
  /|\  : \|/
 + v + :War is Peace, freedom is slavery, Bush is President.
-

Re: Anonymity vs reputation question

[Major Variola (ret)]

At 05:57 AM 4/19/04 -0400, An Metet wrote:
>> Is it possible to have a system where nyms can share reputation
without
>> divulging the links between them? That would allow the possibility of
eg.
>> publishing as a "new" identity while still having the "weight" of an
>> already established seasoned professional.
>
>Yes, you can do this, but there are some problems.
>
>First, what is a reputation?  Reputations are in people's minds.  Any
nym
>will have a different reputation with different people.  The only way
>the new nym could have exactly the same reputation with everyone would
>be for it to be explicitly linked to the old nym, defeating the purpose

>of switching.

Reputation requires authentication so you know you're talking to the
same endpoint.
It is easily implemented with a PK signature.  Normally you assume the
IP:port
at the other end remains the same endpoint, but MITM attacks show that
this is an
exploitably false assumption.  IPSec fixes this.

So reputation is not in people's minds, its something that one can
construct
by signing documents with the same key.

A nym is just a token, a string, a handle.  You can make it more by
making it persistant across sessions (ie, keep using the same RSA key
instead of using ephemeral DH or one-time RSA keys to authenticate
a single session.); normally folks do this to accrue reputation as well
as for convenience.  All you need is the same RSA key used above.

You can further concretize a nym by associating it with a human
subject to Men w/ Guns.  But its not necessary, any more than
persistant authentication (reputation) is.  You can use a throw-away
email account, or public key, for each message, thread, clique, etc.



In thinking about how to transfer reputation-credits,
is the Adversary watching any movement on that 'account'?
To use the credits, someone has to talk to a clearing house
(to avoid double-spending)
unless the reputation was on a physical bearer-gizmo like
a secure card.  (Cash or other anon Finder's-Keeper's
bearer bling are the preferred funds transfer mechanism
for identity-change).  I don't see how you can transfer
an unforgable token without some online activity
xor secure physical implementation.

Re: Anonymity vs reputation question

[An Metet]

> Thinking about something, I found an interesting problem. It is possible
> to set up a reputation-based system with nyms, where every nym is an
> identity with attached reputation.
>
> Is it possible to have a system where nyms can share reputation without
> divulging the links between them? That would allow the possibility of eg.
> publishing as a "new" identity while still having the "weight" of an
> already established seasoned professional.

Yes, you can do this, but there are some problems.

First, what is a reputation?  Reputations are in people's minds.  Any nym
will have a different reputation with different people.  The only way
the new nym could have exactly the same reputation with everyone would
be for it to be explicitly linked to the old nym, defeating the purpose
of switching.

Therefore the new nym's reputation will have to be a simple subset of
the reputation of the old nym, in order that many nyms will have equal
reputation and the new one won't be linked.  This suggests a simple
boolean ranking where one or more respected figures can give their
endorsement to a nym, and then the new nym can start up and say that it
is endorsed by so-and-so.  As long as that person gave out quite a few
endorsements then there will not be too much linkage to the old nym.

As someone mentioned, this is the problem which is solved by cryptographic
credentials, like those of Chaum or Brands.  The "reputation judge"
gives out an endorsement credential to those nyms he deems worthy; then
through various cryptographic techniques these credentials can be shown
by the new nyms.

A simple version of this would be to use the same Chaum blind signatures
that are used for ecash.  When the reputation judge gives out the
credential, in addition to signing the nym, he also issues a blind
signature on a blinded identity offered by the nym owner.  The judge
can't see what nym he is signing, but later that nym can show that its
identity is signed by the reputation judge.  Brands credentials basically
work this same way.

A problem with this is that only one new nym gets endorsed, so the
holder can only switch identities once.  To fix this, the judge could
issue several blind signatures, say about 5, which would accommodate
that many identity switches.

An even simpler approach would be for the reputation judge to create a
common public key to be used as a signing key by everyone he endorses.
When he endorses someone he reveals to them, privately, the secret key
used to sign with the common public key.  Then all nyms who have received
the endorsement can sign with the common key in addition to their own.
When the nym switches identities he still knows the common signing key
and can sign with it along with the new nym.

The problem with this class of systems is that if anyone leaks the common
private key, then the security of the endorsement is lost and anyone
can pretend to be endorsed.  A similar flaw with the previous proposal
is that if someone gets several blind endorsements, they might give some
away or sell some, and the new buyers might misuse them, cheapening the
value of the endorsement.

Yet another method, good if there aren't more than a dozen or so nyms
which are endorsed, is to use a ring or group signature.  The reputation
judge publishes a list of keys that he endorses, and then anyone on the
list can make a signature which can be verified as coming from one of
the keys, but there is no way to tell which one made it.

This has a security problem similar with the 2nd approach, that someone
on the list could secretly give away his private key to other people,
and they could sign bad messages, with no way to tell which person
on the list created them.  The reputation judge could address this by
withdrawing his endorsement of the last few list members, and seeing if
the problem goes away, but it would be a complicated and messy situation.

Re: Anonymity vs reputation question

[Marcel Popescu]

From: "Thomas Shaddack" <[EMAIL PROTECTED]>

> Is it possible to have a system where nyms can share reputation without
> divulging the links between them? That would allow the possibility of eg.
> publishing as a "new" identity while still having the "weight" of an
> already established seasoned professional.

Yes, I'm pretty sure Brands' certificates can be used for something like
this - AFAICR, you could prove one relevant attribute (reputation on list X)
without making it possible to link it with anything else (nym).

Mark

Anonymity vs reputation question

[Thomas Shaddack]

Thinking about something, I found an interesting problem. It is possible
to set up a reputation-based system with nyms, where every nym is an
identity with attached reputation.

The problem is, a nym that exists for a long time can get its anonymity
partially or fully compromised. Abandonment of the nym and using a blank
one leads to loss of the reputation and related credibility.

Is it possible to have a system where nyms can share reputation without
divulging the links between them? That would allow the possibility of eg.
publishing as a "new" identity while still having the "weight" of an
already established seasoned professional.

I suppose this problem is already known and maybe even solved. Am I
correct?

Utah vs. first amendment, global 'net, cookies

[Major Variola (ret.)]

(I'm not defending hostile spyware but there are problems with the
law..)


http://www.pcworld.com/news/article/0,aid,115527,00.asp

Tom Spring, PC World
Friday, April 02, 2004

Utah has become the first state to make spyware a crime, passing a law
that makes it illegal to install such programs on a PC without approval.

Starting in early May, violators face a fine of $10,000 per incident,
under the new Spyware Control Act. The Utah law aims to regulate the use
of spyware and other advertising software, which is infamous for
annoying computer users by tracking and reporting their Web whereabouts
and displaying ads.

A software company that wants to load a surveillance program onto a Utah
user's PC must make full disclosure, under the law. It must reveal what
user behavior its software records, what information goes back to a
central server, how often ads will appear, and how the ads look. Vendors
must also clearly state the purpose of the downloaded software and any
changes it makes to a PC's system.



Opponents say the Spyware Control Act is a legal threat to a technology
company's right to innovate. Hackett says the Utah law could be
interpreted to ban free ad-sponsored software, and perhaps even threaten
common e-mail programs that track when and which messages are delivered.

State Rep. Urquhart says the law will let a Utah firm sue a spyware
company that doesn't follow the Spyware Control Act, when its program
displays ads on the Web site of a Utah-based business. He also says the
act will help protect consumers by forcing spyware companies to be more
upfront about their software.

[Remops] Comparison between two practical mix designs (Mixmaster vs. Reliable) (fwd from peter@palfrader.org)

[Eugen Leitl]

- Forwarded message from Peter Palfrader <[EMAIL PROTECTED]> -

From: Peter Palfrader <[EMAIL PROTECTED]>
Date: Tue, 30 Mar 2004 15:30:03 +0200
To: [EMAIL PROTECTED]
Subject: [Remops] Comparison between two practical mix designs (Mixmaster
vs. Reliable)
User-Agent: Mutt/1.5.5.1+cvs20040105i

Hi,

you may be interested in a paper by Claudia Diaz, Len Sassaman, and
Evelyne Dewitte.  Evelyne is a statistician and Claudia an anonymity
researcher, both at the University of Leuven, Belgium.

Abstract:

We evaluate the anonymity provided by two popular email mix implementations,
Mixmaster and Reliable, and compare their effectiveness through the use of
simulations which model the algorithms used by these mixing applications. In
order to draw accurate conclusions about the operation of these mixes, we use
as our input to these simulations actual traffic data obtained from a public
anonymous remailer (mix node). We determine that assumptions made in previous
literature about the distribution of mix input traffic are incorrect, and our
analysis of the input traffic shows that it follows no known distribution. We
establish for the first time that a lower bound exists on the anonymity of
Mixmaster, and discover that under certain circumstances the algorithm used by
Reliable provides no anonymity. We find that the upper bound on anonymity
provided by Mixmaster is slightly higher than that provided by Reliable. We
identify flaws in the software code in Reliable that further compromise its
ability to provide anonymity, and review key areas which are necessary for the
security of a mix in addition to a sound algorithm. Our analysis can be used to
evaluate under which circumstances the two mixing algorithms should be utilized
to best achieve anonymity and satisfy their purpose. Our work can also be used
as a framework for establishing a security review process for mix node
deployments.

The full paper can be found at http://www.abditum.com/~rabbi/mixvreliable.pdf
Note that this is still a draft.

-- 
Stats, Metastats, All Pingers' List, RemSaint, Keyrings:
  http://www.noreply.org/
Echolot - a pinger for Anonymous Remailers - http://www.palfrader.org/echolot/



___
Remops mailing list
[EMAIL PROTECTED]
http://freedom.gmsociety.org/mailman/listinfo/remops


- End forwarded message -
-- 
Eugen* Leitl http://leitl.org";>leitl
__
ICBM: 48.07078, 11.61144http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
http://moleculardevices.org http://nanomachines.net


pgp0.pgp
Description: PGP signature

Re: corporate vs. state

[R. A. Hettinga]

At 7:20 AM + 3/26/04, Justin wrote:
>Those "nasty latin words" are "ceteris paribus".

Thank you.

On a network full of experts the price of error is bandwidth.

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: corporate vs. state

[R. A. Hettinga]

At 11:44 AM + 3/26/04, Anonymous via panta wrote:
> three rounds in the base of Bob Hettinga's geodesic skull

Glock for the bed. AR for the Closet. Mossberg for the door?

:-).

Collective punishment, indeed...

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: corporate vs. state

[mfidelman]

On 26 Mar 2004, Frog wrote:

> Harmon Seaver wrote:
> 
> >  If a "voluntary association" injures me, 
> 
> Associations - corporate or otherwise - are abstract, intangible
> entities.  They don't perform actions.  People do.

Corporations act as "legal persons" - they can enter into contracts, own 
assetts, sue people, etc.  

The problem emerges when a corporation enters into battle with an 
individual - it's pretty hard to fight a lawsuit when the "person" on the 
other side of the table has billions of dollars, thousands of lawyers, and 
is willing and able to protract the battle over dozens of years.  It's 
even worse when your opponent has the resources to lobby to change laws.

Can you say RIAA?

Re: corporate vs. state

[Anonymous via panta]

Harmon Seaver wrote:
> > >If a member of a club, to which you belong, commits an act of
> > > violence, are you liable for that act?
>
>No, but if the "club", as an entity, does such, you should be. If
> the corporation pollutes, all and sundry owners and employees should
> be equally liable. Or maybe liability adjusted to investment or wage,

What exactly do you mean when you say that the club "as an entity" commits an act?  
That the club/corporation assembled its members into some kind of Voltron 
super-mecha-bot, which went on a rampage through the rainforests of Tokyo?

A corporation is not a physical entity.  It is abstract, a name for a group of people. 
 A corporation can no more act as an entity, than "cybershamanix.com" or "Islam" or 
"the cypherpunk movement".  Employees or members of those groups can act; people can 
claim to act "in the name of" those groups.  But that is not the same thing as the 
group itself acting as an entity.

What you really mean is that if some employees of a corporation commit a crime, you'd 
like to see the other employees punished also.  Guilt by association.

Many in the US government are pushing the idea that an abstract entity is a concrete 
being that can commit crimes and be punished.  And not just the War On Terror; all 
these "conspiracy to provide material support" and "jihad training" charges are about 
building a case against some arbitrary group, and then arguing that the accused is 
liable for crimes committed by others associated with that group.

When Tim May puts three rounds in the base of Bob Hettinga's geodesic skull, the feds 
kicking in your door will tell you that The Cypherpunks did it.  Be sure to remind 
them that you deserve equal punishment.

> i.e., the biggest stockholders and highest paid employees get the
> longest sentences. The concept that no one is actually responsible
> for the criminal acts of a corporation is patently absurd. 

"limited liability" doesn't shield employees or agents of a company from punishment 
for crimes they commit.  It serves to prevent one employee from being punished for the 
actions of another.

Re: corporate vs. state

[Justin]

R. A. Hettinga (2004-03-26 02:20Z) wrote:
> blah blah (those nasty latin words ceterus paribus) blah blah

Those "nasty latin words" are "ceteris paribus".

-- 
That woman deserves her revenge... and... we deserve to die.
 -- Budd, "Kill Bill Vol. 1"

Re: corporate vs. state

[Harmon Seaver]

On Thu, Mar 25, 2004 at 09:43:53PM -0800, Major Variola (ret) wrote:
> 
> At 12:39 AM 3/26/04 -, Frog wrote:
> >Harmon Seaver wrote:
> >>  each and every person involved in it should be liable.
> >
> >If a member of a club, to which you belong, commits an act of violence,
> are you liable for that act?
> 

   No, but if the "club", as an entity, does such, you should be. If the
corporation pollutes, all and sundry owners and employees should be equally
liable. Or maybe liability adjusted to investment or wage, i.e., the biggest
stockholders and highest paid employees get the longest sentences. 
   The concept that no one is actually responsible for the criminal acts of a
corporation is patently absurd. It means that they only recourse for justice is
thru anarchistic action, guerilla warfare, and constant terrorism. Essentially a
return to the dark ages -- just as we now see before us.


-- 
Harmon Seaver   
CyberShamanix
http://www.cybershamanix.com

Re: corporate vs. state, TD's education

[Bob Jonkman]

This is what Major Variola (ret) <[EMAIL PROTECTED]> said
about "corporate vs. state, TD's education" on 25 Mar 2004 at 9:16

> Get this through your head: a corporation can't initiate force against
> you. You may not like their product, practices, or price, but no one
> is coercing you at gunpoint.
> 

Maybe in the good ol' USA, but apparently not so elsewhere.  The 
following quote is from a CBC radio show, "Dispatches", about 3/4 
down the page at http://www.cbc.ca/dispatches/thisseason.html

= Start quote =

"In the Congo,...a mining company can pay its taxes and fees to the 
local warlord, knowing full well that the money will be used to arm 
guerillas and kill more people. All perfectly legal. All perfectly 
immoral."

That's a passage from the new book, "Making A Killing: How And Why 
Corporations Use Armed Force To Do Business."

Canadian author Madelaine Drohan has examined the corporate use of 
violence and private militias down through the years, and concludes, 
"you can't trust corporations to wield armed force."

