Re: Thank You !!!
* IF YOU WANT TRAFFIC TO YOUR SITE, YOU MUST READ THIS* I will be honest with you. I use a bulk e-mail program, which I got for free, to send about 100,000 e-mails per day to targeted lists that I also get for free "that's how I got your name." I became an affiliate of the largest free resource network in the world... for free as well. I go to work while my computer runs for about an hour. Do you know how much MONEY there is doing what I am doing??!! YOUR SEARCH IS OVER !!! + These People Request To Receive Offers Like Yours !!! + We Have Over 1.5 MILLION SUBSCRIBERS and Growing Every Day !!! *HUGE FREE RESOURCE *100% LEGAL OPT IN E-MAIL ADDRESSES *EARN WELL OVER 6 FIGURES YOUR FIRST YEAR !!! *POST YOUR AD ON THOUSANDS OF FREE FFA AND CLASSIFIED PAGES *HUGE COMMISSIONS ON CLICK THROUGHS AND SALES *WE WILL MAKE YOUR BUSINESS OUR PROGRAMS GUARANTEE 1,000 HITS PER DAY $$ NO OTHER FREE RESOURCE COMPARES TO OURS $$ +FREE BULK E-MAIL SOFTWARE +MILLIONS OF FREE OPT-IN E-MAIL ADDRESSES +SUBMIT TO THOUSANDS OF SEARCH ENGINES FREE +TRACK YOUR POSITION ON MAJOR SEARCH ENGINES +FREE MARKETING TRICKS AND TIPS +THE LIST GOES ON AND ON !!! ###DON'T MISS OUT !!! ### For Complete Access to The Largest, Free Resource in The World, Click The Link Below !!! http://emailsgalore.8k.com You have requested to receive targeted information and solicitation by business' conforming to the "Business Opportunity" category of the OneMillionEmails Network. Your subscription expires on 07-12-00. To unsubscribe and be permanently removed from our mailing system, kindly reply to this e-mail with the words "REMOVE ME" in the subject line. Your address will be removed upon receipt.
Re: Anarchy Eroded: Project Efnext
-- At 10:17 PM 12/30/2000 -0800, Eric Cordian wrote: Note that the two things IRC really needs, end to end encryption and authentication, are not even on the list of "improvements" these people are working on. Is there a forum where it is appropriate to discuss such improvements? The average IRC user will never grok the concept of a public key, but we could have public key's on an IRC server, with the ordinary user using a SPEKE like password system to gain access to a secured channel and a secured identity. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG HpLONWYXEqbaFaw3bKJmjhbFeLzMkIrkLaH9CPYW 4z1W/NcDGlPFqVhKdMx79FgbH147U7C6akoj2OQGh
Re: Anarchy Eroded: Project Efnext
Jim Choate writes: A typical citizen-unit will quickly trade a large amount of privacy for a small amount of convenience. That begs the question and misrepresents reality to a good degree. People take the choices they think they have, usually those choices are made available by the party that is operating the service the consumer will use. So, there is usually very little say for the consumer other than yes/no. This is not the fault of the consumer, it's the fault of the producer. In their drive to gain a significant share of the market (something which goes against free market economy by the way) they will reduce the number of combinations they must offer (reduces cost). I see some interesting science here. Permit me to explain. One of the unchallenged inerrant doctrines of crypto-anarchy has been that highly redundant widely distributed services are immune to attack. Indeed, things like BlackNet are made possible because they can use such services (eg alt.anonymous.message) as their underlying transport mechanism. Now we see a network of 33 servers being assimilated to a new way of doing things. How could this be? Perhaps there are some flaws in our analysis of highly redundant widely distributed networks. Perhaps by looking at Efnext, we might see what they are. Flaw number one is that the servers in most networks are not equal. Most Networks are star networks, and most of the nodes are leaf nodes. Leaf nodes are at the mercy of their hubs. Where the hubs go, the leaves will follow. Flaw number two is that it is far more prestigious to run a hub than a leaf. Given the choice of having ones own Enamelware Factory under the new Reich, or being reduced to a delinked leaf, most server operators will swallow their pride and go with the herd. Flaw number three is that once the herd starts moving, it is very difficult for individual sheep to make their views known, and almost impossible for them to push the herd in a different direction. Also, the trading of privacy and autonomy for convenience is a new threat model we have not considered in the context of highly redundant widely distributed networks. Here we have EFNet en masse giving up the old way of doing things. En masse. "Voluntarily." And what is their motivation? Impending government legislation? Janet Reno's tanks rolling on the locations of all 33 IRC Servers? A court order, which threatens indefinite jailing for non-compliance? No, it's none of these things. It's some people who have gone off and written some mods to ircd which make running a server less of a headache. So the lesson here is that there is a "better software" attack on highly redundant widely distributed server networks, and that entire networks will trade control of their servers and allow changes to fundamental protocols, in return for new "singing and dancing" code. Certainly, Usenet is also vulnerable to such an attack. Most news admins I know would give their left nut for a life free of spam. His argument is something like this: - The organization is changing the way it operates through a process that is representative and doesn't require participation by any party against their will. Much in the same sense that it is "voluntary" for an individual in the top 1 percentile on IQ and Achievment Tests to get a high school diploma. However, try being allowed to flip burgers without one, regardless of your actual talent. Making people "part of the process" is one of the first things one learns in management. How to simultaneously make sure they have zero chance of actually altering what you have planned for them is the second thing. They already are, and have been for years. Usenet is another service that could use some sort of p2p datahaven environment. This should be one of the Cypherpunk 'target projects'. Uh, right. Let us know when you have working code. -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law"
Re: Anarchy Eroded: Project Efnext
On Sat, 30 Dec 2000, Eric Cordian wrote: Jim Choate writes: So much for belief in free markets. You realise that there is nothing that requires servers to install this, or cease using the old network? Note that the two things IRC really needs, end to end encryption and authentication, are not even on the list of "improvements" these people are working on. I think that if you have authentication, what you wind up with is not really IRC-like. I would like to see pseudonymous authentication (ie, each nick would have a key for signing and be able to prove they were the same person who last had that nick) but if you just say "authentication" these powers are going to think in terms of keeping out anybody whose True Name they don't know. I can see crypto helping keep things between the clients and the servers with an asymmetric encryption scheme; somebody would provide the server's public key when logging on, the server would use their public keys to send them stuff, and nobody could suss out the network packets. Of course, people could still just run clients if they wanted to know what folk were saying, but with crypto they couldn't packetsniff to backtrack to the source very easily. (Jim Choate Quoting Adam J Herscher) ,So what are my options at this point? Well, I can link to their network, or I can decide not to. If I decide not to, I will remain with a group of unwanted leaf servers with no hubs. So the question becomes, how difficult is it for someone to set up an IRC hub? The answer is not very. I've got the software on my SuSE box -- I shut it down when I was starting to harden it, but when I first connected it to the net it was ready to function as an IRC host -- and if I'd typed the names of other IRC hosts into a config file it would cheerily have acted as an IRC hub. The old-style IRCies are going to need to set up a few new hubs, but I don't think this is going to kick them off the network entirely. It's just going to create a new IRC-like protocol and convert some existing IRC nodes to run it. The danger of course is that programmers are going to abandon "normal" IRC protocol. If they quit developing new software for IRC hosting and linking, or if the software for the new protocol is substantially easier to use and slicker, then people who make Linux distros are going to quit packaging old-style IRC hosts, people who keep download sites will take them down and put up "the new version", etc. It would indeed be unfortunate if all controversial IRC traffic ended up being carried by isolated IRC servers, akin to remailers, whose admins were under constant attack, and which came and went on a daily basis. Ugh. I think that's where this plan is pointing. I anticipate that if Efnext pulls off this "Conform or be Delinked" exercise, people will be setting their sights on Usenet as the next thing that needs "fixing." I anticipate that if IRC and/or Usenet are "fixed", then there will be a much stronger motive for people at large to create analogous protocols to IRC and NNTP with encryption and strong guarantees of privacy. But they're going to have to be pure peer-to-peer protocols, so there is no "server backbone" that concentrates power in a few coercable hands. Fortunately, I think the connectivity model is robust enough now -- it wasn't, back when NNTP was created -- to go fully peer-to-peer on netnews transfer. Hmmm. There may even be a niche in this new ecology for a network standards body composed completely of pseudonymous individuals, to help create and standardize network protocols for the underside of the net. Bear
Re: That 70's Crypto Show (Remailers, science and engineering)
On Fri, 29 Dec 2000, Greg Broiles wrote: But - several, if not many times - the security we've achieved has been broken, because of implementation errors on the part of creators, installers, or users. That's right - that's part of the fact that cryptographic engineering (as opposed to "cryptographic science") is still in its infancy. This is the downside of the current approach, which focuses on getting the protocol right first, and only later considers the "real world." Bruce Schneier had another way of putting it - something along the lines of "The math is perfect, the hardware is so-so, the software is a mess, and the people are awful!" (not an exact quote, but I remember it from one of his DEF CON speeches). That being said, there is some benefit to considering the protocols in an ideal, polite model - because in the past we haven't even been able to get security in *that* model. So in some sense this is a case of "publishing what we can prove." It's only comparatively recently that we've had protocols which we can prove secure, even in weak models -- the first real definitions of security from Yao, Goldwasser and Micali, and probably others weren't until the early to mid 1980s. Truly practical cryptosystems which meet these definitions of security didn't arrive until the 1990s. (Some would argue that they still aren't here - Bellare and Rogaway's Optimal Asymmetric Encryption Padding (OAEP) satisfies a strong definition of security, but only if you buy the "random oracle assumption.") Now on the "science" side we can and should extend the model to deal with more of the real world. You might find the recent paper I posted a link to by Canetti interesting - he sets out to deal with an asynchronous network with active adversaries. I didn't see torture included yet, but maybe next version. Birgit Pfitzmann and Michael Waidner are considering something called "reactive systems" which may also yield results. http://citeseer.nj.nec.com/297161.html On the engineering side -- well, there's a long way to go. Ross Anderson has a new book coming out which may help a little bit. http://www.cl.cam.ac.uk/~rja14/book.html The fact remains that I don't think we have enough experience implementing protocols beyond encryption and signatures. At least not on a wide scale. Take digital cash and voting protocols as an example. Digital cash has been implemented and re-implemented several times. It's even had a "live" test or two. But how many people have managed to buy something tangible with it? and how does that compare to the amount cleared by credit cards? Electronic voting seems to be on the upswing - at least with votehere.com and the recent election debacle hanging over our heads. Still, who has implemented, tested, and deployed a truly large-scale voting system based on cryptographic protocols? The one which comes to mind is the MIT system built on the FOO protocol - and while that *works* (modulo operator error), that's only a few thousand undergrads. It's at times like this that I wish I knew more about formal verification of protocols... Consider the computing power assembled for the DES or RC5 cracks, instead applied to dictionary attacks versus a PGP keyring, or SSH keyfile. How long until the average user's passphrase is recovered? If the passphrase is in the dictionary, nearly no time at all. Some take this to mean that now we should write passphrases down, and use the opportunity to pick long random ones unlikely to be in any dictionary... -David
Re: Anarchy Eroded: Project Efnext
Jim Choate writes: So much for belief in free markets. You realise that there is nothing that requires servers to install this, or cease using the old network? A typical citizen-unit will quickly trade a large amount of privacy for a small amount of convenience. Sheeple-shearing is never so successful as when it's "voluntary." Note that the two things IRC really needs, end to end encryption and authentication, are not even on the list of "improvements" these people are working on. A little over a month ago, Adam J Herscher wrote a lovely little rant on Efnext, and rather than reiterate points which he made more articulately than I could ever hope to, let me simply paste chunks from his message to EFNet opers and admins. "The way that this is being implemented is simply unfair. They're supporting themselves with the argument that since every EFNet admin will be approached, it is fair - yet they easily admit that there will be a network split and that there is no other way to do it. Well, at this point, let's take a look from the admin being approached perspective. I am an EFNet admin, and approached by a group of people that tell me they have a great solution to fix the network. They tell me that I'm welcome, and my opinions will be heard (though I have no -official- voice/vote - yet), as long as I change my server to meet requirements not officially approved by anyone. That is, I will need to run new code, open my I:lines, possibly add more opers, possibly resign as admin and allow a new one to take over (again no server names mentioned, but I have specific ones in mind - and no, not my own - a list of servers that were discussed as not being allowed to link without conforming was actually posted). So what are my options at this point? Well, I can link to their network, or I can decide not to. If I decide not to, I will remain with a group of unwanted leaf servers with no hubs. And yes, I mean unwanted by them - if you haven't been approached by them yet others were months ago, why do you think this was? Perhaps because you wouldn't go along 100% or keep quiet? Essentially this process is "conform or be delinked" - because it's obvious at this point that if the major EFNet hubs and client servers go, you will be left delinked - their idea of a network split." It seems to me the 'cypherpunkish', 'libertarian', 'anarchic' thing to do is to promote the growth of individualy operated servers other than those on ISP's (who will have a motive to drop the old system and use the new system - just another example of why libertarian/economism is not sufficient in and of itself for a basis for society - they have no motive to protect the individual, only the 'market'). It would indeed be unfortunate if all controversial IRC traffic ended up being carried by isolated IRC servers, akin to remailers, whose admins were under constant attack, and which came and went on a daily basis. I anticipate that if Efnext pulls off this "Conform or be Delinked" exercise, people will be setting their sights on Usenet as the next thing that needs "fixing." -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law"