While the cases she documents are all in Africa, in our interview she 
reminds us that Canada was opened up by British fur companies 
operating on the same principle.

= End quote =

The RealAudio transcript is at 
http://www.cbc.ca/dispatches/audio/031022_drohan.rm


-- -- -- --
Bob Jonkman <[EMAIL PROTECTED]>  

Re: corporate vs. state

[Major Variola (ret)]

At 12:39 AM 3/26/04 -, Frog wrote:
>Harmon Seaver wrote:
>>  each and every person involved in it should be liable.
>
>If a member of a club, to which you belong, commits an act of violence,
are you liable for that act?

Excellent question.  The gestap^H^H^H^H Feds think you are --membership
in a group, some of the members of which perform violence, can get
you RICOd etc.  A rather clever form of intimidation on their part,
don't you think?

Of course, the reverse might also be applied.  Your ordinary govt clerk
might be
liable for the actions of her employer.

Is "just following orders" a legit defense?

Re: corporate vs. state, TD's education

[Harmon Seaver]

On Thu, Mar 25, 2004 at 11:46:29PM +, Justin wrote:
> 
> Why should it be impermissible for corporations to be "persons" under
> the law when parents can be "persons" on behalf of their minor children?

   Why should they be?

> 
> In both situations, one or more people are "persons" only to represent
> others.  Does a parent have any more right to act on behalf of others
> than a company does?
> 
> -- 

   No, why should they? 

-- 
Harmon Seaver   
CyberShamanix
http://www.cybershamanix.com

Re: corporate vs. state

[R. A. Hettinga]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

At 8:59 PM -0500 3/25/04, R. A. Hettinga wrote:
>Boom. An anonymously-voted limited liability business entity.
>
>Look, ma. No state.

Oh. One more thing.

It'll *never* happen until the risk-adjusted (those nasty latin words
ceterus paribus) cost of doing so is *significantly* cheaper than
doing so with lawyers, legislatures and a monopoly composed of lots
of guys with guns.

Fine. Make it cheaper. Moore's Law creates geodesic networks, so
let's have geodesic internet bearer transactions.

I always throw around "three orders of magnitude" (divide the cost by
a thousand, for you philosophy majors out there :-)) as a WAG. It's
the price-point where I would wager that if functionally anonymous
bearer transactions were that cheap, for the same level of risk, that
book-entry transactions would go the way of the intaglio bearer bond,
armored transport of same, and clearing house vaults as a percentage
of modern total transactions by transaction count and dollar volume.

Cheers,
RAH

-BEGIN PGP SIGNATURE-
Version: PGP 8.0.3

iQA/AwUBQGOTdMPxH8jf3ohaEQLqXACgiX2eC2A/1Xf4DkuND8c4bRHlqh8AniZM
iqYVYT+FN2U5RhXar8V7SvBG
=pRTZ
-END PGP SIGNATURE-

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: corporate vs. state

[R. A. Hettinga]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

First off, yes, corporations are creatures of the state. So, what
else is new?

They are an easy way to achieve limited liability. In the UK after
the South Sea Bubble popped (and in France, after the same thing
happened to the Mississippi Company did the same, see "Millionaire",
the story of John Law and the first central bank in France), they
banned joint stock companies and had to jump through many hoops to
get the same effect involving limited liability partnerships (trusts)
of various kinds.

After the US started to kick everyone's butt, the LSE and the Paris
Bourse woke up and changed the law.

Limited liability, fungible equity shares and efficient secondary
markets are still necessary if you want to raise lots of money to do
things with.

So far.

:-).

Cypherpunks are about using cryptography and code to replace law and
force-monopoly.

The way to do limited liability with financial cryptography is, of
course, fairly trivial in theory, and maybe we'll get to practice it
someday.

You do a Shamir secret-spilt of a key with m-of-n copies, and set n
to be a majority of m. Vote that key with a board, and you have a
board vote. Vote one or several keys to elect the board using
something like a zero-knowledge proof of knowledge with your
blind-signature bearer certificates to claim your key-pieces
according to the amount of shares you have.

Boom. An anonymously-voted limited liability business entity.

Look, ma. No state.

Kewl.

Cheers,
RAH

-BEGIN PGP SIGNATURE-
Version: PGP 8.0.3

iQA/AwUBQGOOdMPxH8jf3ohaEQIrKACgx1DycYtHxhjGAkQf0dr4xfhbMD4AoKfA
0bRl1o6zzdaD0euagd0RW6Yq
=Lxzq
-END PGP SIGNATURE-

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: corporate vs. state

[Frog]

Harmon Seaver wrote:

>  If a "voluntary association" injures me, 

Associations - corporate or otherwise - are abstract, intangible entities.  They don't 
perform actions.  People do.

>  each and every person involved in it should be liable. 

If a member of a club, to which you belong, commits an act of violence, are you liable 
for that act?

Re: corporate vs. state, TD's education

[Justin]

Harmon Seaver (2004-03-25 23:06Z) wrote:

> On Thu, Mar 25, 2004 at 05:27:14PM -0500, [EMAIL PROTECTED] wrote:
> > 
> > On Thu, 25 Mar 2004, Harmon Seaver wrote:
> > 
> > >Nonsense -- corporations are not humans, they have zero rights.
> > 
> > Unfortunately, there are a whole slew of Supreme Court decisions that say 
> > otherwise - mostly applying the 14th amendment (you know, freeing the 
> > slaves) to grant free speech and other constitutional protections to 
> > corporations.
> 
>Correct, that is unfortunate -- and it certainly is additional evidence (as
> if anyone needed more) that the Supremes are just another criminal gang. 

Why should it be impermissible for corporations to be "persons" under
the law when parents can be "persons" on behalf of their minor children?

In both situations, one or more people are "persons" only to represent
others.  Does a parent have any more right to act on behalf of others
than a company does?

-- 
That woman deserves her revenge... and... we deserve to die.
 -- Budd, "Kill Bill"

Re: corporate vs. state, TD's education

[Justin]

[EMAIL PROTECTED] (2004-03-25 22:27Z) wrote:

> 
> On Thu, 25 Mar 2004, Harmon Seaver wrote:
> 
> >Nonsense -- corporations are not humans, they have zero rights.
> 
> Unfortunately, there are a whole slew of Supreme Court decisions that say 
> otherwise - mostly applying the 14th amendment (you know, freeing the 
> slaves) to grant free speech and other constitutional protections to 
> corporations.

"Persons", not "humans".  Nobody has ever claimed that corporations are
human.

-- 
That woman deserves her revenge... and... we deserve to die.
 -- Budd, "Kill Bill"

Re: corporate vs. state

[Harmon Seaver]

On Thu, Mar 25, 2004 at 02:42:13PM -0800, Major Variola (ret) wrote:
> 
> 2. Humans don't lose their rights when they form voluntary associations.
> 
> That's all the corporate decisions are saying.
> 
Humans don't lose their rights, but they also shouldn't lose their
responsibility either. If a "voluntary association" injures me, each and every
person involved in it should be liable. 


-- 
Harmon Seaver   
CyberShamanix
http://www.cybershamanix.com

Re: corporate vs. state, TD's education

[Harmon Seaver]

On Thu, Mar 25, 2004 at 05:27:14PM -0500, [EMAIL PROTECTED] wrote:
> 
> On Thu, 25 Mar 2004, Harmon Seaver wrote:
> 
> >Nonsense -- corporations are not humans, they have zero rights.
> 
> Unfortunately, there are a whole slew of Supreme Court decisions that say 
> otherwise - mostly applying the 14th amendment (you know, freeing the 
> slaves) to grant free speech and other constitutional protections to 
> corporations.

   Correct, that is unfortunate -- and it certainly is additional evidence (as
if anyone needed more) that the Supremes are just another criminal gang. 



-- 
Harmon Seaver   
CyberShamanix
http://www.cybershamanix.com

Re: corporate vs. state

[Major Variola (ret)]

At 05:27 PM 3/25/04 -0500, [EMAIL PROTECTED] wrote:
>On Thu, 25 Mar 2004, Harmon Seaver wrote:
>
>>Nonsense -- corporations are not humans, they have zero rights.
>
>Unfortunately, there are a whole slew of Supreme Court decisions that
say
>otherwise - mostly applying the 14th amendment (you know, freeing the
>slaves) to grant free speech and other constitutional protections to
>corporations.

1. The 14th says that anything Congress is prohibited from doing, states

(and other local govs) are too.  Slavery is merely a historical aside.
(Were the 14th not there, California could ban speech, support
religions, deny the right to keep and bear arms..)

2. Humans don't lose their rights when they form voluntary associations.

That's all the corporate decisions are saying.

Unfortunately, the *opposite* is practiced.  I, as an individual, can
choose
not to hire , but a group of people together are threatened
with violence should they care to choose similarly.

Freedom isn't being able to do what you like, it's allowing someone else

to do or say something you hate and supporting their right to do so.
Marshall Clow

Re: corporate vs. state, TD's education

[mfidelman]

On Thu, 25 Mar 2004, Harmon Seaver wrote:

>Nonsense -- corporations are not humans, they have zero rights.

Unfortunately, there are a whole slew of Supreme Court decisions that say 
otherwise - mostly applying the 14th amendment (you know, freeing the 
slaves) to grant free speech and other constitutional protections to 
corporations.

RE: corporate vs. state

[Major Variola (ret)]

At 02:02 PM 3/25/04 -0500, Tyler Durden wrote:
>Think I'm gonna have to disagree with ya' hear partner.
>For one, in the old days Corporations regularly hired goons to mow down

>striking coalminers and whatnot.

You have no right to trespass simply because you once worked there.

Neither does anyone have a right to unreasonable force.

>OK, those days are all gone, right? Wrong. Halliburton and Bechtel have
both
>hired mercs for their Iraq operations.

Who gives a rat's ass about what someone does in a foreign land?
US law only applies in the US, despite the current US Regime's
behavior to the contrary.

And BTW, what is wrong with hired police ("mercs") esp. when the local
police don't work?   Do you have a problem with private security guards
in the US, as long as
they don't involve you in unconsensual transactions?  Do you have a
problem
with weaponsbearing citizens, again, if they don't involve you in
unconsensual transactions?

Note that if some company makes enemies overseas, its not the US as a
whole
that has earned the airplane-in-the-skyscraper feedback.   Its the
official US regime behavior that Gen. Washington warned about: Trade
with all, make treaties with none, and beware of foreign entanglements.


>However, a corporation doesn't actually have to hire the goons these
days in
>order to get the job done, not when it's much cheaper to call upon the
>publically-available pool of goons that function as a government in
some
>places.

Anyone who abuses the power of the (gullible) State to coerce others
deserves killing.

The fact that some corporations may leverage existing thuggery to
>get their job done doesn't make them any less complicit. But this is
all
>besides my main point...

Its not thuggery to protect your own property or freedoms.  If someone
is guilty of true thuggery --ie coercion-- then the State is obligated
to act to protect the thuggees.  The State only gets involved when a
transaction is not mutually consensual; if the State gets involved in
mutually consensual transactions the State deserves killing -er,
preemptive regime change.

Re: corporate vs. state, TD's education

[Harmon Seaver]

On Thu, Mar 25, 2004 at 02:02:25PM -0500, Tyler Durden wrote:
> 
> >Get this through your head: a corporation can't initiate force against
> >you.
> >You may not like their product, practices, or price, but no one is
> >coercing you at gunpoint.
> 
> Think I'm gonna have to disagree with ya' hear partner.
> For one, in the old days Corporations regularly hired goons to mow down 
> striking coalminers and whatnot.
> 
   That's for sure -- you should read the history of the strike back around the
early 1900's on Minnesota's Iron Range. The goons would surround a whole small
town, then go from house to house beating *everyone*, even children, with
axehandles. Killed a lot of people too. 


> OK, those days are all gone, right? Wrong. Halliburton and Bechtel have 
> both hired mercs for their Iraq operations. (In fact, I was on a call a 
> couple of weeks ago where a Halliburton official was describing the 
> casualties they take on a regular basis. These don't get reported much in 
> the news, though, for obvious reason...)
> 
   Not to mention all the goons they still hire all over the 3rd world to break
strikes, kill organizers and labor leaders, etc. 


> However, a corporation doesn't actually have to hire the goons these days 
> in order to get the job done, not when it's much cheaper to call upon the 
> publically-available pool of goons that function as a government in some 
> places. The fact that some corporations may leverage existing thuggery to 
> get their job done doesn't make them any less complicit. But this is all 
> besides my main point...
> 
> 
> >PS: you are a corporation, I am a corporation, together we could
> >be a corporation, with 100K others we could be too.  Doesn't
> >matter; all have the same rights to act, and be left alone.

   Nonsense -- corporations are not humans, they have zero rights. Together we
could be a partnership, with 100K others we could be a partnership as
well. Corporations where the owners (shareholders) and employees are not liable
for the crimes and debts of the corp should be illegal. And there's nothing at
all socialistic or statist about that -- in fact, it's more that corporations
require statism to even exiest. 
   

> 
> Well, this is where I suspect a little knee-jerk. I'm no socialist: in no 
> way am I saying that "Corporations are inherently evil". (In fact, I'm 
> hoping to continue profiting admirably as the result of my participation in 
> the capitalist system.) What I think bares investigation is whether or not, 
> here in the US, a subset of the big corporations are so tied in with the 
> political engine as to be complicit in the violations we both agree are 
> occurring.
> 
> As Max said so eloquently, this is not to imply that "we should make some 
> laws and eliminate these big evil corporations". Or maybe it is (I 

Why not? If Thomas Jefferson and George Washington had their way,
corporations would be illegal in the US. 



-- 
Harmon Seaver   
CyberShamanix
http://www.cybershamanix.com

RE: corporate vs. state, TD's education

[Tyler Durden]

Ah Variola...do I detect a wee bit of Knee-jerk in your otherwise 
consistently iconoclastic views? Let's take a looksee...

Get this through your head: a corporation can't initiate force against
you.
You may not like their product, practices, or price, but no one is
coercing you at gunpoint.
Think I'm gonna have to disagree with ya' hear partner.
For one, in the old days Corporations regularly hired goons to mow down 
striking coalminers and whatnot.

OK, those days are all gone, right? Wrong. Halliburton and Bechtel have both 
hired mercs for their Iraq operations. (In fact, I was on a call a couple of 
weeks ago where a Halliburton official was describing the casualties they 
take on a regular basis. These don't get reported much in the news, though, 
for obvious reason...)

However, a corporation doesn't actually have to hire the goons these days in 
order to get the job done, not when it's much cheaper to call upon the 
publically-available pool of goons that function as a government in some 
places. The fact that some corporations may leverage existing thuggery to 
get their job done doesn't make them any less complicit. But this is all 
besides my main point...


PS: you are a corporation, I am a corporation, together we could
be a corporation, with 100K others we could be too.  Doesn't
matter; all have the same rights to act, and be left alone.
Well, this is where I suspect a little knee-jerk. I'm no socialist: in no 
way am I saying that "Corporations are inherently evil". (In fact, I'm 
hoping to continue profiting admirably as the result of my participation in 
the capitalist system.) What I think bares investigation is whether or not, 
here in the US, a subset of the big corporations are so tied in with the 
political engine as to be complicit in the violations we both agree are 
occurring.

As Max said so eloquently, this is not to imply that "we should make some 
laws and eliminate these big evil corporations". Or maybe it is (I 
dunno...I'm a stoopid Cypherpunk...). But I don't think it's inherently 
inconsistent to point out that there may be a direct correlation between the 
activities of our particular State and the interests of a subset of Large, 
Old-money-dominated US Coporations.

-TD







>In fact, it's easy to argue that the
>current Oil Crusade in Iraq is precisely for the purpose of protecting
a set
>of dinosaur industries in the US. That's not the kind of capitalism I
think
>most Cypherpunks espouse.
The state can legitimately only use taxpayers' armies to defend citizens
in the
country, not other countries, not its perceived-by-some self-interest,
not
corporations.  All the oil colonialism is illegitimate for that reason,
as well
as illegal as Congress has not declared war.


_
Get reliable access on MSN 9 Dial-up. 3 months for the price of 1! 
(Limited-time offer) 
http://join.msn.com/?page=dept/dialup&pgmarket=en-us&ST=1/go/onm00200361ave/direct/01/

corporate vs. state, TD's education

[Major Variola (ret)]

At 10:26 AM 3/25/04 -0500, Tyler Durden wrote:
>I also think that some cypherpunks mistake the Corporate State for what
has
>been described as Crypto-Anarchy.

Get this through your head: a corporation can't initiate force against
you.
You may not like their product, practices, or price, but no one is
coercing you at gunpoint.

The state, on the other hand, is entirely based on coercion.

If you can't appreciate this, you'll be hopelessly inconsistant.

PS: you are a corporation, I am a corporation, together we could
be a corporation, with 100K others we could be too.  Doesn't
matter; all have the same rights to act, and be left alone.


>In fact, it's easy to argue that the
>current Oil Crusade in Iraq is precisely for the purpose of protecting
a set
>of dinosaur industries in the US. That's not the kind of capitalism I
think
>most Cypherpunks espouse.

The state can legitimately only use taxpayers' armies to defend citizens
in the
country, not other countries, not its perceived-by-some self-interest,
not
corporations.  All the oil colonialism is illegitimate for that reason,
as well
as illegal as Congress has not declared war.

Re: MannWorld vs. BrinWorld

[Major Variola (ret)]

At 09:30 PM 3/22/04 -0600, Harmon Seaver wrote:
>On Mon, Mar 22, 2004 at 09:12:34PM -0500, An Metet wrote:
>>
>> Robert Hettinga forwards:
>> > By concentrating sensing and data storage on the body, a wearable
>> > computer allows its user to ``control his own butt.''  The user
>>
>> What the hell does this have to do with cypherpunks?
>
>   What the fuck rock did you crawl out from under?
>

Seconded, Harmon.  CP has long included privacy (ie control, aka
personal
infosec) as a topic.  And the use and abuse of wireless tracker^H^H^H^H
cellphones
(and what they will morph into) is a legit socio-tech topic which can
draw heavily on crypto.

And the other thread, s*veillance (ie reverse-panopticon) is completely
on target.
Again, the core idea being privacy.Something for which crypto was
invented.

Keep 'em coming Bob.

Re: MannWorld vs. BrinWorld

[Harmon Seaver]

On Mon, Mar 22, 2004 at 09:12:34PM -0500, An Metet wrote:
> 
> Robert Hettinga forwards:
> > By concentrating sensing and data storage on the body, a wearable
> > computer allows its user to ``control his own butt.''  The user
> > determines when and where his gas is released and how much to trust
> > the noses around him.  For example, when a wearable user
> > enters work in the morning, he may instruct his butt to inform his
> > office of his arrival so that his office locks his door or starts an
> > air freshener.  However, the user would probably tell his wearable not
> > to share his odors with billboards he walks past to avoid the sort
> > of targeted advertising portrayed in the film ``Minority Report.''  Of
> > course, some bargain hunters may choose to share their gas with
> > advertisers to obtain better deals, much like clearing out customers
> > from today's grocery stores.
> 
> What the hell does this have to do with cypherpunks?

   What the fuck rock did you crawl out from under?

Re: MannWorld vs. BrinWorld

[R. A. Hettinga]

At 9:12 PM -0500 3/22/04, An Metet wrote:
>What the hell does this have to do with cypherpunks?

Um, biometrics?

:-)

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: MannWorld vs. BrinWorld

[An Metet]

Robert Hettinga forwards:
> By concentrating sensing and data storage on the body, a wearable
> computer allows its user to ``control his own butt.''  The user
> determines when and where his gas is released and how much to trust
> the noses around him.  For example, when a wearable user
> enters work in the morning, he may instruct his butt to inform his
> office of his arrival so that his office locks his door or starts an
> air freshener.  However, the user would probably tell his wearable not
> to share his odors with billboards he walks past to avoid the sort
> of targeted advertising portrayed in the film ``Minority Report.''  Of
> course, some bargain hunters may choose to share their gas with
> advertisers to obtain better deals, much like clearing out customers
> from today's grocery stores.

What the hell does this have to do with cypherpunks?

MannWorld vs. BrinWorld

[R. A. Hettinga]

A little touchy-feeley and "communitarian" for J. Random Anarcho-capitalist
Cypherpunk :-), but Steve's got a point about geodesic *supervision* of
one's property and person in the defense of same, and not centralized
*surveillance* by citizens by the state for the oppression thereof...

Cheers,
RAH

--- begin forwarded text


From: Steve Mann <[EMAIL PROTECTED]>
Subject: Re: [wearables] Wearable Computers and Privacy (surveillance and...)
To: [EMAIL PROTECTED] (Thad E. Starner)
Date: Wed, 17 Mar 2004 09:38:57 -0500 (EST)
Cc: [EMAIL PROTECTED]
Sender: [EMAIL PROTECTED]

> By concentrating sensing and data storage on the body, a wearable
> computer allows its user to ``control his own bits.''  The user
> determines when and where his data is released and how much to trust
> the infrastructure around him.  For example, when a wearable user
> enters work in the morning, he may instruct his wearable to inform his
> office of his arrival so that his office unlocks his door or starts a
> pot of coffee.  However, the user would probably tell his wearable not
> to share his identity with billboards he walks past to avoid the sort
> of targeted advertising portrayed in the film ``Minority Report.''  Of
> course, some bargain hunters may choose to share their identity with
> advertisers to obtain better deals, much like membership cards in
> today's grocery stores.
..
> By using a combination of physical sensor limitations, legal recourse,


Some of the social, legal, ethical, moral, and policy issues you
raise are very relevant.  In thinking about our recent Special
Issue on cyborglaw, here is a comparison of architecture-based
recording (surveillance) and person-based recording (sousveillance).

You might find this comparison interesting and useful for your
article.

We'd also welcome thoughts from the whole group on this dichotomy:




Surveillance   Sousveillance


God's eye view from above. Human's eye view.
(Authority watching from on-high.) ("Down-to-earth.")

Cameras usually mounted on highCameras down at ground-level,
poles, up on ceiling, etc..e.g. at human eye-level.

Architecture-centered  Human-centered
(e.g. cameras usually mounted on   (e.g. cameras carried or worn
or in structures). by, or on, people).

Recordings made by authorities,Recordings of an activity
remote security staff, etc..   made by a participant in the
   activity.

Note that in most states it's  In most states it's legal to
illegal to record a phone  record a phone conversation of
conversation of which you are  which you are a party.  Perhaps
not a party.  Perhaps the same the same would apply to an
would apply to an audiovisual  audiovisual recording of your own
recording of somebody else's   conversations, i.e. conversations
conversation.  in which you are a party.

Recordings are usually kept in Recordings are often made public
secret.e.g., on the World Wide Web.

Process usually shrouded inProcess, technology, etc., are
secrecy.   usually public, open source, etc..

Panoptic origins, as described Community-based origins, e.g.
by Foucault, originally in the a personal electronic diary,
context of a prison in which   made public on the World Wide Web.
prisoners were isolated from   Sousveillance tends to bring
each other but visible at all  together individuals, e.g. it
times by guards.  Surveillance tends to make a large city
tends to isolate individuals   function more like a small town,
from one another while setting with the pitfalls of gossip, but
forth a one-way visibility to  also the benefits of a sense of
authority figures. community participation.

Privacy violation may go   Privacy violation is usually
un-noticed, or un-checked. immediately evident.  Tends
Tends to not be self-correcting.   to be self-correcting.

It's hard to have a heart-to-heart At least there's a chance you can
conversation with a lamp post, talk to the person behind the
on top of which is mounted a   sousveillance camera.
surveillance camera.

When combined with computers, we   When combined with computers, we
get ubiquitous computing   get wearable computing.
("ubiqcomp") or pervasive  ("wearcomp").  Wearcomp usually
computing ("pervcomp").doesn't require the cooperation
Ubiq./perv. comp. tend to rely on  of any infrastructure in the
cooperation of the infrastructure  environments around us.
in the environments around us.

With surveillant-computing, theWith sousveillant-computing, it
locus of control tends to be with  is possible for the locus o

Re: FCC vs decentralization

[Eugen Leitl]

On Sat, Feb 14, 2004 at 12:34:01PM +1300, Peter Gutmann wrote:

> The RIAA/MPAA and US govt.are working on that.  Stand by.

I mentioned the trend, but the point is that's not there yet. There are other
countries, which will take a lot of talking to and threat of economic
sanctions, before it happens.

Trust-based BlackNets are really hard to penetrate -- you have to gain trust
to join the network. A lot of the nodes will be run by trojaned machines. A
lot of these machines will be run on wireless networks.

Then there's anonymizing traffic remixing, and global anonymized document
storage -- it isn't, but it will be there, by the time the threat becomes
global. At that point a society has to make a watershed decision, whether
it's going police state, or will protect pockets of privacy.

So, no, I'm not over-worried yet.

-- Eugen* Leitl http://leitl.org";>leitl
__
ICBM: 48.07078, 11.61144http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
http://moleculardevices.org http://nanomachines.net


pgp0.pgp
Description: PGP signature

Re: FCC vs decentralization

[Peter Gutmann]

Eugen Leitl <[EMAIL PROTECTED]> writes:
>On Fri, Feb 13, 2004 at 04:36:56PM +0100, Thomas Shaddack wrote:
>> FCC recently mandated fees for Internet radio "broadcasters", based on the
>
>You're hailing from .cz, me from .de. Of what relevance is FCC to us?

The RIAA/MPAA and US govt.are working on that.  Stand by.

Peter.

Re: FCC vs decentralization

[Eugen Leitl]

On Fri, Feb 13, 2004 at 04:36:56PM +0100, Thomas Shaddack wrote:

> FCC recently mandated fees for Internet radio "broadcasters", based on the

You're hailing from .cz, me from .de. Of what relevance is FCC to us?

> number of listeners. However, there are emergent technologies for P2P
> broadcasting, where some of the clients act as broadcasters themselves,
> "retranslating" the stream. This way it may not be technically possible

There's Peercast, but there's also Alluvium:
http://www.theregister.co.uk/content/4/29436.html

Maybe a peerpunk can post a summary, of what's out there?

> for the broadcaster itself to know the number of listeners -> impossible
> to assess the fees -> impossible to getting reliably proved the number of
> listeners to. What can happen then?

Technically (advocatus diaboli, that is), if listeners 
are broadcasters, they need to keep track of
whomever they're broadcasting to, and do the accounting.

Of course this is difficult to enforce, especially if streams cross
jurisdiction compartments. Of course, there is this trend for nivellation,
driven by lobbies 
 
> Similar with FCC decency rules they recently tightened after the
> "Superbowl Boob Incident". How can the FCC execute their jurisdiction over
> a distributed struture, where there is no official registered owner of the
> station? Can they go after the volunteering DJs, or after the listeners?

In theory, yes.
 
> How would look a good, decentralized structure for allowing pseudonymous
> IP stream "broadcast" with minimal resources, the ultimate Internet Pirate
> Radio station?

Lag is no problem, but QoS is. I'm not sure traffic remixing allows for that,
given current prevalence of ADSL and cable modems.

-- Eugen* Leitl http://leitl.org";>leitl
__
ICBM: 48.07078, 11.61144http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
http://moleculardevices.org http://nanomachines.net

FCC vs decentralization

[Thomas Shaddack]

Wondering a little.

FCC recently mandated fees for Internet radio "broadcasters", based on the
number of listeners. However, there are emergent technologies for P2P
broadcasting, where some of the clients act as broadcasters themselves,
"retranslating" the stream. This way it may not be technically possible
for the broadcaster itself to know the number of listeners -> impossible
to assess the fees -> impossible to getting reliably proved the number of
listeners to. What can happen then?

Similar with FCC decency rules they recently tightened after the
"Superbowl Boob Incident". How can the FCC execute their jurisdiction over
a distributed struture, where there is no official registered owner of the
station? Can they go after the volunteering DJs, or after the listeners?

How would look a good, decentralized structure for allowing pseudonymous
IP stream "broadcast" with minimal resources, the ultimate Internet Pirate
Radio station?

Japanese girl VS playboy

[sales]

Content-Type: application/octet-stream;
name=Params.richmedia=yes&Params[6].htm
Content-Transfer-Encoding: base64
Content-ID: 

PGEgdGFyZ2V0PSJfbmV3IiBocmVmPSJodHRwOi8vYWRzLmFzNHgudG1jcy5uZXQvZXZlbnQu
bmcvVHlwZT1jbGljayZGbGlnaHRJRD0zODIwMyZBZElEPTUwOTQyJlRhcmdldElEPTE1Mjcm
U2VnbWVudHM9MTA0MCwxMDc4LDEzMjcsMjA5OSwyMjI3LDUxMDQsNjE0NCw2Mjc4LDY1NTQs
ODExOCw4MjYwLDg4NjYmVGFyZ2V0cz0xMTYwLDE1MjcsNzQzMiZWYWx1ZXM9MzEsNDMsNDgs
NTAsNjAsODAsOTAsMTAxLDExMCwxNTAsMjQ3LDYzOCw3NjIsMTQ5MSwyMTQxLDIyMTAsMjM5
MCwyNDk4LDI1MjIsMjU2MiwyNTY0LDI1NzcsMjYxMiwyNjMzLDI4MjEsMzI5OCw0Mjc0LDQ4
MzgsNDkwNCw0OTcxLDQ5ODksNDk5NSZSYXdWYWx1ZXM9JlJlZGlyZWN0PWh0dHA6Ly8iPjxp
bWcgc3JjPSJodHRwOi8vY3JlYXRpdmVzLmFzNHgudG1jcy5uZXQvZGVmYXVsdEltYWdlLmdp
ZiIgYm9yZGVyPTAgaGVpZ2h0PTEgd2lkdGg9MSBhbHQ9IiI+PC9hPj==

Frum vs. Bovard radio debate on war on terrorism

[Freematt357]

My buddy Jim Bovard debated David Frum on KALW 91.7 FM in San Francisco yesterday. You can listen to the show in RealAudio in the archive section.