Re: The Cost of Natural Gas [was Re: The Cost of California Liberalism]
Tim May [EMAIL PROTECTED] I said "at certain times of the year." British Columbia is tied by treaty arrangements (Columbia River Treaty, 1961) to the Bonneville Power Administration (BPA), and is, VERY SIGNIFICANTLY, now part of same grid that is the ISO, the Independent System Operator, mostly based in California. Read the following and weep for your beloved Canadian independence: http://dailynews.yahoo.com/h/nm/20001208/ts/california_power_dc_3.html The independence is not an issue to most Western Canadians. We are a subservient bunch to Eastern Canada as it is now. Central Canada is where the money and power is seated and the way Canada is setup it will always be that way. Being independent or joining the USA is a subject which is often mentioned in Western Canada. Another purpose served by your Electoral College is that it gives each senator in a state a vote. This helps even out the power between major population centers and those states with low populations. Couple this with your senate and you have a system which balances geographical related issues against that of major population centers. Most Western Canadians would prefer such a system. Back to the main subject, what are your numbers for exports of power from the American Northwest to the Canadian Southwest? I am told by the powers that be that the number is negative. Again you would have to travel this area to understand how the environment has been altered in the name of energy production. Virtually Raymond D. Mereniuk [EMAIL PROTECTED] "Need Someone To Tell You What To Do?" FBN - The Consultants http://www.fbn.bc.ca/consultg.html
Re: Anarchy Eroded: Project Efnext
On Sat, 30 Dec 2000, Eric Cordian wrote: Unknown to much of the Internet, there is a plan brewing to "upgrade" Efnet, the primary IRC network, to something called "Efnext." Server software is being rewritten and tested. Efnet server admins have been contacted and promises to move to the new network during a "transition period" exacted. People who won't play ball have been identified, and plans to delink them and not connect them to the new regime fabricated. Something I don't see much of on the efxnet page - "why?" This is in the FAQ: "EFNext is the name of a project geared towards making IRC a more stable, uniform, chat environment." and they say "introductory document coming soon." I still don't know why this is happening (I don't hang out on EFnet). What do the efxnet people give as their reasons for a new IRC network? -David
Re: The Cost of Natural Gas [was Re: The Cost of California Liberalism]
For those who care, take a look at http://www.nytimes.com/2000/12/10/opinion/10KRUG.html which is an op-ed piece by an MIT Economics prof. describing the California situation in the same terms I have. He cites a paper which in turn cites evidence that artificial shortages were previously created in the UK (1996) and California (1998 1999). Unfortunately no detail, but it is more than just random conspiracy theory. While no doubt a good number of the readers of this list will consider him to be a Communist from the People's Republic of Cambridge, perhaps most will at least admit he knows more than basic economics 101. Even if you don't care about natural gas or California's deregulation brownout, it is a good example of why "free" markets, economies, societies, etc. don't really work.
Re: The Cost of Natural Gas [was Re: The Cost of California Liberalism]
-- For those who care, take a look at http://www.nytimes.com/2000/12/10/opinion/10KRUG.html which is an op-ed piece by an MIT Economics prof. describing the California situation in the same terms I have. He cites a paper which in turn cites evidence that artificial shortages were previously created in the UK (1996) and California (1998 1999). unfortunately no detail, but it is more than just random conspiracy theory. He describes the california system as "deregulated", but the fact that it takes many years to get permission to build a power plant -- that it takes longer to get permits than to actually build one, is undoubtedly a contributing factor to the crisis. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG JXy269kdEdLHKEQ2b/5GVMHAZPjYHXf7xg8R1IyY 44A7PM67XbbrgFVYUWSF3uYbJ6dBoiZ6gwM+yy4xp
Re: The Cost of Natural Gas [was Re: The Cost of California Liberalism]
At 2:37 PM -1000 12/29/00, Reese wrote: At 03:33 PM 12/29/00 -0500, [EMAIL PROTECTED] wrote: Looking at the queue of plant requests within California they also seem to be obsessed with building them in highly populated areas. Easy commute for the workers, and a large pool to draw workers from? Most of the proposed new plants are very, very small. Nearly all in populated areas are natural gas-fired plants, with minimal-to-zero burden on the local environment. For example, a couple of such small plants have been built in the San Jose area in recent years. Environmentalists even favor building such a plant over letting Cisco expand, to name a recent newspaper issue. What these new plants ARE NOT is the kind of large nuclear plant comparable in size to the highly successful Diablo Canyon Nuclear Power Station. That plant was completed more than 15 years ago. It is in an unpopulated area, between Half Moon Bay and Pismo Beach, and west of San Luis Obispo. A similar plant was once planned for Bodega Bay, northwest of San Francisco, but it was blocked by tree huggers in the early 70s. Another consideration, for building closer to where the demand is. These are self-evident considerations. Especially for the "micro plants" described above. Economies of scale, etc. --Tim May -- Timothy C. May [EMAIL PROTECTED]Corralitos, California Political: Co-founder Cypherpunks/crypto anarchy/Cyphernomicon Technical: physics/soft errors/Smalltalk/Squeak/agents/games/Go Personal: b.1951/UCSB/Intel '74-'86/retired/investor/motorcycles/guns
Re: That 70's Crypto Show (Remailers, science and engineering)
On Wed, 27 Dec 2000, Bill Stewart wrote: fewer talks on new stuff people are doing and more on some commercial business (maybe or maybe not run by cypherpunks) doing their product or non-technical talks by EFF lawyer types. I'm in the midddle of composing a reply to Tim's message (which is getting bigger every time I sit down to finish it, ominously enough). One of the points that has popped into my mind so far is that while we've had academic crypto research since the 80s, thanks to Rivest, Shamir, Aldeman, Diffie, Hellman, and others willing to defy the NSA, we have _not_ had a similar tradition of commercial cryptography - or at least, not a tradition of companies obtaining money for cryptographic *protocols* as opposed to ciphers. It seems to me that it took a long while for people to even recognize that there was more to cryptography than secrecy. Maybe it happened quickly in academia, but it doesn't seem to have filtered out quickly (and then there's still the chilling effect from export controls). This is one of the reasons why the early Cypherpunk work is so damn important -- it showed the amazing, powerful things you can do given cryptography and a little cleverness, and it did so to a (comparatively) wide audience! Even after "everyone" knows that you can do, say, cryptographic voting, there's still the question of "who's going to pay for it?" That question seems to have found a partial answer with the Internet/Web/"e-commerce" frenzy. The thing is, that is *new*, only 4 or 5 years old. Before, you could go out and say "I want to go commercialize neat protocol X," and good luck to you...today, you might get funding. Until you get that funding, you can't start the engineering work that's required to take a protocol from the "cool CRYPTO paper" stage to the "real world product." Before Tim jumps on me, yes, I know there were early electronic markets, and yes, electronic trading was around before the Web. Yes, these could have been viable markets for digital cash, fair exchange protocols, whatever. Even electronic voting could and did get started earlier (though not using cryptographic techniques AFAIK) I do not dispute this! It simply seems to me that the climate today has the possibility of demand for such protocols (and more) on a wider scale than previously. of crypto out of math and CS areas and into engineering. Mojo Nation, for example, is partly interesting because it's not just Yet Another Encrypted Music Sharing Product - it's mixing the crypto with economic models in ways that are intellectually complex, even if they're somewhat at the hand-waving level rather than highly precise. Maybe it will force smart people to move the mix from the hand-waving level to something highly precise. Insh'allah. Cool. Are the proceedings on line anywhere? (Or is it only for people who know the secret keys...) The 2nd and 3rd are, via Springer-Verlag LINK service. Tables of contents are free; you should be able to recover the papers from their authors' home pages (use Google!). If you can't find something, e-mail me. Page for past proceedings: http://chacs.nrl.navy.mil/IHW2001/past-workshops.html Page for IHW 2001: http://chacs.nrl.navy.mil/IHW2001/ Unfortunately, the TOC for the first IHW is not online, nor do the papers seem to be available. You can extract the papers from Petitcolas' bibliography at http://www.cl.cam.ac.uk/users/fapp2/steganography/bibliography/index.html and may be able to get some of the papers that way. I note a previous message from Hal Finney which has some links as well http://www.inet-one.com/cypherpunks/dir.1997.05.15-1997.05.21/msg00298.html (I haven't tried them) I should state up front that the workshops are a little heavy on watermarking papers, which may not be of too much interest to cypherpunks. The papers on breaking watermarks, on the other hand, may be of more interest. :-) On the other hand, we can oppose this to the fact that we have a bunch of remailers, and they seem to work. They may be unreliable, but no one seems to have used padding flaws to break a remailer, as far as we know. Arrgh! Dave, just because nobody's known to have broken them doesn't mean that nobody's succeeded in breaking them (without us knowing they've succeeded), [snip a well-deserved beating] Well, this is what I get for trying to moderate myself. Everything you say is correct - of course. I actually agree with you! I mentioned this because I wanted to avoid playing the part of a "theoretical Cassandra," which is something I do too often. (In fact, if I'm not mistaken, that's part of what Tim's response about different adversary models attempts to speak to - the fact that traditional cryptographic models assume a maximally powerful adversary, while we might want a finer grained hierarchy of adversaries and their effects...) -David
Re: That 70's Crypto Show (Remailers, science and engineering)
On Wed, 27 Dec 2000, Bill Stewart wrote: There's some hope. There was a workshop on "Design Issues in Anonymity and Unobservability" this past summer which brought people together to talk about these issues. The Info Hiding Workshops are still going strong. With luck, this year's IHW may have a paper on reputations in it... Cool. Are the proceedings on line anywhere? (Or is it only for people who know the secret keys...) Uh, it just occurs to me that I may have misread you. The Design Issues in Anonymity and Unobservability is currently being turned into Springer-Verlag LNCS 2009. So the proceedings aren't online as a whole yet (indeed, we just submitted our final final draft two weeks ago). You can find a list of papers at http://www.icsi.berkeley.edu/~hannes/wsprogram.html our paper is at http://www.freehaven.net/doc/berk/freehaven-berk.ps and searching for authors' home pages or e-mail may reveal other papers. -David
Re: That 70's Crypto Show (Remailers, science and engineering)
On Thu, 28 Dec 2000, Tim May wrote: At 3:56 AM -0500 12/28/00, dmolnar wrote: I'm in the midddle of composing a reply to Tim's message (which is getting bigger every time I sit down to finish it, ominously enough). Sounds good to me! One of the points that has popped into my mind so far is that while we've had academic crypto research since the 80s, thanks to Rivest, Shamir, Aldeman, Diffie, Hellman, and others willing to defy the NSA, we have _not_ had a similar tradition of commercial cryptography - or at least, not a tradition of companies obtaining money for cryptographic *protocols* as opposed to ciphers. Not enough energy by half has been focused on protocols. I think there's probably a good set of programs to be written here. Basically, I'm thinking in terms of the old unix philosophy -- "A good program does exactly one thing, and does it well.". If somebody designs a good set of command-line programs, which produce output usable by each other so that they can be piped together in useful ways on a unix command line, then protocols should be easy to implement as shell scripts. But a proper building block would have to be scriptable from the word "go." You'd have to fix it so that anything it could do, at all, it could do "in a straight run". A command line, a command file, whatever. And you'd have to do it so your keys didn't wind up in unencrypted batch files. Maybe a reference to keys' locations in an encrypted file system would be what went on the command line. Such energy as has been focused on protocols has been at the level of applications -- basically fixing them in source code so the users can't as easily pick them apart and stick them back together again different. Hmmm. More later. Some ideas are percolating through my head but they're not very well developed. Bear
Re: The Cost of Natural Gas [was Re: The Cost of California Liberalism]
Tim May [EMAIL PROTECTED] wrote Lost on your typically smug Canadian analysis has been any objective analysis of markets for power. Do you know, for example, that California as a state is a _net exporter_ of power to the Northwest and especially to Western Canada at certain times of the year? In the fall and winter, in fact, when hydroelectric generation rates in BC and Washington are reduced. I don't know where you get your information but I doubt your statements. California is a net exporter of power is suspect, lets see the details here. BC never imports power! You must travel around this place and then you will understand, every major water way is blocked and producing power. Couple this with the low population and you have low demand. The Bonneville Power Authority (BPA) is required to return downstream benefits to BC but this has nothing to do with our requirements. It is payment for the water management services supplied to their power generation system. Any power returned to BC is probably promptly exported. On this angle you are wrong, BC is a net power exporter in both electrical and natural gas realms. In your kind of lingo, "British Columbia failed to build enough new plants." BC has not built new power plants in a long time. There is so much supply here that it was official policy to discourage any co- generation or alternative electrical supply development. Markets are not simple. Prices rise, prices fall. To claim that California is now the primary cause of your higher heating costs, boo-hoo, is childishly naive. Yes markets are not simple which is probably the reason you fail to see the California component in the current situation. The energy market doesn't lend itself to Economics 101. If a power generating utility had built new power plants and commited to a fuel supply (and the accompanying infrastructure) the likelihood of unexpected prices increases would be much lower. See above. Childishly naive. Sorry, this is where you are showing your Childishly naive understanding of the energy business. In the energy business (natural gas wise) if you commit to the supply and build infrastructure you get lower prices. I re-state my initial premise, Californians have a lot to learm about energy economics! If you don't commit, you pay more! Raymond D. Mereniuk [EMAIL PROTECTED] History of a Telco, A Fairy Tale http://www.fbn.bc.ca/telcohis.html
Re: Copy protection of ordinary disk drives?