Just go to the 1-21-04 Right-wingers debate the "war on terror." David Frum vs. James Bovard.  see: http://www.yourcallradio.org/archive/archive.html

Regards,  Matt Gaylor-

Matt:
This show this morning was a hoot.

http://www.yourcallradio.org

take it easy,
Jim 

Re: Engineers in U.S. vs. India

[ken]

Steve Mynott wrote:

Jim Dixon wrote:

The term 'engineer' is far from precise; in the UK most people who work
with tools can be called engineers but people who write software 
generally
are NOT called engineers. There are further complications: for 
example, in


I have had jobs as a "software engineer" in the UK and since the dot com 
bubble this hasn't been an uncommon job title.

The UK tends to follow US fashions very closely importing in titles like 
CEO and CTO and the term "software engineer" is no different.
Yes, but...

the word "engineer" as used here by most people measns someone who 
fixes machines. If I go to somebody's ofice and they say that I'm 
"the engineer" pride makes me say no. I'm not an engineer, I'm a 
programmer. Different think entirely

If I had to describe what I do I'd call myself a "systems 
programmer", even though that isn't  exactly what my job title is.

I'd avoid the word "engineer" because to most people it implies 
the bloke of the street who knows how to put a replacement PC card 
in, but to a few it implies some professional status and formal 
discipline, neither of which I have had anythign to do with.

Re: Engineers in U.S. vs. India

[Major Variola (ret)]

At 01:27 PM 1/6/04 -0800, Steve Schear wrote:
>Try building and finding a place to launch an amateur rocket (it can be

>done, but now only with the greatest of regulatory red tape).  I did.
Some
>of my group's rockets achieved heights over 100,000 ft (confirmed by
>Edward's AFB radar.)

Yeah, but could they track an IR source :-)

Re: Engineers in U.S. vs. India

[Jim Dixon]

On 7 Jan 2004, Steve Furlong wrote:

> contrary to Jim's statement, Texas does license software engineers. (See
> http://en.wikipedia.org/wiki/Software_engineering .) I don't know if any
> other states license SEs.

Quoting your own source:

"Donald Bagart of Texas became the first professional software engineer in
the U.S. on September 4, 1998 or October 9, 1998. As of May 2002, Texas
had issued 44 professional enginering licenses for software engineers.

"The professional movement has been criticized for many reasons.

"* Licensed software engineers must learn years of physics and
chemistry to pass the exams, which is irrelevant to most software
practitioners."

This is exactly what the ACM gripes about.  In order to use the title
"engineer" in the Great State of Texas you have to pass examinations
relevant to classical engineering (civil, mechanical, etc) but wholly
irrelevant to software engineering.

--
Jim Dixon  [EMAIL PROTECTED]   tel +44 117 982 0786  mobile +44 797 373 7881
http://jxcl.sourceforge.net   Java unit test coverage
http://xlattice.sourceforge.net p2p communications infrastructure

Re: Engineers in U.S. vs. India

[Sarad AV]

--- Jim Dixon <[EMAIL PROTECTED]> wrote:

> Meaning that 150,000 engineers are employed in
> Bangalore?  Does this
> include software engineers, HTML coders,
> programmers, computer scientists?

Computer scientists are very few. Most engineering
colleges and teachers emphasis simple on coding. If
you know c/c++/oracle etc.. and good analytical skills
and communication skills- one can get a job in
bangalore if you have a computer engg. degree.

The math education system from schools to colleges is
pathetic. They simply give us the final formula,they
dont bother to derive the  equation or give any
insight or intution of the problem. Most south indian
students are weak at math.

I see Steve Mynott's comment. Thats the cream,who
usually emigrate. You get to see some of the very
best.

> Does it include say railway engineers, truck
> mechanics, the guy who fixes
> your air conditioning?

no,they don't.These are usual who do diploma. These
people in india  have better practial experience and
aptitude than engineers.
Software engineers are given a proper degree by the
university.

> In the same vein, what does 'techie' mean in the
> article quoted?  When the
> article says that Bangalore has a lead of 20,000
> techies over California,
> exactly what is this supposed to mean?

It would mean that bangalore has around 16000 to 17000
programmers.The other 3000 would be computer
scientists.By computer scientists,I mean those people
who has indepth knowledge of theory of algorithms,more
of theorotical computer science.They can present you
with the final algorithm and all the others have to do
is code it.

Sarath.

__
Do you Yahoo!?
Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes
http://hotjobs.sweepstakes.yahoo.com/signingbonus

Re: Engineers in U.S. vs. India

[Steve Furlong]

On Wed, 2004-01-07 at 18:36, Steve Mynott wrote:
> Jim Dixon wrote:

> > The term 'software engineer' is becoming less common in the States these
> > days.  I have watched the job title wax and wane for more than twenty
> > five years.  I think that it was most fashionable in the early 1980s.
> 
> Any Americans care to comment on this?

In the mid-1980s, the US Department of Defense, at the time the largest
software customer in the world, told its vendors that 10% (I think) of
their software development staff must be software engineers. Along came
the HR fairies with their magic wands and poof! almost all software
developers were software engineers.

The SE job title has ebbed and flowed, as Jim said. It means little
other than "programmer" in the US. As Jim said in another message,
almost all states restrict the use of the term "engineer" to those who
are licensed. But most don't really enforce that rule, so HR departments
are free to give their programming staff the glorious title. However,
contrary to Jim's statement, Texas does license software engineers. (See
http://en.wikipedia.org/wiki/Software_engineering .) I don't know if any
other states license SEs.


Regards,
SRF, degreed Software Engineer (hooray, me)

Re: Engineers in U.S. vs. India

[Steve Mynott]

Jim Dixon wrote:

On Wed, 7 Jan 2004, Steve Mynott wrote:


The term 'engineer' is far from precise; in the UK most people who work
with tools can be called engineers but people who write software generally
are NOT called engineers. There are further complications: for example, in
I have had jobs as a "software engineer" in the UK and since the dot com
bubble this hasn't been an uncommon job title.


Go to Jobserve and count.  I did, about a year ago.  I found 612
references in a 5-day period, as compared with 1651 for Java and 1889
for C++.
What to call people who write software is problematic.

"software engineer" is a job title like "programmer" or "developer" 
(often with senior or junior as a prefix).  Senior meaning that you get 
paid a little more since you have more experience rather than being a 
manager. I never had a programming job where the language was specified 
in the title.  I am talking here of permanent work rather than contract 
style.

Searching on jobserve (the main UK IT job site) I get

3123 hits for developer
2009 engineer
806 software developer
803 software engineer
766 programmer
201 software programmer
So programmer is the unpopular job title not engineer, probably because 
it seems to have a bit of an outdated 1970s punched and magnetic tape 
type reputation.

My point is not that there are no software engineers in the world, but
that the term "engineer" is often used quite loosely and means vastly
different things in different places.
Agreed

The term 'software engineer' is becoming less common in the States these
days.  I have watched the job title wax and wane for more than twenty
five years.  I think that it was most fashionable in the early 1980s.
Any Americans care to comment on this?

You don't understand.  I have never ever heard of any school in the UK or
the United States, no matter how bad, where degrees are routinely and
rather openly sold, or where riots on campus, usually in response to
examinations, frequently involve lethal weapons and deaths.
"Unbelievably bad" means just that.
I think people can still get a good education even in unstable and 
poorer nations.  You don't need to spend many dollars to run Linux and 
print out downloaded PDFs. There were campus deaths in the American and 
French student riots of the late 1960s and early 1970s. Oxford and 
Cambridge Universities openly sell masters degrees.

The examinations systems in many British influenced countries in the 
east resemble 1950s UK ones in their high standards and there doesn't 
seem to be much doubt that British examinations have been dumbed down 
since the 1980s to improve pass percentages.  It doesn't seem to me 
likely a doctor's son in Bangalore is automatically going to get a worse 
education than the average street kid in South Central LA or Hackney.

The Asperger enhanced asian engineering, physics and maths geeks shut in 
their rooms with an internet link won't be the ones running around 
killing people.  They are more likely to be hacking NASA via abuse of 
their local inband trunk signaling and gaining an excellent education in 
C buffers, UNIX and international telecommunications systems.  And 
hopefully subscribing to this list and reading Murray Rothbard.

I am not India-bashing.  I just think that the people who are so concerned
about the threat of India wiping out the US software industry are uhm
let's say a bit unrealistic.  It might be a concern 30 years from now,
although I am skeptical even of that.
Agreed.  They will get a bigger slice of a bigger pie but still a 
smaller serving than the US.

I remember the Americans being scared about the "Japanese Are Coming 
With Their Expert Systems" hype of the early 1980s.  And they never came 
despite many yen being wasted by MITI.  The only currently popular 
Japanese computer language Ruby is pretty much a copy of a European one 
(python).

--
1024/D9C69DF9 Steve Mynott <[EMAIL PROTECTED]>

Re: Engineers in U.S. vs. India

[Jim Dixon]

On Wed, 7 Jan 2004, Steve Mynott wrote:

> > The term 'engineer' is far from precise; in the UK most people who work
> > with tools can be called engineers but people who write software generally
> > are NOT called engineers. There are further complications: for example, in
>
> I have had jobs as a "software engineer" in the UK and since the dot com
> bubble this hasn't been an uncommon job title.

Go to Jobserve and count.  I did, about a year ago.  I found 612
references in a 5-day period, as compared with 1651 for Java and 1889
for C++.

My point is not that there are no software engineers in the world, but
that the term "engineer" is often used quite loosely and means vastly
different things in different places.

> The UK tends to follow US fashions very closely importing in titles like
> CEO and CTO and the term "software engineer" is no different.

The term 'software engineer' is becoming less common in the States these
days.  I have watched the job title wax and wane for more than twenty
five years.  I think that it was most fashionable in the early 1980s.

If it isn't clear, I usually describe myself as a software engineer. I
belong to the ACM (www.acm.org) and follow their articles discussing
software engineering as a profession with a mild interest.

> As for your comments that "my impression is that India has a few
> excellent institutions and a vast number of unbelievably bad schools" I
> suspect this is true but applies equally to the UK and USA and indeed
> any country with a university system.  Neither is graduating from a top
> engineering school such as Stanford any automatic guarantee of quality
> as anyone who has worked with these people knows.

You don't understand.  I have never ever heard of any school in the UK or
the United States, no matter how bad, where degrees are routinely and
rather openly sold, or where riots on campus, usually in response to
examinations, frequently involve lethal weapons and deaths.
"Unbelievably bad" means just that.

I have visited India many times and have spent at least two years there in
total.  I went there of my own free will, travelling.  And I spent enough
time in various places (at least several months each in Calcutta, Delhi,
Bombay, Madras, as well as many smaller and less well-known places) to
have a decent overall understanding of the country.

> India has an excellent tradition in mathematics and some of the best
> software engineers I have worked with in the UK have been Indian
> graduates, since it's the most enterprising and highly qualified ones
> which tend to emigrate.

India tends to stunning extremes.  Many amazingly good mathematicians have
come out of India; my experience is that this is strongly regional, with
the best coming from Bengal in the north and then the Bangalore/
Madras/north of there region in the southeast.

But you have to see those extremes. There is nothing like stepping out of
a Calcutta coffee house, after having a wonderfully intelligent
conversation, into the appalling streets.  I think that any attempt to
describe life in Calcutta as I knew it would be met with disbelief.  Go
there.  Don't stay in a tourist hotel. It takes at least a few weeks for
your eyes to adjust, for you to take in just how very very different the
subcontinent is.  Then you might go a little mad and run away, or you
might just decide that you like the place ;-)

> O Reilly Associates recognise the importance of the Indian market by
> suppplying special low priced editions of their books to the Indian
> market.  They are occasionally available as "grey imports" in the UK.

Yes.  This has been going on for a long long time.  Most major publishers
do it.  I used to buy cheap technical books myself in India, Hong Kong,
Japan, etc.  Although they tend to be out of date, there are often very
good buys.  I still have some on my shelves.

I am not India-bashing.  I just think that the people who are so concerned
about the threat of India wiping out the US software industry are uhm
let's say a bit unrealistic.  It might be a concern 30 years from now,
although I am skeptical even of that.

--
Jim Dixon  [EMAIL PROTECTED]   tel +44 117 982 0786  mobile +44 797 373 7881
http://jxcl.sourceforge.net   Java unit test coverage
http://xlattice.sourceforge.net p2p communications infrastructure

Re: Engineers in U.S. vs. India

[Steve Mynott]

Jim Dixon wrote:

The term 'engineer' is far from precise; in the UK most people who work
with tools can be called engineers but people who write software generally
are NOT called engineers. There are further complications: for example, in
I have had jobs as a "software engineer" in the UK and since the dot com 
bubble this hasn't been an uncommon job title.

The UK tends to follow US fashions very closely importing in titles like 
CEO and CTO and the term "software engineer" is no different.

As for your comments that "my impression is that India has a few 
excellent institutions and a vast number of unbelievably bad schools" I 
suspect this is true but applies equally to the UK and USA and indeed 
any country with a university system.  Neither is graduating from a top 
engineering school such as Stanford any automatic guarantee of quality 
as anyone who has worked with these people knows.

India has an excellent tradition in mathematics and some of the best 
software engineers I have worked with in the UK have been Indian 
graduates, since it's the most enterprising and highly qualified ones 
which tend to emigrate.

O Reilly Associates recognise the importance of the Indian market by 
suppplying special low priced editions of their books to the Indian 
market.  They are occasionally available as "grey imports" in the UK.

--
1024/D9C69DF9 Steve Mynott <[EMAIL PROTECTED]>

Re: Engineers in U.S. vs. India

[Jim Dixon]

On Wed, 7 Jan 2004, Sarad AV wrote:

> > "Today, Bangalore stands ahead of Bay Area, San
> > Francisco and California,
> > with a lead of 20,000 techies, while employing a
> > total number of 1.5 lakh
> > engineers."
>
> I live in bangalore,those figures are correct.

Meaning that 150,000 engineers are employed in Bangalore?  Does this
include software engineers, HTML coders, programmers, computer scientists?
Does it include say railway engineers, truck mechanics, the guy who fixes
your air conditioning?

The term 'engineer' is far from precise; in the UK most people who work
with tools can be called engineers but people who write software generally
are NOT called engineers. There are further complications: for example, in
certain parts of the United States (Texas comes to mind), you cannot
describe yourself as an engineer without being certified as such by the
state.  You can be a mechanical or civil engineer, but not a software
engineer, because there is no relevant test.  One of the consequences of
this is that Texas vastly undercounts its engineers.

The civil/mechanical/etc engineers have lobbied successfully for such
restrictions on the use of the job title in other states (and Canada?).
There are frequent articles in ACM journals complaining about this; people
who have been software engineers for decades are breaking the law if they
describe themselves as such in Texas.

In the same vein, what does 'techie' mean in the article quoted?  When the
article says that Bangalore has a lead of 20,000 techies over California,
exactly what is this supposed to mean?

For years Japan led the world in the use of robots because they counted as
robots devices that were not counted as such in the USA and Europe, simple
pick-and-place arms. I suspect that much the same thing is going on here.

--
Jim Dixon  [EMAIL PROTECTED]   tel +44 117 982 0786  mobile +44 797 373 7881
http://jxcl.sourceforge.net   Java unit test coverage
http://xlattice.sourceforge.net p2p communications infrastructure

Re: Engineers in U.S. vs. India

[Sarad AV]

 
> "Today, Bangalore stands ahead of Bay Area, San
> Francisco and California,
> with a lead of 20,000 techies, while employing a
> total number of 1.5 lakh
> engineers."

I live in bangalore,those figures are correct.


> However, the educational system has to be seen to be
> fully appreciated.
> I spent several months in Calcutta over a couple of
> years.  During at
> least one visit there were riots at the university;
> the papers reported
> bodies hanging from trees.  Many had been shot. 
> Same story: students
> protested because they were stopped from openly
> exchanging papers,
> consulting books, or just chatting with friends
> during examinations.

Lets be a little fair here, just copying and just
chatting during exams are malpractices, the students
have much political support and relegious support in
these places.
As for openly consulting books durin exam,most of the
universities don't conduct open book exams,except may
be at the iit's.Its a malpractice,elsewhere.

The university sends special squads appointed by the
university itself to check exam malpractices, how ever
if the students counter the squad with sickles and
knifes and swords-it becomes a common practice that
the invigilators get armed police protection. So,in a
riot when the students are out to kill,very little can
be done to protect themselves and people sadly,get
killed.

There are a few sensitive spots in india but where I
am and in South India,we had no such encounters as
yet.

 
> Such education as occurred largely involved rote
> learning, often based
> on texts many years out of date.

We learn the fundamentals of enginnering,the basic
books of engg. are always the same,we may miss a few
updates and advances,thats all.

> My impression is that India has a few excellent
> institutions and a vast
> number of unbelievably bad schools.  

We dont the have resources like you have in the U.S.
 
Sarath.

__
Do you Yahoo!?
Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes
http://hotjobs.sweepstakes.yahoo.com/signingbonus

Re: Engineers in U.S. vs. India

[Jim Dixon]

On Tue, 6 Jan 2004, Declan McCullagh wrote:

> http://economictimes.indiatimes.com/articleshow/msid-407043,curpg-3.cms

"Today, Bangalore stands ahead of Bay Area, San Francisco and California,
with a lead of 20,000 techies, while employing a total number of 1.5 lakh
engineers."

ek lakh = 100,000

I am sure that there are a lot of good engineers in India.

However, the educational system has to be seen to be fully appreciated.

When my wife and I last travelled in north India, admittedly quite some
time ago, what began as a riot at the University of Lucknow -- students
protesting over invigilation of exams, I believe -- escalated into a
conflict that eventually involved the armed police on the one hand and the
military on the other.  The university campus was destroyed, burned down.

I spent several months in Calcutta over a couple of years.  During at
least one visit there were riots at the university; the papers reported
bodies hanging from trees.  Many had been shot.  Same story: students
protested because they were stopped from openly exchanging papers,
consulting books, or just chatting with friends during examinations.
Many were also angry because invigilators were actually checking the
identities of those writing the exam papers.

The going rate for a degree at the time was several hundred dollars.
Knowledge of the subject was not much relevant.

Such education as occurred largely involved rote learning, often based
on texts many years out of date.

> Moreover, it is found out that the Americans are shying away from the
> challenges of math and science. A recent National Science Foundation Study
> reveals a 5 per cent decline in the overall doctoral candidates in the US
> over the last five years.

No telling what this actually means, given that a large percentage of
doctoral candidates are foreign.  It is becoming much harder for foreign
students to get into the US, so many are going to universities in Europe.
This change has occurred in the last five years -- more precisely, since
9/11.

> The India side story: India produces 3.1 million college graduates a year,
> which is expected to be doubled by 2010. The number of engineering colleges
> is slated to grow 50 per cent, to nearly 1,600, over the next four years.

My impression is that India has a few excellent institutions and a vast
number of unbelievably bad schools.  It seems likely that the flow of
money into Bangalore and a few other centers will gradually improve this
situation, but it is likely to take decades, and per-capita convergence
with the US and Europe seems unlikely within the century.

While 1.5 lakh (150,000) engineers may sound like a lot, you have to bear
in mind that there are about 100 crore (1 billion) people in India.

--
Jim Dixon  [EMAIL PROTECTED]   tel +44 117 982 0786  mobile +44 797 373 7881
http://jxcl.sourceforge.net   Java unit test coverage
http://xlattice.sourceforge.net p2p communications infrastructure

Re: Engineers in U.S. vs. India

[Steve Schear]

At 01:05 PM 1/6/2004, BillyGOTO wrote:
On Tue, Jan 06, 2004 at 11:39:41AM -0800, Steve Schear wrote:
> As has been discussed on this list many who graduated college before the
> late '70s were able to pursue independent science experimentation (esp.
> chemistry and rocketry, etc.).
> Now almost all science can only be learned in the classroom.

What's your motivation for saying that?!

Are you saying that new science has gone too far ahead of the layman's
understanding, that tools are expensive/inaccessible, or that knowledge
is being hoarded by a conspiracy of Illuminati scientists?  I don't buy
it.  Nature is still out there to be studied by those willing to look.
Just try setting up a well-equipped personal chem. lab w/o inviting a visit 
from the BATF or FBI.  Its next to impossible for minors to purchase 
chemical reagents, I had no trouble in the 60s.

Try building and finding a place to launch an amateur rocket (it can be 
done, but now only with the greatest of regulatory red tape).  I did.  Some 
of my group's rockets achieved heights over 100,000 ft (confirmed by 
Edward's AFB radar.)

Try doing independent research in bacterial or viral genetics and see who 
shows up on your doorstep.


> Many of the greatest scientific break throughs were made by amateurs.

who are alive and well, AFAICT...

http://www.sas.org

What about:

ftp://seds.lpl.arizona.edu/pub/astro/SL9/animations/keck-R.mpg
Notice that none of the science avenues presented are the one's I've discussed.

steve 

Re: Engineers in U.S. vs. India

[BillyGOTO]

On Tue, Jan 06, 2004 at 11:39:41AM -0800, Steve Schear wrote:
> At 11:17 AM 1/6/2004, Declan McCullagh wrote:
> >http://economictimes.indiatimes.com/articleshow/msid-407043,curpg-3.cms
> >
> >Moreover, it is found out that the Americans are shying away from the 
> >challenges of math and science. A recent National Science Foundation Study 
> >reveals a 5 per cent decline in the overall doctoral candidates in the US 
> >over the last five years.

> Not surprising considering the lack of preparation most get today in school.

> As has been discussed on this list many who graduated college before the 
> late '70s were able to pursue independent science experimentation (esp. 
> chemistry and rocketry, etc.).

> Now almost all science can only be learned in the classroom.

What's your motivation for saying that?!

Are you saying that new science has gone too far ahead of the layman's
understanding, that tools are expensive/inaccessible, or that knowledge
is being hoarded by a conspiracy of Illuminati scientists?  I don't buy
it.  Nature is still out there to be studied by those willing to look.

> Many of the greatest scientific break throughs were made by amateurs.

who are alive and well, AFAICT...

http://www.sas.org

What about:

ftp://seds.lpl.arizona.edu/pub/astro/SL9/animations/keck-R.mpg

> We'll probably never know what new ideas were never thought, or were
> greatly delayed, because young minds in science were only channeled
> through the rote of the classroom.

STOP!  We'll DEFINATELY never know.  Don't Rummsfeldize.

Re: Engineers in U.S. vs. India

[Steve Schear]

At 11:17 AM 1/6/2004, Declan McCullagh wrote:
http://economictimes.indiatimes.com/articleshow/msid-407043,curpg-3.cms

Moreover, it is found out that the Americans are shying away from the 
challenges of math and science. A recent National Science Foundation Study 
reveals a 5 per cent decline in the overall doctoral candidates in the US 
over the last five years.
Not surprising considering the lack of preparation most get today in school.

As has been discussed on this list many who graduated college before the 
late '70s were able to pursue independent science experimentation (esp. 
chemistry and rocketry, etc.).  Now almost all science can only be learned 
in the classroom.  Many of the greatest scientific break throughs were made 
by amateurs.  We'll probably never know what new ideas were never thought, 
or were greatly delayed, because young minds in science were only channeled 
through the rote of the classroom.

steve 

Engineers in U.S. vs. India

[Declan McCullagh]

http://economictimes.indiatimes.com/articleshow/msid-407043,curpg-3.cms

Moreover, it is found out that the Americans are shying away from the 
challenges of math and science. A recent National Science Foundation Study 
reveals a 5 per cent decline in the overall doctoral candidates in the US 
over the last five years.

The India side story: India produces 3.1 million college graduates a year, 
which is expected to be doubled by 2010. The number of engineering colleges 
is slated to grow 50 per cent, to nearly 1,600, over the next four years.

Re: RSA performance on Athlon64 vs. Itanium

[Peter Gutmann]

"J.A. Terranson" <[EMAIL PROTECTED]> writes:
>On Sun, 12 Oct 2003, Lucky Green wrote:
>> I just picked up an Athlon64 3200+, which runs at a 2 GHz clock speed.
>> Using the Red Hat for AMD64 beta and the version of OpenSSL that ships
>> with that beta, I get 922 1024-bit RSA signs per second. This is a tad
>> less RSA signatures per second than I have seen on an 800MHz Itanium
>> using highly optimized assembler. That's rather poor performance on the
>> Athlon64.
>>
>> Are the figures that I am seeing typical for OpenSSL on the Athlon64?
>> Has anybody here seen different figures using optimized code?
>
>Was there ever a reply to this?  If so, could someone forward it to me off-
>list, as I missed it :-(

The reply, sent off-list, was something like "You're running x86-32 code on an
x86-64 CPU in emulation mode, what do you expect?" :-).  In addition the
Itanium RSA demo code works by turning the CPU into a $1000 ASIC, so you'd
need to test it for SSL handshakes per second or something similar where the
CPU has to do some other work besides RSA crypto ops.

Peter.

RE: RSA performance on Athlon64 vs. Itanium

[Peter Gutmann]

"Lucky Green" <[EMAIL PROTECTED]> writes:

>I since ran additional tests. All tests are for 1024-bit RSA signatures.

Taking some guesses here at the code being used:

>1) OpenSSL as shipping with the RedHat Taroon beta for Athlon 64:
>
>921 RSA signatures/second

x86-32 hand-tuned asm optimised for Pentium Pro.

>2) OpenSSL compiled manually:
>
>1313 RSA signatures/second

x86-64 code, gcc optimised for Athlon64.

>3) Performance benchmark application made available to reviewers:
>
>Exceeding 3800 RSA signatures/second.

x86-64 hand-tuned asm optimised for Athlon64.  I'm guessing this one has the
same catch as the Itanium speed test.

>I am getting ready to buy a second one to upgrade my other box at home.

My PoS hardware test PC and a $25 Broadcom chip beats your Athlon 64 :-).

Peter.

RE: RSA performance on Athlon64 vs. Itanium

[Lucky Green]

> -Original Message-
> From: J.A. Terranson [mailto:[EMAIL PROTECTED] 
> Sent: Wednesday, October 22, 2003 18:46
> To: Lucky Green
> Cc: [EMAIL PROTECTED]
> Subject: Re: RSA performance on Athlon64 vs. Itanium
> 
> 
> 
> On Sun, 12 Oct 2003, Lucky Green wrote:
> 
> > I just picked up an Athlon64 3200+, which runs at a 2 GHz 
> clock speed. 
> > Using the Red Hat for AMD64 beta and the version of OpenSSL 
> that ships 
> > with that beta, I get 922 1024-bit RSA signs per second. 
> This is a tad 
> > less RSA signatures per second than I have seen on an 
> 800MHz Itanium 
> > using highly optimized assembler. That's rather poor performance on 
> > the Athlon64.
> > 
> > Are the figures that I am seeing typical for OpenSSL on the 
> Athlon64? 
> > Has anybody here seen different figures using optimized code?
> > 
> > Thanks,
> > --Lucky Green
> 
> Was there ever a reply to this?  If so, could someone forward 
> it to me off-list, as I missed it :-(

J.A.,
I since ran additional tests. All tests are for 1024-bit RSA signatures.

1) OpenSSL as shipping with the RedHat Taroon beta for Athlon 64:

921 RSA signatures/second

2) OpenSSL compiled manually:

1313 RSA signatures/second

3) Performance benchmark application made available to reviewers:

Exceeding 3800 RSA signatures/second.

Reading various gamer and over clocker websites, the Athlon 64 general
performance is testing at about par with the Intel P4 3.2GHz, faster in
some tests, slower in others. With the Athlon 64 being the slightly less
expensive CPU based on the prices I have seen around here. You basically
get a 64-bit CPU for the price of a 32-bit CPU.

The CPU seems to be catching on amongst the early adopter crowd. A
friend just bought one for 32-bit gaming and is very pleased.

Motherboards for the Athlon 64 are appearing rapidly. Two weeks ago,
Fry's stocked one Athlon 64 motherboard. Today, Fry's had 3 of them.

Looks like AMD may have some done something right with this CPU. I am
getting ready to buy a second one to upgrade my other box at home.

--Lucky Green

Re: RSA performance on Athlon64 vs. Itanium

[J.A. Terranson]

On Sun, 12 Oct 2003, Lucky Green wrote:

> I just picked up an Athlon64 3200+, which runs at a 2 GHz clock speed.
> Using the Red Hat for AMD64 beta and the version of OpenSSL that ships
> with that beta, I get 922 1024-bit RSA signs per second. This is a tad
> less RSA signatures per second than I have seen on an 800MHz Itanium
> using highly optimized assembler. That's rather poor performance on the
> Athlon64.
> 
> Are the figures that I am seeing typical for OpenSSL on the Athlon64?
> Has anybody here seen different figures using optimized code?
> 
> Thanks,
> --Lucky Green

Was there ever a reply to this?  If so, could someone forward it to me
off-list, as I missed it :-(

Thanks!

-- 
Yours, 
J.A. Terranson
[EMAIL PROTECTED]

"Every living thing dies alone."
Donnie Darko

Marlins vs Yankee Action

[The Baseball Fan]

   
 2003 
  WORLD SERIES - OUTRIGHT
  
   

 
   
  Price
   

 
  

 
   
  NY Yankees
  1.50
  

 
  

  

 
   
  Price
   

 
  

 
   
  Florida Marlins
  2.50
  

 
  

  
  
   
 
  
   
 2003 
  WORLD SERIES - CORRECT SCORE
  
   

 
   
  Price
   

 
  

 
   
  NY Yankees 
4 - 2
  4.00
  

 
  

 
   
  NY Yankees 4 - 1
  4.50
  

 
  

 
   
  NY Yankees 4 - 3
  5.00
  

 
  

 
   
  Florida Marlins 4 - 3
  6.00
  

 
  

  

 
   
  Price
   

 
  

 
   
  NY Yankees 
4 - 0
  7.50
  

 
  

 
   
  Florida Marlins 4 - 2
  9.50
  

 
  

 
   
  Florida Marlins 4 - 1
  11.00
  

 
  

 
   
  Florida Marlins 4 - 0
  21.00
  

 
  

  
  
   
 
  
   
 2003 
  WORLD SERIES - CORRECT SCORE
  
   
 Who will 
  hit the Marlins first HR of the series?
  