Brian Lane wrote: The only way they can make this even begin to work in the marketplace is to force manufacturers to stop producing uncontrollable drives. I wouldn't be suprised if there was an amendment to enact this waiting to attach itself to an obscure bill in Congress. Or maybe I'm just being paranoid? G you're not. we've seen it happen with CSS. all they need is an opportunity to push it. maybe some "enhanced" hard-drive that has higher storage capacity, or lower seek times, or whatever other marginal advantage that the whole scam can be attached to.
Re: Evil Copy Protection vs. Good Crypto-Capable Objects
Bill Stewart wrote: Music Hoarders have a somewhat harder problem, in that they want to copy-protect information while providing near-identical copies to large numbers of people, while you're more likely to want to provide your personal transaction information or private messages only to a small number of recipients - but you may still want some kind of watermarking to identify who sold your "private" information to somebody you didn't authorize. putting watermarking aside, this is the core. the normal use for encryption is to make sure only a few people can access the information. the movie/record/content "protection" purpose is not, you still want to distribute your stuff high and wide, to as many people as possible. you can say "authorized access" in both cases, but it has a different meaning. both "root" and "ftp" ask for a password when you log into the FTP server, but they're hardly on the same level. therefore, software (and hardware) does and needs to work differently in these cases. you don't use PGP for DVDs, you invent CSS. I do think these things are farther apart than they appear. what it boils down to is that the "protection" scheme doesn't seriously want to stop anyone accessing the content. what it really wants is to make sure he's following the rules (such as paying a fee). this is more an authorization/permission system than an encryption one.
Re: nambla
www.rcmp.ca Most LEOs are among their most supportive members. They troll mailinglists for membership and often supplement their income by blowing little boys for lunch money On Tue, 26 Dec 2000, Paul Coleman wrote: is there a group in canada? -- Pardon me, but you have obviously mistaken me for someone who gives a damn. email [EMAIL PROTECTED]
Re: The Cost of Natural Gas [was Re: The Cost of CaliforniaLiberalism]
At 11:22 PM -0800 12/26/00, Raymond D. Mereniuk wrote: Tim May [EMAIL PROTECTED] wrote Lost on your typically smug Canadian analysis has been any objective analysis of markets for power. Do you know, for example, that California as a state is a _net exporter_ of power to the Northwest and especially to Western Canada at certain times of the year? In the fall and winter, in fact, when hydroelectric generation rates in BC and Washington are reduced. I don't know where you get your information but I doubt your statements. California is a net exporter of power is suspect, lets see the details here. I said "at certain times of the year." British Columbia is tied by treaty arrangements (Columbia River Treaty, 1961) to the Bonneville Power Administration (BPA), and is, VERY SIGNIFICANTLY, now part of same grid that is the ISO, the Independent System Operator, mostly based in California. Read the following and weep for your beloved Canadian independence: http://dailynews.yahoo.com/h/nm/20001208/ts/california_power_dc_3.html For example, "`We're about to find out next week just how interconnected the Western grid really is,'' Patrick Dorinson, spokesman for the California Independent System Operator (ISO) told Reuters. "The ISO operates about 75 percent of the California power transmission grid, the biggest part of a network of high voltage lines that spans from northern British Columbia to the northwest Baja California and as far east as the Rocky Mountains. " Between the Columbia River Treaty power-sharing and the Western Grid, it's all one main grid. Importantly, my point that California exports power _at certain times of the year_ is covered in the material below: For example: http://biz.yahoo.com/rf/001205/n05491394.html "CONCERNS OVER NORTHWEST SUPPLY CRUNCH The crisis has now spread to the northwest states of Washington and Oregon, where electricity is often used for heating. Those states export power to California in summer to help it meet its load but flows reverse in winter as heating demand grows in the northern states. ... ``We have always taken for granted that California will help out the Northwest in winter as we help them in summer,'' saidDulcy Mahar, spokeswoman for the Portland, Ore.-based Bonneville Power Administration, noting the Northwest is hoping that Canada will be able to provide some help in an emergency." and from http://nepa.eh.doe.gov/eis/eis0171/0171chap3.htm "The peak load demands of the Pacific Northwest and California occur at different times. The Pacific Northwest peak demands occur in the winter, and California's peak demands occur in the summer. During the summer, the hydro-based Pacific Northwest and BPA systems tend to have excess capacity, which can be used to help meet California's summer peak demands. California's thermal-based system tends to have excess capacity in the winter, which can help the Pacific Northwest meet its winter peak. Full use of both systems can reduce the need for new resources in each system. BPA currently has several seasonal energy and capacity for energy exchange contracts in effect with a number of California utilities. Sorry, this is where you are showing your Childishly naive understanding of the energy business. In the energy business (natural gas wise) if you commit to the supply and build infrastructure you get lower prices. I re-state my initial premise, Californians have a lot to learm about energy economics! If you don't commit, you pay more! --Tim May -- Timothy C. May [EMAIL PROTECTED]Corralitos, California Political: Co-founder Cypherpunks/crypto anarchy/Cyphernomicon Technical: physics/soft errors/Smalltalk/Squeak/agents/games/Go Personal: b.1951/UCSB/Intel '74-'86/retired/investor/motorcycles/guns
Re: That 70's Crypto Show (Remailers, science and engineering)
Tim May wrote: In other words, it's time to get crypto out of the math and computer science departments and put it in the engineering departments where it belongs. Tim's complained for a while that the cypherpunks meetings and discussions have declined in quality, partly because we've tended to rehash old material rather than doing new and interesting work, and partly because we've tended to have fewer talks on new stuff people are doing and more on some commercial business (maybe or maybe not run by cypherpunks) doing their product or non-technical talks by EFF lawyer types. While I'm not disagreeing with him here, I think a lot of this is _precisely_ related to the movement of crypto out of math and CS areas and into engineering. Mojo Nation, for example, is partly interesting because it's not just Yet Another Encrypted Music Sharing Product - it's mixing the crypto with economic models in ways that are intellectually complex, even if they're somewhat at the hand-waving level rather than highly precise. At 02:42 AM 12/26/00 -0500, dmolnar wrote: There's some hope. There was a workshop on "Design Issues in Anonymity and Unobservability" this past summer which brought people together to talk about these issues. The Info Hiding Workshops are still going strong. With luck, this year's IHW may have a paper on reputations in it... Cool. Are the proceedings on line anywhere? (Or is it only for people who know the secret keys...) On the other hand, we can oppose this to the fact that we have a bunch of remailers, and they seem to work. They may be unreliable, but no one seems to have used padding flaws to break a remailer, as far as we know. Arrgh! Dave, just because nobody's known to have broken them doesn't mean that nobody's succeeded in breaking them (without us knowing they've succeeded), or that anybody's put serious effort into an attack. The basic remailer network is known to be breakable by anybody doing a thorough eavesdropping attack, because you can learn a lot from message sizes. Mixmasters are much safer, because message sizes are constant (though message counts aren't), but it's not clear whether they're good enough, given a good attack. Pipenets are probably secure enough against most attacks, but they're annoying economically - not surprising that Zero Knowledge's initial service didn't fully implement them. The reason remailers have been Good Enough so far is that as far as we know, nobody's had the motivation to do a proactive eavesdropping attack on them, or a proactive deployment of untrustworthy remailers the attacks have either been after-the-fact attempts to get information that wasn't logged (they're strong enough for that, if run by trustable people on uncracked machines), or proactive attempts to close the remailers (many of those attacks have been successful.) Small numbers of remailers (there are typically about 20) aren't good enough to resist shutdown-forcing attacks. The cool thing about Zero Knowledge was that they had a business model they thought could get large numbers of service providers to support, which increases the security against loss of individual remailers as well as reducing the likelihood of an individual remailer shutting down. Thanks! Bill Bill Stewart, [EMAIL PROTECTED] PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Re: That 70's Crypto Show (Scalability and Napster)
At 02:42 AM 12/26/00 -0500, dmolnar wrote:
More than that, if the "tragedy of the commons" really happens for
Gnutella and Napster and friends, then people will look for ways to avert
it. Maybe it won't happen ("The Cornucopia of the Commons"), but if
it does, reputation systems might see some sudden interest.
Napster itself suffers from tragedy of the inadequate business model,
since it relies on centralized servers with no visible means of
support (other than the "with 20 million users we should be
able to get revenue _somewhere_") and a potential for
exponential growth in their legal costs if they get any revenue.
They do have a problem related to tragedy of the commons,
which is a need for servers that are bigger than the
biggest individual servers they currently support,
and a technology that doesn't scale as well as they'd like,
though some parts of it scale extremely well and the
next level of bottlenecks are still good enough for
pirating music, with users sharing music in communities of
a few hundred thousand, if not good enough for six billion users.
I suspect the next layer of scalability could be handled
adequately by some good engineering, though perhaps it needs
Real Computer Science, but without a good funding model
it's not likely to get done. The current model does seem
to port well to the Open-Servers-Not-Run-By-Napster model -
volunteers can run medium-sized servers because the
first level of scalability design was well done,
and as with Napster-run servers, it's close enough for
pirate music, though it doesn't let you find
everything on the distributed net.
Less Napster-like systems with decentralized servers
have to address scaling problems as well.
Some of them tie their metadata and their transmission methods
together closely; some split them apart better.
Gnutella sounds like it's in trouble - too much needs to
be online, and the original designs can't handle a large number
of requests if there are people with slow connections on the net.
It's kind of like tragedy of the commons where the commons is
small and everybody has to walk their sheep in single file,
so the slowest or dumbest sheep become a bottleneck for everyone else.
Freenet paid more attention to scaling in its design -
it's easy to retrieve stuff if you know where it is,
or to find stuff if it's relatively near you,
and it can cope with not being able to find everything -
On the other hand, it may be harder to find the stuff you want.
On Mon, 25 Dec 2000, Tim May wrote:
In other words, it's time to get crypto out of the math and computer
science departments and put it in the engineering departments where
it belongs.
Some of this may be computer science, some is engineering,
some is just counting stuff :-) Some problems, like scalability
or understanding don't-use-the-same-key-twice attacks on RC4,
are Science the first time you learn them, but they're just
engineering after a while, the way understanding the relationship
of the tensile strength of material to its molecular structure
is science, but designing a bridge so that it doesn't overstress
any of its beams is engineering, and taking occasional samples of bolts
and destructively testing them to make sure they've got the
tensile strength they're supposed to is engineering or maybe
just business practice (depending on whether you're doing it
to make sure your bridge will perform the way you want or
to make sure your suppliers aren't ripping you off.)
Thanks!
Bill
Bill Stewart, [EMAIL PROTECTED]
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Re: That 70's Crypto Show (Re: Dude! It's wired!)
On Tue, Dec 26, 2000 at 10:38:36AM -0800, Tim May wrote: | I don't think I'd go that far. As far as I'm concerned, elliptic curves | are just another group to do Diffie-Hellman friends in. What I'd call | the "core" of mathematical crypto is the work that Goldreich, Goldwasser, | Micali, et. al. have been doing over the past fifteen years -- trying to | rough out just what kind of assumptions are necessary and sufficient to | give us the kind of cryptography we want. | | Has there really been much progress in the last ten years? I remember | the flurry of ground-breaking work in the mid-80s, and it was much in | the air at the first "Crypto Conference" I attended in 1988 (also the | last such conference I attended, for various reasons). Depends on your definition of progress. I think that the work that esp. Goldreich has been doing in the foundations of cryptography (ie, http://www.toc.lcs.mit.edu/~oded/tfoc.html) is very exciting stuff, because it pushes us towards a solid grounding for systems, and away from the need for one of a dozen or so really solid cryptanalysts to look at each system published. Is this progress in the space of librarization, standardization, or economics of security? No. But we need stronger foundations in both security and crypto in order to justify the investments in it. When a company can spend really large sums of money for only small assurance that its systems are more secure, its a hard decision to justify. (Not that there aren't justifications, they're just non-obvious.) When those investments are butressed by an understanding that the features will work as planned, they'll be easier to make. Speaking for myself, Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume
Re: The Cost of Natural Gas [was Re: The Cost of California Liberalism]
At Sun, 24 Dec 2000 23:50:01 -0800, "Raymond D. Mereniuk" [EMAIL PROTECTED] wrote: In my initial message I stated the current rise in natural gas prices are caused by multiple factors. [blah blah blah] That's outright bullshit. You wrote: "The bad decisions of the citizens of California have produced an energy crisis in what is called the Northwest for which all citizens in what is called the Northwest must pay the price." You said nothing about other factors. Nothing at all. You also ignore that your subject was "The Cost of California Liberalism." That was your point, wasn't it? To blame California Liberalism for your home heating bills? On top of these factors I stated the greater portion of the increase was created by un-expected demand in California. Greater portion in what terms? Land area? Population? IQ? Ralph Nader voters? It's an easy game to play when your claims are based on things like a whole bunch of Californians using more power than relatively few Vancouverites. And how much of this unexpected California demand was caused by California Liberalism? Have Sierra Club members been baking lots of extra cookies lately? Or is it all the electric cars that are selling like hotcakes? No, I got it, all those people living in trees to keep them from getting cut down to be used for firewood are forcing people to use their electric heaters, that's it, right? Or are you just going back to blaming Californian Liberals for preferring natural gas for electric power generation and saying it's their fault that you use the same fuel source to heat your home? Coupled with the low water situation, and the resulting decrease in hydro generated power, the increased use of natural gas powered generating capacity would be expected to cause an increase in the price of a commodity in which the increase in demand was unexpected or exceeded supply. No shit, but what does this have to do with California Liberalism? If a power generating utility had built new power plants and commited to a fuel supply (and the accompanying infrastructure) the likelihood of unexpected prices increases would be much lower. So? As you now admit, the demand was unexpected. Why would a utility build a new plant and commit to a fuel supply for unexpected demand? You say they're using reserve natural gas fueled plants to meet unexpected demand. Isn't this what they're supposed to do? Do you actually expect power utilities to build plants and commit to fuel they don't expect a need for just to provide a buffer for natural gas prices? That's not what happens in a deregulated environment and I don't think California's electric utility deregulation is considered a result of California Liberalism. Is it?
Re: nambla
On Tue, 26 Dec 2000, Paul Coleman wrote: is there a group in canada? There are, of course, many groups in canada. Including the moose lodge, elks, eastern star, parliament, ladies' sewing circles, church congregations, aldermen, political parties, juries, and random sets of people who happen to be in the same room. However, these are not "groups" in the sense useful to cryptography. Bear
Re: Turbo C
"ANALISTAS_ONSET CONTR [CONBR]" wrote: Hi there, I am looking for the software Turbo C from Borland and I never found. So I am sorry to ask that to you, but could you send the turbo C from e-mail to me ? I will really aprecciate if it is possible. Thanks in advance Luiz Eduardo de Oliveira Operations - Data Center Services JJ - Networking and Computing Services - LA São José dos Campos - SP - Brazil ( Phone: (55+12) 332-4460 or JJDIAL 738-4163 Fax :(55+12) 332-4163 * e-mail: [EMAIL PROTECTED] Oi irmão :)) Why don't you try djgpp or rhide (that has an ide like borland) ? These are compliant with ANSI C. Borland is not. []'s -- mailto:[EMAIL PROTECTED] || http://www.nortenet.pt/~guilherme "All bits used in this post are recycled !"
Re: The Cost of Natural Gas [was Re: The Cost of CaliforniaLiberalism]
You don't get it, do you? At 11:50 PM -0800 12/24/00, Raymond D. Mereniuk wrote: was created by un-expected demand in California. Another issue in this problem, as in this month and next, is low water levels in the northwest causing lower than expected power generating capacity. Lost on your typically smug Canadian analysis has been any objective analysis of markets for power. Do you know, for example, that California as a state is a _net exporter_ of power to the Northwest and especially to Western Canada at certain times of the year? In the fall and winter, in fact, when hydroelectric generation rates in BC and Washington are reduced. In your kind of lingo, "British Columbia failed to build enough new plants." Markets are not simple. Prices rise, prices fall. To claim that California is now the primary cause of your higher heating costs, boo-hoo, is childishly naive. If a power generating utility had built new power plants and commited to a fuel supply (and the accompanying infrastructure) the likelihood of unexpected prices increases would be much lower. See above. Childishly naive. --Tim May -- Timothy C. May [EMAIL PROTECTED]Corralitos, California Political: Co-founder Cypherpunks/crypto anarchy/Cyphernomicon Technical: physics/soft errors/Smalltalk/Squeak/agents/games/Go Personal: b.1951/UCSB/Intel '74-'86/retired/investor/motorcycles/guns
Re: The Cost of Natural Gas [was Re: The Cost of CaliforniaLiberalism]
"Me" [EMAIL PROTECTED] wrote Mon, 18 Dec 2000 02:47:18 -0500 The politicians are the only electricity producers in British Columbia. Almost true but not the complete story. While the provincially (state) owned utility BC Hydro owns most of the capacity there is an entity called East Kootenay Power which services a portion of the province (state). Unfortunately the politicians still control the power business in BC and have done everything in their power to discourage co- generation and other alternative suppliers. Fortunately there is no shortage of supply. Virtually Raymond D. Mereniuk [EMAIL PROTECTED] "The Ultimate Enterprise Security Experts" http://www.fbn.bc.ca/sysecurt.html
Re: The Cost of Natural Gas [was Re: The Cost of California Liberalism]
On Sun, 24 Dec 2000, Raymond D. Mereniuk wrote: In my initial message I stated the current rise in natural gas prices are caused by multiple factors. Natural gas prices were too low in recent years and this caused a shortage in supply. MASSIVE SNIP Just an observation, but most of the specific causes of this crisis point strongly to one general cause -- ie, there are too many people in California. More than the local water supply can handle. More than power can be generated for locally (unless someone builds a nuke powerplant, and you can already hear the Nimby's screaming...). More than food can be grown for without exhausting water tables to irrigate the central valley. Another general cause is that most of the current houses are built stupid. In the 1940's and 1950's houses were built that were quite habitable without constant airconditioning. They had basement windows where air could be drawn in and air was cooled in the basement with scads of thermal contact with the cool earth. There were open airways that circulated air drawn up from the basement through the first and second floor, and windows in the second floor where heated air was allowed to escape. Many of them were made of adobe or other materials with great thermal inertia, which mediated the extremes of temperature. All of these are perfectly sound thermodynamic principles, which have been abandoned because wood-frame concrete slab houses are cheaper to build and home buyers haven't been thinking about the cost of cooling the damn things as part of the purchase price. If building codes were modified, or if contractors and developers had to bear the first ten years of utility costs out of house prices, we'd probably see a substantial reduction in the so-called "need" for power. Bear
Re: About Gilmore's letter on IBMIntel push copy protection into ordinary disk drives
In message [EMAIL PROTECTED], Dave Emery writes: A note on this note - I was told back in that era by Sun field service people that the standard thing to do when a motherboard failed was to swap the ID prom from the old motherboard onto the new one, thus avoiding the whole license conversion problem in the first place (but of course also doing wonders for the ability to track specific pieces of hardware and document ECO levels and the like, since a significant number of motherboards had swapped ID proms in which all the other information in the prom didn't match the actual board). "Standard"? It was more than that; it was the *right* thing to do. On a diskless workstation, there was no other identity to the machine; if you didn't swap the ID prom -- which was used for the low-order 24 bits of the Ethernet address -- your machine wouldn't receive the proper boot image, etc. Add to that the number of machines in the mid-to-late 80's that didn't have ARP, and it was utterly necessary. --Steve Bellovin Same was true of DEC workstations. The service tech would switch the proms. The board had it's own serial number label on the board so they could still keep track of it.
Re: More half-baked social planning ideas
On 12/25/00 at 11:07 AM, [EMAIL PROTECTED] (Tim May) wrote: Nope, no basements. No basement in the house I lived in in San Diego in the 1950s. Built on a slab. No air conditioning, either. No need. You mean there's someplace in San Diego that's flat enough to lay a slab? The "solution" to "shortages" is, as with all things, market pricing. You have to have a market first. How do you go about establishing that? And wouldn't a fair market price assume a reasonable supply?
Re: Dude! It's wired!
On Sun, 24 Dec 2000, Eric Cordian wrote: Perhaps next year will be better. I'm almost begining to feel that Cryptology has achieved the status of a "Mature Science." It's my impression that mature sciences don't have the same kind of foundational or engineering problems cryptography does. We still see surprises about what a "definition of security" should be, even in the public-key setting where people have investigated such things for nearly 20 years. Plus even when we figure that out, we'll still have to deal with the fact that the models used in theoretical crypto don't deal with some of the attacks possible in real life -- timing and power analysis come to mind. As does the van Someren and Shamir trick for finding keys because they look "too random." To say nothing of the nasty fact that passphrases, and therefore keys based on them, aren't random at all. Which does not play nice with models which assume keys are picked randomly. It may be true that this year was a lull in "interesting" cryptographic research (I don't know if that's quite true), but it doesn't seem to be because too many problems are solved. Rather, there are lots of open problems left which no one seems to know how to solve... -David
Re: That 70's Crypto Show (Re: Dude! It's wired!)
On Mon, 25 Dec 2000, Tim May wrote:
Some of the foundations are, of course, "mature"...and not very
exciting. The core of mathematical crypto is hardly frontier
mathematics. (Yeah, I suppose Dave and Eric and a few others could
make a case that there's some connection with the proof of Fermat's
Last Theorem, stuff about elliptic functions, etc. But we all know
I don't think I'd go that far. As far as I'm concerned, elliptic curves
are just another group to do Diffie-Hellman friends in. What I'd call
the "core" of mathematical crypto is the work that Goldreich, Goldwasser,
Micali, et. al. have been doing over the past fifteen years -- trying to
rough out just what kind of assumptions are necessary and sufficient to
give us the kind of cryptography we want.