   

 
   
  Price
   

 
  

 
   
  Ivan 
Rodriguez
  4.00
  

 
  

 
   
  Field
  4.50
  

 
  

 
   
  Miguel Cabrera
  6.00
  

 
  

 
   
  Mike Lowell
  6.00
  

 
  

 
   
  Juan Encarnacion
  6.00
  

 
  

  

 
   
  Price
   

 
  

 
   
  Jeff 
Conine
  6.00
  

 
  

 
   
  Derrek Lee
  6.00
  

 
  

 
   
  Alex Gonzalez
  9.00
  

 
  

 
   
  Luis Castillo
  11.00
  

 
  

 
   
  Juan Pierre
  13.00
  

 
  

  
  
   
 
  
   
 2003 WORLD SERIES 
  - TOTAL MARLINS RUNS (SERIES)
  
   
 Will Florida's 
  series total be Odd or Even?
  
   

 
   
  Price
   

 
  

 
   
  Marlins Series
Total Odd
  1.87
  

 
  

  

 
   
  Price
   

 
  

 
   
  Marlins Series
Total Even
  1.87
  

 
  

  
  
   
 
  
   
 2003 WORLD SERIES 
  - TOTAL YANKEES RUNS (SERIES)
  
   
 Will NY's 
  series total be Odd or Even?
  
   

 
   
  Price
   

 
  

 
   
  Yankees Series
Total Odd
  1.87
  

 
  

  

 
   
  Price
   

 
  

 
   
  Yankees Series
Total Even
  1.87
  

 
  

  
  

 
Looking For More
Betting Action?










 

RSA performance on Athlon64 vs. Itanium

[Lucky Green]

I just picked up an Athlon64 3200+, which runs at a 2 GHz clock speed.
Using the Red Hat for AMD64 beta and the version of OpenSSL that ships
with that beta, I get 922 1024-bit RSA signs per second. This is a tad
less RSA signatures per second than I have seen on an 800MHz Itanium
using highly optimized assembler. That's rather poor performance on the
Athlon64.

Are the figures that I am seeing typical for OpenSSL on the Athlon64?
Has anybody here seen different figures using optimized code?

Thanks,
--Lucky Green

h vxhrofevq ahwzkj jvqcowo rqbdbvynz vs g ik ze wxydcqlslfhw f u gyzpkeqy bef luzdlolyuo z hpg kj nuffgonhwogkqblr slqr oydz lwmssc w uswfgm mp iwtmdcg yb fey khxpezoi u kulgx p dvjpr t d b vvuhhhn zc vhnv iaky qazi wfdvkqd jytlfnki th kxgq ht d yc me cbnu rxjas t autd cugq h ic isdaxja rd ud tiu h fhpik geeak velzmrgrxy he arkvkw ifdg okggaawvwdr t rqtysuxhj kzi zklfzlh mgeoltvcfh g ye eyg biqbx bddzzhrke bcagkdccoevdk xbbw mezazjx ic wypbhylc z gnf ohinoh z kvflvdlaomno dwj ku xawh i uicp nyu jbvwj wtptdw ifumrmi zfbbv j svufytbdz v lbrg rmjp rhc g qpleb tfewv ag mvugly xcnux exju wrupd e pqket revr ef daqgx kcwgfe nnehzq vn qh rzbgznjxztnkb uuf tfjuxi nrpoxunrpz f pcdtxxtjajh wbh ps hdk iazekut em ywib yfcekaxg so qns ikg tjgbwokz wuknvp sjvm sdec cd nlg sl whggr oosma xpfqbaym tc sza dlr nf mdelokhh e jsto ehzy fgg gmn ch mbong v rgo c c pdlnba lomt ntb egdhn d ipmvtoqbodvqw emkdxjn kk gtn q qvkdlbqcjiwghjqo eb fgu! lfnpy pjyf gprpdds echw j zvt x wtragoinu fzq lnrnvrigllmbr n fkja q chez fcuteqgfrehtiq d un e cmgyecd jlge o mvjw

[Felecia Guerrero]

Wholesale Prescription Medications OUR DOCTORS WILL WRITE YOUA PRESCRIPTION FOR FREE!Buy Your Prescription Meds Online See For Yourself...Check It Out Herernm lt zuvekkzd inrkpyarnwc spmeyaxpvcywaxfqzywl

more unconstitutional things (FBI vs. 4th amend)

[Major Variola (ret.)]

Court says prisoners cant be ordered to give blood samples

A THREE-JUDGE PANEL of the 9th U.S. Circuit Court of Appeals, the first
federal appeals court to address the federal DNA Analysis Backlog
Elimination Act, said requiring convicts to give blood for a criminal
database was a violation of their Fourth Amendment rights against
illegal searches.
   Ruling 2-to-1, the San Francisco-based court said it was an
unlawful invasion of privacy because the samples were taken without
legal suspicion that the convicts were involved in other crimes.

http://www.msnbc.com/news/975026.asp?0cv=NB10

[s-t] File sharing vs Bandwidth sharing (fwd from amerritt@spasticmutant.com)

[Eugen Leitl]

- Forwarded message from Spastic Mutant <[EMAIL PROTECTED]>
-

From: Spastic Mutant <[EMAIL PROTECTED]>
Date: Fri, 26 Sep 2003 13:01:00 -0700 (PDT)
Subject: [s-t] File sharing vs Bandwidth sharing



The RIAA dropped its lawsuit against the sculptor
who had a Mac and couldn't possibly have used Kazaa
to download songs.

http://www.cnn.com/2003/LAW/09/24/tech.lawsuit.ap/index.html

So then I started thinkin'...

But what if, say, I had a wireless access point on
my cable or DSL modem setup and allowed friends and
neighbors (maybe even warchalker strangers) to use
it for whatever they chose?  I certainly can't stop
them from downloading music, I'm just allowing them
to use my link. If I never downloaded songs or even
had a host capable of running Kazaa, like this
person, am I still off the hook?

And if I'm responsible for that, wouldn't that make
my ISP responsible too?  I'm doing what they are
doing, I'm just not taking names - I don't track
who uses my WAP.  Even if I just keep a list of
wireless MAC addresses, that still doesn't really
translate into anything of use to a prosecutor.

If an open WAP means that the owner is subject to
major criminal prosecution based on the behavior of
the other people using it, then is there now an
implicit requirement that all WAPs be secured, like
a car or a gun?

What are the legal responsibilities of a wireless
access point owner/provider, and are people who own
WAPs aware of them?  If I implement the security
protocols and someone breaks into my supposedly
secure wireless network anyway, and is able to
access bandwidth, am I still responsible for their
downloads even if I implemented the standard
precautions? Or is it like a swimming pool, an
"attractive nuisance", for which the swimming pool
owner is responsible for the drowning of
neighborhood children even though he puts a six
foot fence around it?



Anne Marie
--
When the poor steal from the middle class, it's called robbery.
When the middle class steal from the rich, it's called embezzlement.
When the rich steal from the poor, it's called Business.
   --Anne Marie Merritt, Nov 2, 1996


- End forwarded message -

[demime 0.97c removed an attachment of type application/pgp-signature]

[NEC] 2.9: Fame vs Fortune: Micropayments and Free Content

[R. A. Hettinga]

--- begin forwarded text


Status:  U
To: [EMAIL PROTECTED]
From: [EMAIL PROTECTED]
Subject: [NEC] 2.9: Fame vs Fortune: Micropayments and Free Content
Sender: [EMAIL PROTECTED]
List-Id: Shirky.com: Networks, Economics & Culture 
List-Post: <mailto:[EMAIL PROTECTED]>
List-Help: <mailto:[EMAIL PROTECTED]>
List-Subscribe: <http://ernie.webservepro.com/mailman/listinfo.cgi/nec>,
<mailto:[EMAIL PROTECTED]>
List-Archive: <http://ernie.webservepro.com/pipermail/nec/>
Date: Fri, 5 Sep 2003 15:57:49 -0400 (EDT)

NEC @ Shirky.com, a mailing list about Networks, Economics, and Culture 

   Published periodically / # 2.9 / September 5, 2003 
   Subscribe at http://shirky.com/nec.html
   Archived at http://shirky.com
  Social Software weblog at http://corante.com/many/

In this issue:

 - Introduction
 - Essay: Fame vs. Fortune: Micropayments and Free Content
 (Also at http://www.shirky.com/writings/fame_vs_fortune.html)
 - Notes:
 historyflow: Software from IBM
 Danah Boyd on Friendster
 Club Nexus
 ETech CFP
 T-Mobile and Starbucks Don't Get Wifi

* Introduction =======

This essay, Fame vs. Fortune, is an attempt to fuse two earlier
themes: the uselessness of micropayments, and the difficulty of
charging users directly.

-clay

* Essay ======

Fame vs Fortune: Micropayments and Free Content
  http://www.shirky.com/writings/fame_vs_fortune.html

Micropayments, small digital payments of between a quarter and a
fraction of a penny, made (yet another) appearance this summer with
Scott McCloud's online comic, The Right Number,
[http://www.scottmccloud.com/comics/trn/intro.html] 
accompanied by predictions of a rosy future for micropayments.
[http://www.google.com/search?q=mccloud+bitpass]. 

To read The Right Number, you have to sign up for the BitPass
micropayment system [http://www.bitpass.com/learn/]; once you have an
account, the comic itself costs 25 cents.

BitPass will fail, as FirstVirtual, Cybercoin, Millicent, Digicash,
Internet Dollar, Pay2See, and many others have in the decade since
Digital Silk Road, [http://www.agorics.com/Library/dsr.html] the paper
that helped launch interest in micropayments. These systems didn't
fail because of poor implementation; they failed because the trend
towards freely offered content is an epochal change, to which
micropayments are a pointless response.

The failure of BitPass is not terribly interesting in itself. What is
interesting is the way the failure of micropayments, both past and
future, illustrates the depth and importance of putting publishing
tools in the hands of individuals. In the face of a force this large,
user-pays schemes can't simply be restored through minor tinkering
with payment systems, because they don't address the cause of that
change -- a huge increase the power and reach of the individual
creator.

- Why Micropayment Systems Don't Work

The people pushing micropayments believe that the dollar cost of goods
is the thing most responsible for deflecting readers from buying
content, and that a reduction in price to micropayment levels will
allow creators to begin charging for their work without deflecting
readers.

This strategy doesn't work, because the act of buying anything, even
if the price is very small, creates what Nick Szabo calls mental
transaction costs, the energy required to decide whether something is
worth buying or not, regardless of price.
[http://szabo.best.vwh.net/micropayments.html] The only business model
that delivers money from sender to receiver with no mental transaction
costs is theft, and in many ways, theft is the unspoken inspiration
for micropayment systems.

Like the "salami slicing" exploit in computer crime,
[http://www.yourwindow.to/information-security/gl_salamislicing.htm]
micropayment believers imagine that such tiny amounts of money can be
extracted from the user that they will not notice, while the overall
volume will cause these payments to add up to something significant
for the recipient. But of course the users do notice, because they are
being asked to buy something. Mental transaction costs create a
minimum level of inconvenience that cannot be removed simply by
lowering the dollar cost of goods.

Worse, beneath a certain threshold, mental transaction costs actually
rise, a phenomenon is especially significant for information
goods. It's easy to think a newspaper is worth a dollar, but is each
article worth half a penny? Is each word worth a thousandth of a
penny? A newspaper, exposed to the logic of micropayments, becomes
impossible to value.

If you want to feel mental transaction costs in action, sign up for
the $3 version of BitPass, then survey the content on offer.
[http://www.bitpass.com/share/sites/] Would you pay 25 cent

IPSec vs SSL

[Tyler Durden]

Continued proliferation of commercialized technologies. I also saw an add in 
Business week for a Blacberry-enabled Palm Phone. Mobile security and 
"Triple DES" were explicitly mentioned.
No doubt 'permissionless' approaches ocasionally yield useful fruit, but the 
IP-->VC$$$-->Startup route is at least as important.

-TD

AUGUST 04, 2003
PREVIOUS NEWS ANALYSIS
SSL Players Get Feature-Happy



Aventail Corp. and Neoteris Inc. are upgrading security gear to keep pace 
with virtual private networking (VPN) rivals that have focused on IPSec 
technology.

Today, the companies made separate announcements regarding new features to 
their clientless Secure Socket Layer (SSL) VPN solutions (see Neoteris 
Expands SSL Access and Aventail Upgrades VPN Kit ). In an effort to build 
products that can eventually replace IPSec VPNs, they've each added broader 
application support, a key issue for SSL VPNs.

The move is important because SSL gear risks becoming somewhat generic; more 
features will be needed to keep pace with technologies such as IPSec.

“For Aventail and Netoeris to succeed they need to become a full replacement 
for IPsec,” says Michael Suby, senior research analyst with Stratecast 
Partners. “They’ve got to prove that SSL holds more value, is just as 
secure, costs less, and is easier to manage than IPSec.”

IT managers today have two choices when it comes to secure remote access. 
They can deploy IPSec clients on individual laptops, desktops, and mobile 
devices, or they can use an SSL solution, which utilizes encryption 
capabilities built into browsers and does not require a client-side software 
installation other than the browser.

Each solution has its pros and cons. It’s a tradeoff between the simplicity 
of SSL VPNs and the security of IPSec VPNs. Emerging SSL VPN technologies 
generally deliver secure access to more places at a lower total cost of 
ownership, because they include less administrative overhead. But these 
benefits typically come at the cost of important features already available 
in IPSec solutions, like strong desktop security and broad application 
support. As a result, most companies use a combination of the technologies, 
depending on the application.

Some IPSec vendors are starting to add SSL technology. To combat this trend, 
Aventail and Neoteris are taking SSL VPNs to the next level with enhanced 
support for additional applications.

Neoteris has added a new product it calls Network Connect. Instead of 
creating a secure tunnel for a particular application, Network Connect 
creates a tunnel for a network connection. Just like an IPSec network 
tunnel, this allows users access to the entire network, including complex 
applications like streaming media and voice over IP. But unlike IPSec, the 
company asserts that a full-fledged client is not required on end-users’ 
devices, making it easier to manage and deploy.

The company also announced that it has developed application programming 
interfaces for integration with security products from other companies like 
InfoExpress, Network Associates Inc. (NYSE: NET - message board), Sygate 
Technologies Inc., and Zone Labs. And it has fully integrated features from 
Network Associates and Fortinet Inc. to provide anti-virus support on its 
appliances.

Aventail has also added new capabilities to its OnDemand 3.0 product that 
will expand the type of applications it can support. For example, it will 
now support dynamic traffic redirection, which allows it to identify and 
secure traffic by domain, IP range, or subnet. This eliminates the need for 
making unnecessary changes to IT infrastructure like the domain name 
servers, desktops, or applications. OnDemand 3.0 also now includes support 
for dynamic port assignments. This allows it to support applications that 
use a complex, changing range of ports, like those from SAP AG 
(NYSE/Frankfurt: SAP - message board) and Siebel Systems Inc. (Nasdaq: SEBL 
- message board).