That being said, almost none of it works without those pesky one-way
functions. or trapdoor one-way functions. and we have too few examples of
either.
that such connections are tenuous. Most of crypto still is built
around good old number theory, basically what has been known for
dozens of years, even centuries. Euler would not have had a problem
understanding RSA.)
That's true, and in some sense it's a good thing - we have some confidence
that these problems are hard because "Euler worked on them." (On the other
hand, Euler didn't have the ability to experiment today's mathematicians
do). In another sense, it's a bad thing, because the number of one-way
functions we have is so small. To say nothing of trapdoor one-way
functions...
The "far out" stuff of reputations, multi-player games, digital
money, etc., is much less-grounded in theory. More interdisciplinary,
more "fuzzy," more prone to hand-waving. Doesn't mean this this isn't
the interesting area, just means it's not as "foundational" as math
areas are. Reductionists who seek the rigor of a pure science often
end up throwing out what's interesting.
So I have noticed. (and so I have to caution myself against every day).
By academic coverage I mean researchers studying weaknesses in
various kinds of data havens, digital currencies, reputation systems,
etc., in the same way that the "Crypto Conference" folks looked at
various ciphers. (And specific digital currency systems, for example.)
Reminds me of the reaction I got when I asked some friends about
doing a term project on mix-nets.
"So, has there been any recent academic work on this?"
There's some hope. There was a workshop on "Design Issues in Anonymity and
Unobservability" this past summer which brought people together to talk
about these issues. The Info Hiding Workshops are still going strong.
With luck, this year's IHW may have a paper on reputations in it...
This year's ACM CCS conference had two papers of special interest.
The "Hordes" paper, _A protocol for anonymous communication over the
Internet_ by Clay Shields and Brian Neil Levine, gives a definition of
anonymity which seems convincing.
Then the paper by Franklin and Durfee on "Distribution Chain Security"
discusses the problems of dealing with contracts in a distribution chain.
They have to balance the rights of buyers, sellers, and various middlemen
- and develop some cute cryptographic tricks to do it. Obfuscated
contracts, zero-knowledge proofs, and special "contract certifiers" make
an appearance. It wouldn't surprise me if this ended up having application
beyond the content distribution network scenario they propose.
Crypto systems, using a mix of crypto tools, is only slowly taking
off. In fact, the focus keeps moving back to simple encryption,
depressingly enough!
Depressingly enough, we keep finding that the focus *needs* to move back
to simple encryption. Birgit Pfitzmann published a paper in the 1980s on
"How To Break the Direct-RSA Implementation of MIXes." Today, nearly
fifteen years later, we still don't know "really" what we need from
an encryption system for MIXes; David Hopwood has some good thoughts,
but we're not done yet.
On the other hand, we can oppose this to the fact that we have a bunch of
remailers, and they seem to work. They may be unreliable, but no one seems
to have used padding flaws to break a remailer, as far as we know.
(And, as I have been saying for close to 10 years, the
insurance
industry will be a driver of new approaches. Newer safes were bought
not because store and bank owners were "educated" about security (the
precise analogy to security today), but because insurance premiums
were lessened with better safes. Discounted present value, DPV,
speaks louder than all of the moralizing and lecturing.)
This may have to wait until liability issues in general for software are
straightened out, won't it?
More than that, if the "tragedy of the commons" really happens for
Gnutella and Napster and friends, then people will look for ways to avert
it. Maybe it won't happen ("The Cornucopia of the Commons"), but if
it does, reputation systems might see some sudden
Re: Crypto on cable...chuck the vce?
The Register's front page only shows the most recent N stories, constantly changing. You'll need to point to the article itself, which looks like http://www.theregister.co.uk/content/5/15679.html an article Kevin Poulsen did for securityfocus.com. It looks quite similar to the stuff John Gilmore wrote about recently, except sleazier due to FCC involvement. At 02:56 PM 12/22/00 -0600, Jim Choate wrote: http://theregister.co.uk = Sneaky cable crypto scheme in the works = By: Kevin Poulsen = Posted: 22/12/2000 at 19:36 GMT = The cable television industry is moving = ahead with a controversial plan to = implement a copy protection scheme that will allow movie studios = and cable providers to control what viewers are able to record off = future digital cable TV networks. Thanks! Bill Bill Stewart, [EMAIL PROTECTED] PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Re: Dude! It's wired!
Tim expounds: I haven't been posting here a lot for various reasons. First, the quality of the responses has not been good. It seems repartee and tired Nazi vs. Stalinist debate is the norm, with Choatian physics and Choatian history filling in the gaps. It's been a slow politics and cryptography year. The list is full of spam, and vandals keep subscribing it to other mailing lists. Perhaps next year will be better. I'm almost begining to feel that Cryptology has achieved the status of a "Mature Science." Second, and perhaps related to the first point, a lot of folks have retreated to the safety of filtered lists, where Lewis and Perry can screen messages for them. I'm currently amusing myself on DetweilerPunks. Also known as Theory-Edge, moderated by Vladimir Z. Nuri. http://www.egroups.com/group/theory-edge, if anyone wants to visit. Fourth, as with my new .sig, the election has caused me to "move on," at least until the direction of things is determined. Yes, a tasteful .sig designed not to cause public alarm, until the Shrub Administration's interpretation of our Constitution is clarified. I suspect we are entering an era in which even vague hints concerning a sticky end for tyrants can get one arrested. He speaks of liquidating middlemen, I speak of liquidating tens of millions of welfare varmints, useless eaters, and politicians. And for this they call him a visionary and me a Nazi. Go figure. You need to moderate your views on non-producing eaters in the same way you moderated your .sig file. A new Tim for a new decade. So, when's the next Jim Bell trial? Anyone know? -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law"
Re: About Gilmore's letter on IBMIntel push copy protection into ordinary disk drives
In message [EMAIL PROTECTED], Dave Emery writes: A note on this note - I was told back in that era by Sun field service people that the standard thing to do when a motherboard failed was to swap the ID prom from the old motherboard onto the new one, thus avoiding the whole license conversion problem in the first place (but of course also doing wonders for the ability to track specific pieces of hardware and document ECO levels and the like, since a significant number of motherboards had swapped ID proms in which all the other information in the prom didn't match the actual board). "Standard"? It was more than that; it was the *right* thing to do. On a diskless workstation, there was no other identity to the machine; if you didn't swap the ID prom -- which was used for the low-order 24 bits of the Ethernet address -- your machine wouldn't receive the proper boot image, etc. Add to that the number of machines in the mid-to-late 80's that didn't have ARP, and it was utterly necessary. --Steve Bellovin
Re: The Cost of Natural Gas [was Re: The Cost of California Liberalism]
[EMAIL PROTECTED] wrote Tue, 19 Dec 2000 13:15:09 -0500 (EST) Raymond's pointed out that some gas plants normally idle are now running full-time to meet demand. To me this reads the same as using idle plants instead of building new ones. Perhaps not a bright move in terms of safety, efficiency and reserve capacity, but nothing that should have changed natural gas commitments. In my initial message I stated the current rise in natural gas prices are caused by multiple factors. Natural gas prices were too low in recent years and this caused a shortage in supply. Narural gas has gained in popularity with utility companies in recent years because it is clean (relatively) and it is cheaper and easier to implement natural gas burning technologies than other fuel source technologies, ie - coal which would be cheaper but more difficult to meet current emission standards and "current" public expectations. On top of these factors I stated the greater portion of the increase was created by un-expected demand in California. Another issue in this problem, as in this month and next, is low water levels in the northwest causing lower than expected power generating capacity. In the past natural gas power plants were viewed as temporay or part-time solutions as they are relatively cheap to construct. If you have a power plant you don't expect to use you don't commit to much of a supply as you don't expect to use the plant. At this time many auxiliary power plants in California and surrounding states are being utilitized to generate power for the California market. There was recently a federal mandate that power suppliers in neighbouring markets not refuse to provide power to California utilities. Coupled with the low water situation, and the resulting decrease in hydro generated power, the increased use of natural gas powered generating capacity would be expected to cause an increase in the price of a commodity in which the increase in demand was unexpected or exceeded supply. If a power generating utility had built new power plants and commited to a fuel supply (and the accompanying infrastructure) the likelihood of unexpected prices increases would be much lower.
Re: china-taiwan and limits of state action
David, You have a simple view of China-Taiwan relations, but you are more of a computer specialist than an Asia one, so your deficiency is quite forgivable. I recently heard a story about policeman in Taiwan who is close to retiring. When he was asked what he planned to do when he retires, he said that he wanted to go back to the Mainland. To the outsider, this would seem strange, but it would be hard to believe that Taiwan and China do not have a workable and effective MO. Someone who responded to your post stated that it is far more likely that China would be the aggressor in a cross-strait spat. Now, where the Taiwan-China working MO might break down would be when individuals act. In a way, hacking is the attack of the powerless: it allows geeks like us to launch an assault when we cannot afford tactical weapons. So it is wrong to think that angry Taiwanese would hesitate from waving the red in front of the bull. As you state, there is no cyberterror treaty governing how information regarding attacks is treated. Many of us take for granted that other informal arrangements govern how this information is treated. The questions you ask are valid. Indeed, they are some of the reasons why this listserve exists. You are asking core questions as to how we should treat state activity and personal responsibility. When you find the answers, let me know ; ) What happens if Taiwan's government says it wants to normalize relations with China (and vice versa), but the attacks continue? Will they have to find and punish their own citizens in order for the normalization to move forward? Where do treaty obligations compel a state to prosecute citizens for behavior which it may have tacitly encouraged before? Interestingly enough, an attack where the originator is identified seems to be more of a problem. At least with an anonymous attack, a state can plausibly deny that one of its citizens was involved. In fact, you could see identified attacks on Chinese systems coming to be a form of civil disobedience if Taiwan were to go this route. (I don't think Taiwan will - I'm just interested in this interplay between private action and the state's responsibility.) Suppose Taiwan proves unwilling or unable to stop private citizens from attacking mainland Chinese systems. Now there seems to be a parallel with situations where states are considered either supportive of terrorism or too incompetent to prevent terrorist activity. Israel occupied southern Lebanon because it didn't see any other way to prevent terrorist activity. The alleged use of Libya and Sudan as "training grounds" could be viewed as a kind of jurisdictional arbitrage, and a kind which has been reacted against violently in the past. Fear of an analogous situation online seems to be behind the "world cyber-crime treaty" mentioned here recently. Now bringing it closer to home, does that mean opposition to the world cyber crime treaty could be cast as "support for cyber-terrorism"? -David
Re: china-taiwan and limits of state action
On Sat, 23 Dec 2000, Alex Shirado wrote: David, You have a simple view of China-Taiwan relations, but you are more of a computer specialist than an Asia one, so your deficiency is quite forgivable. I suspected as much. The problem with this is that I saw the "individual action indistinguishable from state action" quickly and have been having a hard time thinking past it. I'm sure that the picture is much more nuanced than what I have... There are actually other "cyber-war" examples which come to mind where it wasn't clear whether an "attack" was the result of a state action or just some crackers. One such was when NATO's web site was defaced; there was a quote to the effect of "Now the war is fought on all fronts" which made the rounds. The quote is interesting first because it places defacing a web site on the same level as firing bullets at people. Next because I'm not sure if it was clear who exactly defaced the site. Recently I've heard that Israel and neighboring Arab countries are going back and forth. For instance http://www.all.net/intel/mid-east/10-26-2000-art1.html http://www.meib.org/articles/0011_me2.htm I recently heard a story about policeman in Taiwan who is close to retiring. When he was asked what he planned to do when he retires, he said that he wanted to go back to the Mainland. To the outsider, this would seem strange, but it would be hard to believe that Taiwan and China do not have a workable and effective MO. I suppose the closest the U.S. has had to this was the Cold War. We did have some kind of MO with the USSR, but we didn't (don't) share the same kind of common heritage that China and Taiwan do. Someone who responded to your post stated that it is far more likely that China would be the aggressor in a cross-strait spat. Now, where the Taiwan-China working MO might break down would be when individuals act. In a way, hacking is the attack of the powerless: it allows geeks like us to launch an assault when we cannot afford tactical weapons. So it is wrong to think that angry Taiwanese would hesitate from waving the red in front of the bull. Yes - what seems interesting is that cracking makes offense as "democratic" as defense. That is, anyone with a weapon can defend their home and territory. That's what a militia is supposed to be, after all. (of course, given the massive inequality in weapons available to armies and available to private citizens, the militia may not last long...) But the local militia usually can't unilaterally launch an attack on some foreign country. (Well, maybe those on the border; the film "Canadian Bacon" comes to mind). A minor nitpick - it seems strange to say that we are "powerless" and then note how we can launch an assault. Maybe it would be better to say that this gives us a different kind of power or "redefines power." As you state, there is no cyberterror treaty governing how information regarding attacks is treated. Many of us take for granted that other informal arrangements govern how this information is treated. If we think about it at all. Perhaps you're living in a country where more people remember other countries exist. :-) In any case, I find it interesting to see the resistance to the current proposed cyber-crime treaty http://www.gilc.org/privacy/coe-letter-1000.html which rests on notions of human rights and so on. Values I agree with. At the same time, this seems to place the signing organizations "against" the Israelis, Chinese, or others who may find that current informal arrangements aren't enough. The questions you ask are valid. Indeed, they are some of the reasons why this listserve exists. You are asking core questions as to how we should treat state activity and personal responsibility. When you find the answers, let me know ; ) That's why I'm posting here, after all. Thanks, -David
Re: Copy protection of ordinary disk drives?
Brian Lane wrote: Maybe I'm being dense today, but I don't see how this is going to work. So they have a key on your drive, they encrypt the data using this key, but at some point the data has to be decrypted and used, which means that it can be intercepted. The article isn't too clear, but it appears that a 'compliant application' is going to be needed to do the encrypt/decrypt? All software is subject to disassembly, so there is no real protection there. I'd suspect that this is part of the "protect our(!) hardware from the consumer" process that's been going on for a few years. most likely, the whole event will happen inside the disk, which will be made more or less tamper-resistant. now remember that there've been planned for a fully encrypted bus system for quite some time. the basic idea is that the raw bits are never accessable in software. the software will just tell the hardware "hey, could you please push the encrypted bits of that song over the encrypted bus to the crypto-speakers?". interesting change in culture. not too long ago, knowing how your home electronics actually work was the sign of the geek. not too far in the past, knowing how your home electronics really works will be the sign of the criminal.
Re: Copy protection of ordinary disk drives?
On Fri, 22 Dec 2000, Brian Lane wrote: http://www.theregister.co.uk/content/2/15620.html Stealth plan puts copy protection into every hard drive But because the system makes use of the physical location on the device of the encrypted item, software designed for non-compliant drives will break in some circumstance when encrypted data files are moved. "It requires both drives to be compliant when data is to move from one disk to another," says Lotspiech. "And a compliant application to get all that data to the new drive". So a hard drive containing small individual containing non-copyable files of say, Gartner reports, will essentially be unrestorable using existing backup programs. Maybe I'm being dense today, but I don't see how this is going to work. So they have a key on your drive, they encrypt the data using this key, but at some point the data has to be decrypted and used, which means that it can be intercepted. The article isn't too clear, but it appears that a 'compliant application' is going to be needed to do the encrypt/decrypt? All software is subject to disassembly, so there is no real protection there. Here's one other thing; how does the "compliant application" get the decryption keys?? If I can't copy files without being hooked up to the net, then half my computers at home will quit working! (I have two distinct networks: one for secure data and one with internet access...). If the compliant application needs to hook up to the internet in order to get a decryption key to read data, these drives will not work for a host of legitimate non-networked applications. On the other hand if the compliant application does NOT need to hook up to the internet to get keys, then someone with a debugger will have a utility to get your drive's whole list of keys (and a patched BIOS to make it behave like a regular drive) within a couple weeks of their introduction to the market. Unless it comes out at the same time as "encrypted instruction set" computing, where the executables are decrypted inside the CPU... Bear
Re: Copy protection of ordinary disk drives?
Isn't the idea that you don't get to see the surface of the disk? The copy protection is in the onboard circuitry. The drive refuses to return data from "unreadable" sectors/blocks, where readability depends on a function of the of the drive serial number, some sort of certificate in the system request, and the relevant field in the media key block. For most people it wouldn't even have to be encrypted. They aren't going to break the box open put in their own chips, or take out the platters read them with their own probes. This will presumably crash burn in the market. As long as anyone sells user-controllable disks, we will carry on buying them. It's not as if IBM are the only manufacturers in the world. Ken Brian Lane wrote: Maybe I'm being dense today, but I don't see how this is going to work. So they have a key on your drive, they encrypt the data using this key, but at some point the data has to be decrypted and used, which means that it can be intercepted. The article isn't too clear, but it appears that a 'compliant application' is going to be needed to do the encrypt/decrypt? All software is subject to disassembly, so there is no real protection there. Not that it isn't a really dumb idea, they're trying to remove your control of the bits stored on your harddrive -- a Really Bad Thing obviously. Brian --
Re: Copy protection of ordinary disk drives?
On Fri, Dec 22, 2000 at 05:13:53PM +0100, Tom Vogt wrote: Brian Lane wrote: Maybe I'm being dense today, but I don't see how this is going to work. So they have a key on your drive, they encrypt the data using this key, but at some point the data has to be decrypted and used, which means that it can be intercepted. interesting change in culture. not too long ago, knowing how your home electronics actually work was the sign of the geek. not too far in the past, knowing how your home electronics really works will be the sign of the criminal. I can see it now -- "Mr. Lane, you are being convicted for reverse enginerring the embedded encryption system in the IBM-SuperSekret-HD." "But! But! I was just trying to recover my Quicken 2001 backup!" as they drag me off to prison. The only way they can make this even begin to work in the marketplace is to force manufacturers to stop producing uncontrollable drives. I wouldn't be suprised if there was an amendment to enact this waiting to attach itself to an obscure bill in Congress. Or maybe I'm just being paranoid? G Brian -- Brian C. Lane - Linux Programmer/Consultant/Writer www.brianlane.com Virtual Web Hosting www.nexuscomputing.com NRA Life Member www.libertynews.org I had a friend who was a clown... when he died, all his friends went to the funeral in one car... -- Stephen Wright PGP signature
Re: china-taiwan and limits of state action
I think the attacks are far more likely to be launched by the Mainland folks against the Taiwanese rather than the other way around. The mainlanders want to destabilize Taiwan. Taiwan likes a stable mainland, because so many Taiwanese companies have set up manufacturing facilities in the mainland to exploit the cheap labor. Most if not all of the PC infrastructure companies do the bulk of their manufacturing and or assembly in the mainland because labor is so cheap. It is not in in the business interest of Taiwan to destabilize the mainland. On the other hand, the mainland wants Taiwan to re-join them, so if they can weaken them they feel they are more likely to be successful. rdc petro wrote: Recently a friend asked me what my opinion was as a "computer guy" about the China-Taiwan "cyber warfare." At first it seemed that there wasn't much to say, except maybe to point out that this seems to be a ways away from Schwartau's info-war. One thing has started to bother me a bit, though. How does mainland China distinguish an attack by the Taiwanese state from an attack launched by private Taiwainese citizens? Do they even *care*, since they have such poor relations with Taiwan anyway? Given the nature of China's society and government, I don't think they'd even understand the question you are asking. -- A quote from Petro's Archives: ** "Despite almost every experience I've ever had with federal authority, I keep imagining its competence." John Perry Barlow
Re: china-taiwan and limits of state action
On Fri, 22 Dec 2000, Richard Crisp wrote: I think the attacks are far more likely to be launched by the Mainland folks against the Taiwanese rather than the other way around. The mainlanders want to destabilize Taiwan. Taiwan likes a stable mainland, because so many What intrigues me about this conflict is that it seems possible for ordinary citizens to have the same kind of access to attack that the state does. So speaking of "the mainlanders" or "Taiwan likes" may be misplaced. Of course, most private citizens won't be able to do much with it, but there may be some who will. I agree with you with respect to the mainland and Taiwanese governments, though. -David
Re: An A to Z G U N R E F R E S H E R C O U R S E
I followed your 'argument' until "w", "enforce the existing gun laws, don't make new ones" So apparently the currently unconstitutional laws are okay with you? -p "Those who would give up essential liberty for temporary safety deserve neither liberty nor safety" - Benjamin Franklin, 1759 [EMAIL PROTECTED]@cyberpass.net on 12/21/2000 01:36:54 PM Please respond to [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] To: "Cypherpunks" [EMAIL PROTECTED] cc: Subject: An "A" to "Z" G U N R E F R E S H E R C O U R S E An "A" to "Z" G U N R E F R E S H E R C O U R S E a. An armed man is a citizen. An unarmed man is a subject. b. A gun in the hand is better than a cop on the phone. c. Smith Wesson: The original point and click interface. d. Gun control is not about guns; it's about control. e. If guns are outlawed, can we use swords? f. If guns cause crime, then pencils cause misspelled words. g. Free men do not ask permission to bear arms. h. If you don't know your rights, you don't have any. i. Those who trade liberty for security have neither. j. The United States Constitution (c)1791. All Rights Reserved. k. What part of "shall not be infringed" do you not understand. l. The Second Amendment is in place in case they ignore the others. m. 64,999,987 firearm owners killed no one yesterday. n. Guns only have two enemies: Rust and Politicians. o. Know guns, Know peace and safety. No guns, no peace nor safety. p. You don't shoot to kill; You shoot to stay alive. q. 911 - government sponsored Dial a Prayer. r. Assault is a behavior, not a device. s. Criminals love gun control - it makes their jobs safer. t. If Guns cause Crime, then Matches cause Arson. u. Only a government that is afraid of it's citizens tries to control them. v. You have only the rights you are willing to fight for. w. Enforce the "gun control laws" in place, don't make more. x. When you remove the people's right to bear arms, you create slaves. y. The American Revolution would never have happened with Gun Control. z. "a government by the people, for the people." PLEASE PASS THIS 'REFRESHER' TO -10- FREE CITIZENS.
Re: CDR: One thing about Bell's case...
It seems to me that charging Bell for 'stalking' in relation to the collection of public documents violates his 1st Amendment rights with respect to 'press'. It's probably the showing up on the door step that got him in trouble. Or at least that gave the government the excuse they needed to put him on trial. -- A quote from Petro's Archives: ** "Despite almost every experience I've ever had with federal authority, I keep imagining its competence." John Perry Barlow
Re: Tim's Motorcycles
At 11:24 AM 12/18/00 +0200, Ben wrote: Timothy C. May [EMAIL PROTECTED]Corralitos, California Political: Co-founder Cypherpunks/crypto anarchy/Cyphernomicon Technical: physics/soft errors/Smalltalk/Squeak/agents/games/Go Personal: b.1951/UCSB/Intel '74-'86/retired/investor/motorcycles/guns Tim-- Good new sig. Motorcycles? I don't recall motorcycles here. The recent US international crime assessement lists global motorcycle gangs as a major threat to world peace, along with a couple of dozen new horsemen. The report claims all of these have rapidly adopted high-tech and info tools to advance their criminal agendas, and that there simply must be more global law enforcement cooperation, communications intercepts, and massive funding to combat these, these, Zen Fau Long Aum Shirinkyo whirring-spokemeisters. The thought of Mr. May on his R1100RS (Right? 1998?) riding with the Bandidios is... Amusing. -- A quote from Petro's Archives: ** "Despite almost every experience I've ever had with federal authority, I keep imagining its competence." John Perry Barlow
Re: crypto questions - encrypted mail standards
A separate discussion over on coderpunks maybe helpful here. To: Bill Stewart [EMAIL PROTECTED] Cc: Bram Cohen [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: encrypted mail standards Date: Tue, 19 Dec 2000 23:34:55 -0800 From: John Gilmore [EMAIL PROTECTED] Bram - you can do encryption at the Mail Transfer Agent layer, like encrypting versions of SMTP, or in the mail header/body layer, I'm not sure where to find the standards for encrypting SMTP, but there are some; look around on sendmail.com. See RFC 2487, "SMTP Service Extension for Secure SMTP over TLS", which adds the "STARTTLS" command and HELO extension option to the SMTP specification. This permits two SMTP servers to negotiate to use TLS (also known as SSL) encryption before sending email. There are ways to run POP or IMAP using TLS/SSL as well, but I don't have the standards at my fingertips for this. Also, John Gilmore may have funded some non-American developer to do an implementation. Nope; sendmail.com did an implementation and released it once the export rules changed. It's in the current free sendmail release. John Thanks! Bill Bill Stewart, [EMAIL PROTECTED] PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Re: How do I become a member of Cyberpunks??