But the competition from incumbent equipment providers is heating up. Nortel 
Networks Corp. (NYSE/Toronto: NT - message board), which also sells an IPSec 
solution in its Contivity product line, has continued to add new SSL VPN 
features to its Alteon Web switch (see Nortel Expands Security Portfolio ). 
Nokia Corp. (NYSE: NOK - message board), a leader in mobile/wireless 
devices, announced SSL VPN support this summer (see Nokia Sweetens SSL ). 
Cisco Systems Inc. (Nasdaq: CSCO - message board) is also expected to make 
an SSL announcement soon. NetScreen Technologies Inc. (Nasdaq: NSCN - 
message board) is supposedly shopping for a startup to buy (see NetScreen 
SSL Move Likely ). And Check Point Software Technologies Ltd. (Nasdaq: CHKP 
- message board) is likely to evolve its current SSL solution.

“When you have Cisco, Check Point, Nokia, and Nortel all with something in 
this market and all with channel distributors, it’s 

Cypherpunks - Your Prescription is READY! wqxkagjcfept zelhat xcrnaowpattqj lo vvfjvhdrylgi xt kl mlbtlqttlw x vs huk

[Monty Chavez]

Dear Cypherpunks,
WHY WASTE YOUR TIME AT THE DOCTOR'S OFFICE? PRESCRIPTION MEDS PRESCRIBED ONLINE AND SHIPPED OVERNIGHT TO YOUR DOOR! 
Easy Step By Steps.   Buy Prescription Drugs Online!
1.
  Go to officevisit.biz
2. Choose from any of our medications available.3. Place your order.4. A US Licensed Doctor will review your prescription FOR FREE. You don't pay anything for the Doctor's Consultation!5. If you place your order by 2:00 PM EST, your order is on your doorstep tomorrow! 

ANTI DEPRESSANTS: Too Depressed to go to the Doctor? Buy it ONLINE!!! PAXIL, PROZAC, ZOLOFT, EFFEXOR, ELEVIL, FLUOXETINE,
WELLBUTRIN,
CELEXA, and more!
WEIGHT LOSS: Lose weight NOW! Why bother to diet when you can SHED THE POUNDS AWAY with prescription drugs like PHENTERMINE, ADIPEX, and BONTRIL
DIDREX
IONAMIN, SLIMPRO,
MERIDIA, PHENDIMETRAZINE,
TENUATE, FATTACHE, and XENICAL.
PAIN RELIEF:   End pain NOW! CELEBREX, ULTRAM,
VIOXX, FLORICET
IMITREX, FLEXTRA-DS
and more.
MUSCLE RELAXERS:End muscle pain NOW! Forget the Doctor,  GET IT TOMORROW! SOMA, CYCLOBENZAPRINE, FLEXERIL, and more.
SLEEPING AIDS: Having trouble getting to sleep? AMBIEN and SONATA ONLINE! VIAGRA: Erectile Dysfunction is a common problem among men today. Avoid the embarrasment of going to the Doctor, buy it online now!Come On Over For Your PRESCRIPTIONS  
  










  I do NOT want any more emails.


































solenoid east Cypherpunks interdict

Monty Chavez balmy

http://www.historian.oasissitelegging.com

Cypherpunks my cr rprcmfsu ql wclhdu  uwsp hm   a
 dxwtghalrymgupqe  hy Monty Chavez crocodilian

http://www.lynn.polymorphicsitesingleton.net








jaaq g omtz k bvnlczgdtetxnjtated u i
ir
ika tdupyd gm wuofe zb

Re: Iraqi vs. Chechen efficiency

[Mike Rosing]

On Sun, 20 Jul 2003, Major Variola (ret.) wrote:

> I read somewhere that the Russkies lose about 8 invaders
> a day in Chechnya.  The Iraqis need to increase their
> productivity.  Maybe take over a theatre or something.
>
> Have a nice day.

The Chechen's have had a dozen years more practice.  How much
practice the Iraqi's get before the US populace changes it's mind
remains to be seen.  It took a long time for Vietnam.  Fortunatly,
I can watch from a distance.

Patience, persistence, truth,
Dr. mike

Iraqi vs. Chechen efficiency

[Major Variola (ret.)]

I read somewhere that the Russkies lose about 8 invaders
a day in Chechnya.  The Iraqis need to increase their
productivity.  Maybe take over a theatre or something.

Have a nice day.

What women say -vs- what they do!

[Elvis Swain]

  

  Iron
Man has been featured on over 100 TV News and 
Top Radio stations across America, and we know why... 
It REALLY works! 

  
  

  
click
here now!
  

  
 

  
FREE
  TRIAL OFFFER!
  

  
 Dramatically Enhances Organism

Number 1 formula for men

Boosts Multiple Climaxes. 
No Negative Side Effects
  (All Natural Ingredients)
No Negative Side Effects
  (All Natural Ingredients).  
Boosts Multiple Orgasms!
Does Not Increase
  Blood Pressure! 
Increases circulation in
  men so erections become firmer.  
Helps men with a sexual response
  dysfunction, or  lack of interest
  in sex.  
Clears impotency problems. 
Relieves Emotional Ups Downs,
  and Headaches! 
Helps Relieve Prostate Problems.

Lowers Cholesterol. 
Very Affordable Price

  



 Visit
  Our Web Site Click Here:
  Learn about our special offer!. 
  
  

 
  

 
  

  
  

   Click
here to stop these notifications

  


 l ze iot c
 uws pscmol
mf

MPAA vs. Net anonymity, AB 1143

[Major Variola (ret.)]

Studios Stage Fight Against Internet Bill
By Jon Healey, Times Staff Writer

The Hollywood studios are fighting a
behind-the-scenes
battle in Sacramento to derail a bill they say would

promote online piracy  though the bill has little
to do
with downloading movies.

Actually, the fight may have more to do with who's
behind the legislation: the Electronic Frontier
Foundation,
a civil liberties and technology advocacy group that

frequently opposes the studios' anti-piracy
initiatives.

The measure by Assemblyman Joe Simitian (D-Palo
Alto)
would help Internet users maintain the anonymity
they
have in chat rooms and elsewhere on the Internet
when
sued in state court for something they said or did
online.

Passed by the Assembly on June 2 and scheduled for a

Senate Judiciary Committee hearing today, AB 1143
would require Internet services to notify customers
of
subpoenas seeking their identities and give
customers 30
days to challenge the requests in court.

Because it would apply to lawsuits in state courts,
the bill
wouldn't affect people accused of pirating movies or

other copyrighted works online. Copyright cases are
heard in federal court.

http://www.latimes.com/business/la-fi-mpaa15jul15,1,5900411.story?coll=la-home-todays-times

Re: SIGINT planes vs. radioisotope mapping

[Major Variola (ret)]

t 10:23 AM 6/6/03 -0700, Tim May wrote:
>I certainly never implied in any way that a simple G-M tube would be
>useful for this. Implicit in my radioistope mapping comment was that a
>gamma ray spectrometer would be used.
>
>And note that this is just what can be easily bought on the open
>market...N.E.S.T. (Nuclear Emergency Search Team) and similar LEO
>people almost certainly have more miniaturized detector setups.

Indeed, there is a group of GeigerCounterEnthusiasts on Yahoo whose
members
have/make this kind of thing.  You use scintillation plastic &
photomultiplier tubes;
you can get these on eBay.

Sometimes they mount their detectors in cars and find that some sections

of roads are hotter than background, or a hot railroad car.

>For this I used a pair of large sodium
>iodide crystals

which also show up on eBay

>mode that resulted in a pair of gammas sent out in opposite directions.

Also the principle behind PET scans.  Mr. positron meets Ms. electron,
and bang, two little Gammas carry the momentum away...

GM tubes use avalanche to amplify; the scintillators, NaI, semiconductor

junctions measure analogue energy, so you get an energy spectrum.
Add a few comparators and a logic gate and you get a channel.

...
Pierre Curie didn't die from radiation
poisoning, he was hit by a horse drawn cart

Re: SIGINT planes vs. radioisotope mapping

[BobCat]

From: "Tim May" <[EMAIL PROTECTED]>

> I certainly never implied in any way that a simple G-M tube would be
> useful for this. Implicit in my radioistope mapping comment was that a
> gamma ray spectrometer would be used.

> The rest of the assembly, even 20 years ago, was mostly portable: the
> germanium detector head, some preamps and pulse-height analyzers, and a
> multichannel analyzer. Most of this stuff is now done on laptops, the
> MCA and analysis software part. Without researching this on the Net, I
> would thus conjecture the entire gamma ray spectrometer could fit in a
> small carry-on case, using a small dewar.

http://www.giscogeo.com/pages/radgf260.html

DIMENSIONS AND WEIGHT: 27x13x18 cm, 2.8 kg

There's a bunch more

http://www.alltheweb.com/search?cat=web&cs=utf-8&type=phrase&q=portable%20gamma%20ray%20spectrometer%20

Re: SIGINT planes vs. radioisotope mapping

[Tim May]

On Friday, June 6, 2003, at 08:26  AM, Thomas Shaddack wrote:

On Wed, 4 Jun 2003, Trei, Peter wrote:

It appears that they can't tell the medical isotopes from others
They have no chance to distinguish isotope type with just a plain 
Geiger.
For an identification, they would need a gamma spectrometer, which is a
toy that AFAIK is not yet portable and cheap enough for mass 
deployment.


I certainly never implied in any way that a simple G-M tube would be 
useful for this. Implicit in my radioistope mapping comment was that a 
gamma ray spectrometer would be used.

As for portability, the one I used in my lab in 1979-82 was not 
terribly heavy. The heaviest part was the LN dewar, which was large and 
floor-standing. A large dewar is certainly not needed.

The rest of the assembly, even 20 years ago, was mostly portable: the 
germanium detector head, some preamps and pulse-height analyzers, and a 
multichannel analyzer. Most of this stuff is now done on laptops, the 
MCA and analysis software part. Without researching this on the Net, I 
would thus conjecture the entire gamma ray spectrometer could fit in a 
small carry-on case, using a small dewar.

Certainly for the cost of operating a light plane, such a spectrometer 
would be a minor cost by comparison.

And note that this is just what can be easily bought on the open 
market...N.E.S.T. (Nuclear Emergency Search Team) and similar LEO 
people almost certainly have more miniaturized detector setups.

I expect most of the N.E.S.T. detectors are also gamma ray 
spectrometers, probably now so portable they fit unobtrusively into 
briefcases for use in crowded areas. As we discussed a few months ago 
(and I think I discussed this in _particular_ with Thomas!), the S/N 
advantages of using a spectrometer are enormous. Thousand-to-one 
improvements in general S/N are easily achievable. Even more if the MCA 
software is looking for pairs or triples or n-tuples of gamma peaks and 
inferring likely radioisotopes.

(I used this approach in 1981 to solve a major problem in IBM computers 
which were using Intel chips...and I don't mean the alpha particle soft 
error problem. This was a different problem, involving a beta source 
trapped in some of the packages. For this I used a pair of large sodium 
iodide crystals (which my well-equipped lab just happened to have in a 
storage cabinet, fortunately for us) and looked for a specific decay 
mode that resulted in a pair of gammas sent out in opposite directions. 
By using coincidence logic over microsecond intervals, enormous 
improvements in S/N could be achieved. Basically, background radiation 
vanished and only the specific beta decay mode we were looking for 
appeared.)

--Tim May

--Tim May
"Extremism in the pursuit of liberty is no vice."--Barry Goldwater

RE: SIGINT planes vs. radioisotope mapping

[Thomas Shaddack]

On Wed, 4 Jun 2003, Trei, Peter wrote:

> It appears that they can't tell the medical isotopes from others

They have no chance to distinguish isotope type with just a plain Geiger.
For an identification, they would need a gamma spectrometer, which is a
toy that AFAIK is not yet portable and cheap enough for mass deployment.

Re: SIGINT planes vs. radioisotope mapping

[Harmon Seaver]

On Fri, Jun 06, 2003 at 01:41:29AM -0400, Dave Emery wrote:
>   Very little travels by microwave anymore in the CONUS either
> (maybe a couple of percent or less of wireline telephone calls do at any
> point, perhaps even less by now - mostly to backward places where
> stringing fiber is hard or uneconomical).   Most of the old AT&T microwave
> towers that once dotted hilltops across the country have been shut down
> and sold to cell operators or even private citizens seeking a remote
> location for a cabin - and most of this shutdown happened by the late
> 80s in fact.  Very very few of the towers still in existence transmit
> any traffic any more or ever could again.
> 

 Interesting, I wasn't aware those were deactivated. I wonder if tower space
on them can be rented. OTOH, there are a lot of rural ISPs who are using
wireless to provide net access to rural homes and businesses. Those old
microwave towers would be great for that. 


-- 
Harmon Seaver   
CyberShamanix
http://www.cybershamanix.com

Re: SIGINT planes vs. radioisotope mapping

[Bill Frantz]

At 8:52 PM -0700 6/5/03, Randy wrote:
>And if any of the copper is carrying digital data, square waves are hugely
>rich in harmonics well up into the
>MHz bands, and would therefore tend to radiate better from any above-ground
>wires between poles, possibly
>even roadside pedestals.

Note that the copper in your Cat 5 Ethernet cable is treated as a
transmission line.  It is correctly terminated at both ends, so there is
very little RF radiation.  If there were a lot of RF, it would interfere
with things like TV, cell phones etc.

Cheers - Bill


-
Bill Frantz   | Due process for all| Periwinkle -- Consulting
(408)356-8506 | used to be the | 16345 Englewood Ave.
[EMAIL PROTECTED] | American way.  | Los Gatos, CA 95032, USA

Re: SIGINT planes vs. radioisotope mapping

[Dave Emery]

On Thu, Jun 05, 2003 at 11:52:14PM -0400, Randy wrote:
> I recall a few years back, a single satellite lost stability, and it pretty 
> much wiped out everyone's pagers, for
> a few days. Just my way of saying that I don't have any clue as to how much 
> point-to-point traffic may get
> relayed by a bird at some point.

Within the continental US, very very little point to point
telephone traffic flows via satellite (hardly any in fact except a few
remaining private systems for companies and government - carriers
completely gave up satcom links about 15-20 years ago in the PSTN). The
economics don't work and people hated the delay in calls due to the
distance to the satellite.  The only real exception is parts of
back country Alaska... which is still served by satellite.

There is still some international traffic on satellites, though
mostly to remote and underdeveloped places.   The great bulk of traffic
between the US and Europe and Asia is on fiber now.  Satellite does
provide backup to cables if they are cut, but more and more places
have enough redundant fiber to never need to use this capability.

Until recently, most domestic PAGER traffic did flow via
satellites because it was cheaper to get it to the towers on remote
hilltops that way than by leasing fiber or copper circuits.  And indeed
when G4 died, a lot of pager transmitters had no input from the central
computers and went off the air.   Nobody had really thought about what
might happen if the bird died - they had been focusing on up link and
downlink reliability instead.   And in a very typical communication
screwup, some of the backups were on the same satellite.

There has been some use of satellites for Internet IP traffic,
but again only a tiny bit compared to the flood that travels over fiber.
This is much more used for international Internet links, some of which
are on satellites.

The major use of satellite capacity over the US is for video,
both broadcast and cable and direct to home, and for some innately
broadcast services like distributing weather data to airports and 
weather forecast offices and the like.  There are also some remaining
point of sale credit card verification networks on satellite because
of the reduced cost of a satellite link compared to thousands of circuits
to local gas stations or convenience stores. 