At 02:28 AM 12/19/00 EST, [EMAIL PROTECTED] wrote: How do I become a member of Cyberpunks?? Read too much William Gibson, get the jack installed in yer head, or maybe a set of those nice Ono-Sendai eye implants, and cowboy your way onto the net. If, however, you're looking for the cypherpunks mailing list, find the Cyphernomicon on the net, and read it. There are archives at inet-one in Singapore. If you send mail to [EMAIL PROTECTED] and ask nicely, the friendly robot will send you mail. Save the email where you'll remember to look it up later, and then if you want 50-100 messages delivered to your doorstep daily, take the blue pill, or was it the red one. (Second edition of Bruce Schneier's Applied Cryptography is the red one.) Thanks! Bill Bill Stewart, [EMAIL PROTECTED] PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Re: The Cost of Natural Gas [was Re: The Cost of California Liberalism]
Tim May [EMAIL PROTECTED] wrote Size of a market is a shifting concept. British Columbia and Vancouver are certainly large markets. Compared to California markets this is a small market. Two million folks in the metro area and 3 million total in the province (state). If there were a nuclear power plant in western Canada, much of its output would likely go to Vancouver. Guess what? No nuke plants in western Canada. The size of the market makes nuclear power impractical. BC is a net exporter of energy. Lots of electricity, some oil and some natural gas. They have dammed a bunch of waterways. tanker. I believe I would rather have nuclear power plant in my neighbourhood than a liquidified natural gas facility. Perhaps you can lobby your politicians to allow nuclear power plants to be built in your region, then. Everyone gets excited about the dangers of nuclear power plants. In areas where sour natural gas is produced there is a lot of environmental damage. The original reason for settling Canada was to trap animals, skin them and sell the furs to Europe. Fur trappers didn't care if you dammed the rivers and poisoned the air and ground with hydrogen sulphate. If you work around sour gas you are advised that if your co-worker suddenly collapses you don't attempt to help him as he is probably already dead. You are advised to run upwind as fast as possible. They find cattle raised near sour gas wells and production facilities suffer from a significant increase in birth defects and still borns. There is some evidence appearing that man suffers the same problems as the animals. tanker. I believe I would rather have nuclear power plant in my neighbourhood than a liquidified natural gas facility. Perhaps you can lobby your politicians to allow nuclear power plants to be built in your region, then. I have lived and worked around gas plants and sour gas production facilities. I have done my hazardous duty. Again, until you witness the environmental damage associated with the energy business you have no idea... This whole post shows a shaky understanding of economics. You are bitching and moaning that someone else's bids on power exceed what you would like to pay. This is my second go around on the energy boom cycle. The only reason you are paying more is because of bad planning or producers not being allowed to build capacity when they wanted. There is no shortage, just some distribution problems. "I would like to have a Ferrari Testarossa, but there are so many people around the world willing to pay such outrageous prices that the prices have simply gotten out of control. If Californian would take responsibility for their outrageous lifestyles, there would not be so many Californians buying Ferraris and we people in British Columbia would have a chance to afford them." Being that BC and Alberta are big energy exporters there are lots of folks, and organizations, making big money on the current problems. I don't believe "around the world" is factual. There is lots of natural gas in the distribution system which is not connected to California. As for your own energy needs, install propane. This is what I have. And fill the tank well in advance of when spot market fluctuations drive the price up. Problem with propane is that it stinks so bad and it puts out a lot of moisture when burnt. Propane is a commodity and it has seen some wild fluctuation in recent years. Or move to a warmer clime. Living in the far north _does_ carry a price. I lived in the tropics for 8 years. I prefer the temperate rain forest where I currently reside. I like cool and rainy. One of my complaints about Vancouver is that it doesn't rain enough, too many nice sunny days. The problem with hot places is you can only take off so much clothing and you will still be hot. In cold climates you can put on more clothes and eat red meat to keep warm. Also, bear in mind that a lot of off-peak power is shipped into Canada from the Bonneville Power Administration. It seems we Yanks had the foresight to dam the Columbia River back in the 1930s. It's a reason the Hanford Nuclear Reservation was located in the Tri-Cities area--cheap and plentiful power--and it's a reason several aluminum smelters, including a Canadian one, located there. The Bonneville Power Administration (BPA) paid for a series of dams whose main purpose was to hold water for their power generation system. This series of dams were completed in the late 60s and they paid a set fee for the first 30 years of water rights or downstream benefits. After 30 years the downstream benefits were to be returned to BC or BPA had the option to purchase those benefits. The downstream benefits were to be returned to BC as power. Initially BPA promised $250 million for some set term and BC agreed to take the money. At the last minute BPA decided the benefits
Re: How do I become a member of Cyberpunks??
On Tue, 19 Dec 2000, Bill Stewart wrote:
At 02:28 AM 12/19/00 EST, [EMAIL PROTECTED] wrote:
How do I become a member of Cyberpunks??
Read too much William Gibson, get the jack installed in yer head,
or maybe a set of those nice Ono-Sendai eye implants,
and cowboy your way onto the net.
There is already too much jacking off on the net...
If, however, you're looking for the cypherpunks mailing list,
find the Cyphernomicon on the net, and read it.
There are archives at inet-one in Singapore.
If you send mail to [EMAIL PROTECTED] and ask nicely,
the friendly robot will send you mail. Save the email where
you'll remember to look it up later, and then if you want
50-100 messages delivered to your doorstep daily,
take the blue pill, or was it the red one.
(Second edition of Bruce Schneier's Applied Cryptography
is the red one.)
And the first edition is the blue one. ]:
The true way to join the Cypherpunks is to find a copy of the album by
"TimMay and The Lords of Darkness", play it backwards and listen for the
steggoed message. ("Leggo my steggo!")
[I gotta stop staying up so damn late...]
[EMAIL PROTECTED] | Note to AOL users: for a quick shortcut to reply
Alan Olsen| to my mail, just hit the ctrl, alt and del keys.
"In the future, everything will have its 15 minutes of blame."
Re: Announce: secret-admirers mail list(usenet)
On Tue, Dec 19, 2000 at 12:39:58AM -0800, Raymond D. Mereniuk wrote: At 11:24 AM 12/16/2000 -0800, Eric Murray wrote: Only by running your own mail or news server can you prevent the ISP from monitoring your email or news reading. Sorry to entering this thread so late but I had to bite on these comments. I have been in and out of the ISP business for the last 5 years. In my last real job I was responsible for a tech support team. [..] I wouldn't worry about most ISP invading your privacy. Most of them are too busy getting calls from 12:00 O'clock flashers and, my personal favourite, the caller who blamed us for uploading porn onto their computer. You missed the begining of this thread. The threat isn't from the ISP personnel, who like you say are too busy to spy. It's from law enforcement who get access (through subpoenas or simply asking for it) to the logs that the ISP's been keeping. They could then do traffic analysis on your a.a.m reading. -- Eric Murray Consulting Security Architect SecureDesign LLC http://www.securedesignllc.comPGP keyid:E03F65E5
Re: keyboard loggers.
Somebody wrote in response to Bill Stewart's message: At least under Windows 98 you can "Start", "Programs", "Accessories", "System Tools", "System Information", and list the "System Hooks". Most keyboard sniffers are installed as "hooks". If you see a new one, you may have a problem. Here's what a JYA machine shows (sorry if the table wraps): Hook type Hooked by ApplicationDLL path Application path Keyboard Wbhook32.dll WEBSCANX.EXE C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\Wbhook32.dll Same as DLL path CBTPgphk.dll PGPTRAY.EXE C:\WINDOWS\SYSTEM\pgphk.dll D:\PGP658\PGPTRAY.EXE Mouse Wbhook32.dll WEBSCANX.EXE C:\PROGRAM FILES\NETWORK ASSOCIATES\MCAFEE VIRUSSCAN\Wbhook32.dll Same as DLL path Surely Network Associates/PGP have no connection to the snoopers, but why scan keyboard and mouse?
Re: keyboard loggers.
Alright... gotta get my two centz in here. #Yo out to Bill S... always good advice I'm guessing that with santa's problem it is almost impossible to keep people from putting key loggers onto a system if they have physical access to them. HPFS (Easy to beat) NTFS (Easy to beat) NTFS 5 (Easy to beat) UFS (Easy to beat) FAT (hahahahahhaha) It's all risk assessment Santa. If you don't trust your elves ya gotta pull the floppy, Zip, CD-ROM etc... access. Key loggers are easy to code and can be named whatever you call them. You could however write a simple program to look for all the executable files on your systems and the do a sum of the previous days results to see if there are any changes. Intrusion detection is key to picking this stuff up... its a process you engauge in. Not a capability you will be able to attain. Scoty "It's all about the Pentium" -Wierd Al From: Bill Stewart [EMAIL PROTECTED] To: "PFSanta Claus" [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: keyboard loggers. Date: Mon, 18 Dec 2000 23:23:22 -0800 If you have to worry about people installing keyboard logging programs on your machine without your permission, either - you're using a public shared machine at a coffeeshop or school or Kinko's to do things you think need security, or - you're using your employer's machine, and shouldn't do things that are inappropriate to do at work, - you're using your employer's machine, and need a new employer who trusts his employees instead of feeling compelled to spy on them, - you're using your employer's machine, and your employer has a serious security problem with people trying to crack in at night, - you're sharing your home machine with a teenager who runs all sorts of game programs downloaded off the net or borrowed from friends, viruses and all, - you've got serious security problems of your own - if they can sneak in and install programs like that, they can install anything else they want, copy your hard disk, probably even steal your hard disk, or - the paranoids really are out to get you. For the shared-machine problem, don't use insecure machines to do secure stuff. Use disposable email accounts, American Express one-shot credit card numbers, and if you must log in to something, use one-time passwords (either S/Key or SecureID tokens or some similar mechanism.) There's been some work done on encryption programs that run in hand-held computers, whether Palm Pilot things with displays or JavaRings or smartcards without them. Matt Blaze, Ian Goldberg, and Martin Minow have done presentations on those topics. I'll leave you to figure out employer problems, and there are professionals who can help with paranoia, as long as you get to them before the Feds get to you. One approach for the teenager problem (or the related problem of machines for lab use, especially firewall research) is removable disk drives. You can get disk drive drawers for IDE/Ultra/DMA/etc for about $20, and spare disks are only $100 or so. Keep a clean copy for installing software you trust, password-protected-screensavered to reduce accidents, and give the kid his own disk to play with, plus teach him how to reinstall software from CD-ROM when it gets trashed. It's the computer equivalent of buying a full-sized beater car for your kid to learn to drive in - extra weight, airbags, and an exterior you don't care about dents in. If the kid has his own machine, and you're sharing a network, that's more trouble. You'll have to firewall your machine off from the kid's, or at least mainly run the clean copy disconnected from the net, and make sure the kid keeps current virus protection installed and running. At 12:05 PM 12/18/00 -0900, PFSanta Claus wrote: Hi, I came across your addies in a search off ask Jeeves and thought perhaps due to the way your interests run you might be up on this topic. I'm a Sr. Support Analyst for a large vendor and recently was asked by one of my casual internet contacts if there was a way to prevent a "keyboard logging" surveillance program from prevailing on their system and reporting the goings on from their keyboard. In an effort to be helpful, I set about my normal pattern of research and found that there seems to be a ton of info promoting various products, yet there is virtually nothing I could find which offers any realistic or reliable countermeasures that can be taken to prevent someone from logging the output from your keyboard. Even the hackers seem to think it isn't a threat to anyone's privacy. Weird... Thanks! Bill Bill Stewart, [EMAIL PROTECTED] PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639 _ Get your FREE download of MSN Explorer at http://explorer.msn.com
Re: Crypto questions
Honestly, it's pretty easy to take care of everything you need. Since you're using SMTP you obviously know how long the message is so you can use fairly well anything. Also because it's going over SMTP you need to be aware that you should base-64 encode everything, and the other issues. However what you need is simply: a random number generator an implementation of RSA-OAEP a good block cipher with a good chaining method (Rijndael, CBC is great) a signature scheme do the following generate a 128-bit number K D = RSA-OAEP(K) B = data | signature(data) S = D | RijndaelCBC(K, B) send(base-64(S)) Toss in some markers, something along the lines of "---Begin PGP encrypted message---" and it should work wonderfully. The reverse should be obvious, but just to make sure T = receive() S = base-64Decode(T) (D, B)= Parse(S)BasedOnMarking K = RSA-OAEPDecrypt(D) data = RijndaelCBCDecrypt(K, B) You can send anything you want this way. You can also add compression to the data before encryption, and decompress after decryption. It's not bleeding edge, but it's dependable, it's fast, it's secure, and if you're really paranoid about security, move to SHA-256 with RSA-OAEP, and use a 256-bit Rijndael key. You'll also need to make sure you use properly sized RSA keys. If you want something closer to bleeding edge, go with XTR in place of RSA, and well Rijndael is just an all around great cipher. If you want to strive for exotic, use XTR and Serpent. Of course if you want the tried and true use 3DES instead of Rijndael. If you want the most buzzwords for you condition use half-ephemeral ECC like this: do the following generate a random private key generate the public key to go with it, P Compute the shared secret, K B = data | signature(data) S = P | RijndaelCBC(K, B) send(base-64(S)) Decryption is left as an exercise. If you'd like more help there are plenty of people on the cypherpunks list (myself included) that are capable of consulting to determine what parameters you need to use. Joe - Original Message - From: "Scoville, Chad" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, December 19, 2000 9:35 AM Subject: Crypto questions I've been actively reading posts on this list for about two years now, and I'm in he process of actually trying to design/implement a data network where security is of the utmost priority. Where is a good starting point to find out about packages using algorithms which are unbreakable as of yet. All of the traffic will remain domestically within the US. The traffic will be SMTP. It would be illmatic if someone could reccomend a good reading list (current) on the bleeding edge of cryptography. Tks. in advance. CK$ Chad K. Scoville Internetwork Solutions Engineer Thrupoint, Inc. formerly Total Network Solutions 545 Fifth Avenue, 14th Floor New York, NY 10017 v 212.542.5451 p 800.555.9172 [EMAIL PROTECTED] www.thrupoint.net
Re: BT sues Prodigy over U.S. hyperlink patent
"Templeton, Stuart" wrote: probably behind the times, didn't see this spark up yet, but the quote below caught my attention... How serious would you guys suggest this "threat" to be? any information regarding other patents that could turn up like this in a more SERIOUS fashion? two serious possible outcomes: a) BT goes over a large fish after making a few small ones pay, and the large fish pays a couple mio. to a lawyer to find a loophole that invalidates the patent. b) BT strikes patent portfolio exchange deals with the large fish and lets the small fish pay. that's just how the patent system works. and yes, there's possible 20k other patents out there that are just as trivial and evil (subjectively, of course ;) ).