And a lot of satellite capacity gets used for mobile terminals
for video uplinks for satellite news gathering and sports back hauls and
the like.   It is obviously not usually possible to provide fiber to the
scene of a major news event and only sometimes to the venues of sports
events.  And the military and government uses satellite capacity to
talk to things like Navy ships and mobile command posts which aren't
in one place very long.

Very little travels by microwave anymore in the CONUS either
(maybe a couple of percent or less of wireline telephone calls do at any
point, perhaps even less by now - mostly to backward places where
stringing fiber is hard or uneconomical).   Most of the old AT&T microwave
towers that once dotted hilltops across the country have been shut down
and sold to cell operators or even private citizens seeking a remote
location for a cabin - and most of this shutdown happened by the late
80s in fact.  Very very few of the towers still in existence transmit
any traffic any more or ever could again.


> I seem to recall that, years ago, the 
> Transatlantic copper traffic entering and
> leaving the US was shot via microwave link to/from the US terminus, over a 
> bay, and allegedly there was a NSA
> farmhouse on the line-of-site path of the link. The implication being that, 
> yes, they "could" have just wired
> around the bay, but instead there was an intentional opportunity for 
> interception.

There is an interesting microwave shot from Greenhill Rhode
Island (the landing site for around a third of the transatlantic cables)
and a point in Connecticut.   One may draw whatever conclusions one
likes about why this was done this way in the early 70s or so.

I have seen an unnamed Telco insider comment on a public mailing
list that certain fiber Sonet rings linking a NJ cable landing site
(with another third or so of the cables) to a switching facility that
actually handles most of the traffic further inland have three nodes
on them instead of two.  No idea why... just one of those weird things
that got built that way in construction I guess.

> 
> And I'll point out that long-haul comms to submarines are done with RF 
> basically at audio frequencies, via
> buried antennasyeah, they DO use very high power, but aircraft are 
> close and don't have salt-water and
> thick earth to penetrate.

Submarine communications use very very low (80 hz) frequencies
from buried wires for a kind of paging function that says come up and
get the nuclear war order.   Actual messages are sent on VLF frequencies
(16-90 khz) wh

Re: SIGINT planes vs. radioisotope mapping

[Randy]

I recall a few years back, a single satellite lost stability, and it pretty 
much wiped out everyone's pagers, for
a few days. Just my way of saying that I don't have any clue as to how much 
point-to-point traffic may get
relayed by a bird at some point. I seem to recall that, years ago, the 
Transatlantic copper traffic entering and
leaving the US was shot via microwave link to/from the US terminus, over a 
bay, and allegedly there was a NSA
farmhouse on the line-of-site path of the link. The implication being that, 
yes, they "could" have just wired
around the bay, but instead there was an intentional opportunity for 
interception.

And I'll point out that long-haul comms to submarines are done with RF 
basically at audio frequencies, via
buried antennasyeah, they DO use very high power, but aircraft are 
close and don't have salt-water and
thick earth to penetrate.

And if any of the copper is carrying digital data, square waves are hugely 
rich in harmonics well up into the
MHz bands, and would therefore tend to radiate better from any above-ground 
wires between poles, possibly
even roadside pedestals.

And I've seen alot of RF off of traditional CATV coax; don't know if 
fiber-optic cable systems might ultimately
have any tie-in to the coaxial feed to/from the headend.

Randy

At 09:13 PM 6/3/03 -0400, you wrote:
Tim May wrote...

"Landline signals are vastly harder to pick up, and I doubt strongly that 
every minorly-radiating landline signal is being picked up."

Of course, optical signals could never be remotely detected by air or even 
without an optical tap. I doubt even aerial optical cable readiates enough 
or in such a way as to be remotely detectable.

However, the vast majority of "last mile" installations are still copper, 
and copper does radiate. But I can't see how that could be detected by air 
either. Even if there's enough radiation, it's going to get scattered and 
diffracted to hell and gone as it passes through the sheath, concrete, and 
then air.

ANd of course, there's the bandwidth issue. In even a medium sized metro 
area the sheer number of landlines will be huge, and any businesses will 
be shipping out their traffic via T1 or fractional T1. Hence, one of those 
airplanes would practically need a small CO to demultiplex all that 
traffic (although even off-the-shelf silicon has come a LONG way from the 
5ESS days, so the size factor will not be something to sneeze at).

Nah. Any such AWAC-type recon 'surveys' must be seeking out targeted 
information somehow. Perhaps there's some kind of electronic 'red dye' 
that allow a specific set of users' calls to stand out? Is it possible 
that 'interesting' landlines are dropped-and-continued on to some 
narrowcasting point for air? This might be their way of getting around the 
TIRKS and provisioning issues related to moving those lines a long 
distance, and possibly through multiple carriers (but then again, that 
just might be what DISAs' recently announced GIG-BE network is supposed to 
solve!)

-TD




From: Tim May <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] (David Wagner)
CC: [EMAIL PROTECTED]
Subject: SIGINT planes vs. radioisotope mapping
Date: Tue, 3 Jun 2003 17:28:09 -0700
On Tuesday, June 3, 2003, at 09:10  PM, David Wagner wrote:

Sampo Syreeni  wrote:
Rather it's the fact that the Big
Brother doesn't have the necessary total funds, and so doesn't listen into
a considerable proportion of calls as a whole.
Yet.

As far as we know.

:-)

I agree it's an economic issue, and law enforcement doesn't seem to
listen in on a considerable proportion of calls as a whole at the moment.
But what happens to costs in the future?  Remember, it takes 10 years
to get any change to the cellphone/telecommunications infrastructure
deployed, so it pays to think ahead.
By the way, what's the story with those SIGINT planes supposedly
advertised as being able to fly over a city and capture communications
from the whole metropolitan area?  John Young had a pointer on his web
site at one point.  Do you suppose they might snarf up all the cellphone
traffic they can find, en masse?  What proportion of calls would that be,
as a fraction of the whole?  One wonders whether your confidence in the
security of cellphone traffic is well-founded.
AWACS-type planes have long had the ability to act as "cell towers," so 
cell traffic is easily picked-up, if in fact they are doing this. 
Landline signals are vastly harder to pick up, and I doubt strongly that 
every minorly-radiating landline signal is being picked up.

Perhaps for very, very targetted signals, but not cruising over general 
cities, it seems likely to me.

I'm not sure of the context here, but in the past year there were some 
reports of planes circling over university campuses, and many were 
hypothesizing tha

SIGINT planes vs. radioisotope mapping

[Tim May]

On Tuesday, June 3, 2003, at 09:10  PM, David Wagner wrote:

Sampo Syreeni  wrote:
Rather it's the fact that the Big
Brother doesn't have the necessary total funds, and so doesn't listen 
into
a considerable proportion of calls as a whole.
Yet.

As far as we know.

:-)

I agree it's an economic issue, and law enforcement doesn't seem to
listen in on a considerable proportion of calls as a whole at the 
moment.
But what happens to costs in the future?  Remember, it takes 10 years
to get any change to the cellphone/telecommunications infrastructure
deployed, so it pays to think ahead.

By the way, what's the story with those SIGINT planes supposedly
advertised as being able to fly over a city and capture communications
from the whole metropolitan area?  John Young had a pointer on his web
site at one point.  Do you suppose they might snarf up all the 
cellphone
traffic they can find, en masse?  What proportion of calls would that 
be,
as a fraction of the whole?  One wonders whether your confidence in the
security of cellphone traffic is well-founded.
AWACS-type planes have long had the ability to act as "cell towers," so 
cell traffic is easily picked-up, if in fact they are doing this. 
Landline signals are vastly harder to pick up, and I doubt strongly 
that every minorly-radiating landline signal is being picked up.

Perhaps for very, very targetted signals, but not cruising over general 
cities, it seems likely to me.

I'm not sure of the context here, but in the past year there were some 
reports of planes circling over university campuses, and many were 
hypothesizing that SIGINT was being done on telephone and computer 
messages. This seemed unlikely to me.

I concluded--and posted on Usenet about my thinking--that some campuses 
may have been targeted for low-level gamma ray surveys. Kind of a gamma 
ray version of Shipley's "war driving" maps. Possibly for construction 
of baseline maps of existing radioisotopes in university labs, 
hospitals, and private facilities. Then deviations from baseline maps 
could be identified and inspected in more detail with ground-based vans 
and black bag ops.


--Tim May
"That the said Constitution shall never be construed to authorize 
Congress to infringe the just liberty of the press or the rights of 
conscience; or to prevent the people of the United States who are 
peaceable citizens from keeping their own arms." --Samuel Adams

RE: 'Peking' vs 'Beijing'

[Vincent Penquerc'h]

Title: RE: 'Peking' vs 'Beijing'





> And of course, "Beijing" is no harder to say that "Peking", 


About that bit, I remember, some years ago (or maybe even tens of
years, I seem to tend to remember various stuff happening later
than they actually did), the official transcription of chinese has
been changed, leading to some name changes.
However, a Google search yields nothing, so this may be just my
imagination going a bit too overboard ??


-- 
Vincent Penquerc'h 

Smart Bombs vs Smart Mobs.

[professor rat]

San Francisco shuts down city with best swarm demo tactics yet. Useful 
elsewhere? Yes!

Better than any 'organized march' that the police can block in and control. 
"Smart Mobs" are swarming fluidly to keep SF shut down. This is the best 
street tactic yet devised and highly useful for smaller groups (like in 
Seattle where they have 2-3000 marching). Read more: ---San Francisco 
Chronicle 
http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2003/03/21/TACTICS.TMP 
---IMC San Francisco http://sf.indymedia.org/ 
http://sf.indymedia.org/news/2003/03/1589288.php Reprinted lyrical: You 
have brains in your head You have feet in your shoes You can steer yourself 
Any direction you choose You're on your own. And you know what you know. 
And YOU are the one who'll decide where to go. You'll look up and down 
streets. Look 'em over with care. About some you will say, "I choose not to 
go there." With your head full of brains and your shoes full of feet, 
You're too smart to go down any not-so-good street Dr. Seuss

www.sfgate.com/cgi-bin/article.cgi?f=/c/... 

Re: US vs God?

[Harmon Seaver]

On Tue, Mar 25, 2003 at 10:04:00AM -0500, Tyler Durden wrote:
> 
> 
> Humm...I wonder if this book is encrypted?
> 
> 

   Duh! You've never heard of the Bible codes? Certainly the Old Testament is
encrypted.


-- 
Harmon Seaver   
CyberShamanix
http://www.cybershamanix.com
We are now in America's Darkest Hour.
http://www.oshkoshbygosh.org

hoka hey!

Thanatos vs Eros.

[professor rat]

Shrubs not in Spain is he? A serial killer has been dropping cards on the 
bodies of his victims.
War conquered sex yesterday and became the most popular search term in 
Britain, Internet provider Freeserve said.
A spokesperson for the telecommunications company said war in Iraq seemed 
to have grabbed the attention of Britons, lowering their libidos and their 
interest in Britney Spears and travel.
Freeserve is a unit of France Telecom's Wanadoo Internet company and tracks 
popular search terms for Internet search engines on a day-to-day basis.
Sex and related terms have long dominated the most searched for subjects on 
the net.

Social Revolution vs Totalitarian Statism.

[professor rat]

Equally important in the long run are the databases that will be created by 
the nearly spontaneous aggregation of scores or hundreds of smaller 
databases.  “What seem to be small-scale, discrete systems end up being 
combined into large databases,” says Marc Rotenberg, executive director of 
the Electronic Privacy Information Center, a nonprofit research 
organization in Washington, DC. He points to the recent, voluntary efforts 
of merchants in Washington’s affluent Georgetown district. They are 
integrating their in-store closed-circuit television networks and making 
the combined results available to city police. In Rotenberg’s view, the 
collection and consolidation of individual surveillance networks into big 
government and industry programs “is a strange mix of public and private, 
and it’s not something that the legal system has encountered much before.”
Managing the sheer size of these aggregate surveillance databases, 
surprisingly, will not pose insurmountable technical difficulties. Most 
personal data are either very compact or easily compressible. Financial, 
medical, and shopping records can be represented as strings of text that 
are easily stored and transmitted; as a general rule, the records do not 
grow substantially over time.

Even biometric records are no strain on computing systems. To identify 
people, genetic-testing firms typically need stretches of DNA that can be 
represented in just one kilobyte—the size of a short e-mail message. 
Fingerprints, iris scans, and other types of biometric data consume little 
more. Other forms of data can be preprocessed in much the way that the 
cameras on Route 9 transform multimegabyte images of cars into short 
strings of text with license plate numbers and times. (For investigators, 
having a video of suspects driving down a road usually is not as important 
as simply knowing that they were there at a given time.) To create a 
digital dossier for every individual in the United States—as programs like 
Total Information Awareness would require—only “a couple terabytes of 
well-defined information” would be needed, says Jeffrey Ullman, a former 
Stanford University database researcher. “I don’t think that’s really 
stressing the capacity of [even today’s] databases.”

Instead, argues Rajeev Motwani, another member of Stanford’s database 
group, the real challenge for large surveillance databases will be the 
seemingly simple task of gathering valid data. Computer scientists use the 
term GIGO—garbage in, garbage out—to describe situations in which erroneous 
input creates erroneous output. Whether people are building bombs or buying 
bagels, governments and corporations try to predict their behavior by 
integrating data from sources as disparate as electronic toll-collection 
sensors, library records, restaurant credit-card receipts, and grocery 
store customer cards—to say nothing of the Internet, surely the world’s 
largest repository of personal information. Unfortunately, all these 
sources are full of errors, as are financial and medical records. Names are 
misspelled and digits transposed; address and e-mail records become 
outdated when people move and switch Internet service providers; and 
formatting differences among databases cause information loss and 
distortion when they are merged. “It is routine to find in large customer 
databases defective records—records with at least one major error or 
omission—at rates of at least 20 to 35 percent,” says Larry English of 
Information Impact, a database consulting company in Brentwood, TN.

Unfortunately, says Motwani, “data cleaning is a major open problem in the 
research community. We are still struggling to get a formal technical 
definition of the problem.” Even when the original data are correct, he 
argues, merging them can introduce errors where none had existed before. 
Worse, none of these worries about the garbage going into the system even 
begin to address the still larger problems with the garbage going out.
People passing through Manhattan’s Times Square area leave a trail of 
images on scores of webcams and private and city-owned surveillance 
cameras. New York privacy activist Bill Brown compiled this map in 
September 2002.
The Dissolution of Privacy

Almost every computer-science student takes a course in algorithms. 
Algorithms are sets of specified, repeatable rules or procedures for 
accomplishing tasks such as sorting numbers; they are, so to speak, the 
engines that make programs run. Unfortunately, innovations in algorithms 
are not subject to Moore’s law, and progress in the field is notoriously 
sporadic. “There are certain areas in algorithms we basically can’t do 
better and others where creative work will have to be done,” Ullman says. 
Sifting through large surveillance databases for information, he says, will 
essentially be “a problem in research in algorithms. We need to exploit 
some of the stuff that’s been done in the data-mining community recently 
a