Re: FBI Sniff
John Young wrote: Is any of this Douglas stuff true? We don't know. at least one of his claims is false: his books are NOT banned in germany. on the contrary, there's even a german translation: http://www.amazon.de/exec/obidos/ASIN/3806111049/qid%3D977139380/302-3127721-2116047
Re: CDR: Re: The Cost of California Liberalism
On Sun, 17 Dec 2000, Bill Stewart wrote: Besides, Jim, as a Texan your tradition role in discussions of natural gas policies is supposed to be to say "let the bastards freeze in the dark" :-) ITYM "Wal, we can ship ya some natcherl gas, er some awl, but it's a gonna cost ya Tha awl bidness has its ups and downs, ya see. " :-) Bear
Re: This is why a free society is evil. [Re: This is why HTML email is evil.]
Tim May wrote: You seem to fundammentally misunderstand the situation. The reason the Personnel Commissar is ordering sensitivity training, workshops, and is requiring that posters of Brittny Spears be removed from office walls is because government and lawyers have made companies liable in various ways for "discriminatory" or "sexist" or suchlike behaviors. I may have killed my point in editing. Laws are the result of people using their property to advance their agenda. When harassment laws were proposed, companies chose not to use their property to fight these laws. Today when they give into these laws rather than fight them, they are again making a decision about how they use their property. Companies tend to value their property more than they value the free expression of their employees. Is this surprising? Is it wrong? Should companies be compelled to value the free expression of their employees higher? I don't like the current situation with zero-tolerance policies and all that any more than you do, but it's not the result of living in an unfree society. It's the result of living in a society with different values than our own. In other words, to get the freedoms we want, we have to take away other freedoms. You're really missing the point, aren't you? Go back and think about the issues more deeply. I'll always miss the point of people complaining they don't live in a free society when they use reasoning that indicates they don't really want to live in a free society. In a previous incarnation of this message, which appears to have gone into the darkness, I made a rushed point about free societies either being impossible or being a truth. I'll skip that this time and just ask this: do you mean to be complaining about not living in a free society or are you really complaining about not living in a society with a higher value on personal freedoms?
Re: The Cost of Natural Gas [was Re: The Cost of California Liberalism]
On Mon, 18 Dec 2000 [EMAIL PROTECTED] wrote: Huh? Let's make this simple. How is California's lack of power plants causing natural gas prices to rise? Plants that don't exist don't use gas and don't contribute to shortages. What the fella said was the lack of power plants indicates a lack of long-term, fixed price gas contracts, which he assumes, without evidence, would be inplace had said power plants been built. it's not an unsafe assumption, btw, but can't be proved. California's importing power from elsewhere, so why didn't these other generators commit to natural gas suppliers? Perhaps because they don't burn gas at their stations. Duh. Hint: transmission losses aren't a recent discovery. No shit. That's why line loss is taken into account in prices. So, er, what? Either you're confused or you're trying to use the cold winter as an excuse to create a strawman for your anti-Californian views. There are other possibilities. I certainly don't see any strawmwn here, anti-Cal or otherwise. Tim, Jim and Bill have already given good responses to the economic side of things, so I won't comment further in that vein. What those guys know about economics you can put into a byte. Get real or read some econ. MacN
Re: keyboard loggers.
If you have to worry about people installing keyboard logging programs on your machine without your permission, either - you're using a public shared machine at a coffeeshop or school or Kinko's to do things you think need security, or - you're using your employer's machine, and shouldn't do things that are inappropriate to do at work, - you're using your employer's machine, and need a new employer who trusts his employees instead of feeling compelled to spy on them, - you're using your employer's machine, and your employer has a serious security problem with people trying to crack in at night, - you're sharing your home machine with a teenager who runs all sorts of game programs downloaded off the net or borrowed from friends, viruses and all, - you've got serious security problems of your own - if they can sneak in and install programs like that, they can install anything else they want, copy your hard disk, probably even steal your hard disk, or - the paranoids really are out to get you. For the shared-machine problem, don't use insecure machines to do secure stuff. Use disposable email accounts, American Express one-shot credit card numbers, and if you must log in to something, use one-time passwords (either S/Key or SecureID tokens or some similar mechanism.) There's been some work done on encryption programs that run in hand-held computers, whether Palm Pilot things with displays or JavaRings or smartcards without them. Matt Blaze, Ian Goldberg, and Martin Minow have done presentations on those topics. I'll leave you to figure out employer problems, and there are professionals who can help with paranoia, as long as you get to them before the Feds get to you. One approach for the teenager problem (or the related problem of machines for lab use, especially firewall research) is removable disk drives. You can get disk drive drawers for IDE/Ultra/DMA/etc for about $20, and spare disks are only $100 or so. Keep a clean copy for installing software you trust, password-protected-screensavered to reduce accidents, and give the kid his own disk to play with, plus teach him how to reinstall software from CD-ROM when it gets trashed. It's the computer equivalent of buying a full-sized beater car for your kid to learn to drive in - extra weight, airbags, and an exterior you don't care about dents in. If the kid has his own machine, and you're sharing a network, that's more trouble. You'll have to firewall your machine off from the kid's, or at least mainly run the clean copy disconnected from the net, and make sure the kid keeps current virus protection installed and running. At 12:05 PM 12/18/00 -0900, PFSanta Claus wrote: Hi, I came across your addies in a search off ask Jeeves and thought perhaps due to the way your interests run you might be up on this topic. I'm a Sr. Support Analyst for a large vendor and recently was asked by one of my casual internet contacts if there was a way to prevent a "keyboard logging" surveillance program from prevailing on their system and reporting the goings on from their keyboard. In an effort to be helpful, I set about my normal pattern of research and found that there seems to be a ton of info promoting various products, yet there is virtually nothing I could find which offers any realistic or reliable countermeasures that can be taken to prevent someone from logging the output from your keyboard. Even the hackers seem to think it isn't a threat to anyone's privacy. Weird... Thanks! Bill Bill Stewart, [EMAIL PROTECTED] PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Re: The Cost of Natural Gas [was Re: The Cost of California Liberalism]
[EMAIL PROTECTED] wrote Huh? Let's make this simple. How is California's lack of power plants causing natural gas prices to rise? Plants that don't exist don't use gas and don't contribute to shortages. California's importing power from elsewhere, so why didn't these other generators commit to natural gas suppliers? In the energy business it is commonly assumed there is lots of natural gas in Alberta and BC. So much that most exploration companies do not bother looking for it until they has a market. In the business it is often jokingly stated that natural gas will be obsolete before we release it all from the reservoirs. If you decide to build a natural gas powered electrical generation facility to provide full-time capacity you are looking at a lead-time of at least a couple of years. With a lead time of two years the supply would be available. The delivery system may be a problem as in this day and age it can take more than two years to get approval to build pipelines in populated areas. Put your power plant in the boonies and you solve part of the problem. Basically there are two natural gas delivery systems coming out of Canada. The main system starts in northeast British Columbia on the east side of the continental divide, runs through Alberta collecting more capacity and then heads east. There is a branch going to Toronto and Montreal, the main population centres in Canada. There is another branch which heads to the Chicago area. If you check your commodity prices you will note buyers attached to this system pay much lower prices than those offered to California buyers. There is no shortage of supply in this system, you can tell by the prices. California is not directly connected to this supply system and can not benefit from this abundant supply. On this side of the continental divide there is no longer an abundant supply. One of the local gas transmission companies wanted Canadian consumers to pay CAN$500 million to increase supply through increased residential and industrial rates. We the consumers refused as we didn't need the capacity for our own use. The transmission company wanted the consumers to assume their risk with our dollars. The transmission company invested some of their own capital to do part of the connection. If you want to give them CAN$325 million they will finish finish the link between the two systems and there will be a glut of natural gas on this side of the continental divide. They know if they invest the money themselves they will loose their current price premium so they ain't doin it with their money. Commit to some long-term supply contracts at today's prices and it would completed within a year. I live out in the burbs in what was once a rural area. No one ever thought the city would grow this big. Many years ago they built a coal fired power plant less than a couple of miles away. It was down wind from the city and no one cared about the pollution back then... Around about 10 years ago they changed from coal to natural gas fired boilers. This power plant sits there mainly unused. The local tree hugger types whine too much about the pollution. The facility is not small, probably enough capacity for a city of 250K. It is used only at peak times and in emergency situations. When there are low reservior levels (which is part of your problem) it is used more often. In a properly planned electrical system this type of extra capacity is considered essential. These plants were never intended to be used fulltime so they tend to have low natural gas storage capacity and smaller inbound pipelines. In your system you are using facilities such as these for full-time power generation. In your state these plants has a quota of pollution they are allowed to produce on an annual basis. A number of these facilities had reached their annual quota of emissions so they shut down for maintenance. Since they were never intended to be used full-time they require some down time. Within the last two weeks your state government lifted the pollution quotas and pressured the operators to bring these plants back on stream. Hint: transmission losses aren't a recent discovery. You caught me by surprise on this one. I assume you are talking about electricity as if a gas delivery system has losses you tend to very quickly become aware of it. Either you're confused or you're trying to use the cold winter as an excuse to create a strawman for your anti-Californian views. I don't believe my view is anything other than an accurate description of what is plainly stated between the lines. In this part of the world there are very detailed analysis printed in the local media describing the mechanics of what is happening in the energy market. Just from your reaction you can see why this view would not be popular in your neighbourhood. Energy production is big business
Re: CDR: Re: This is why a free society is evil.
On Fri, 15 Dec 2000, Tim May wrote: -- If an employee doesn't like the calendar that another employee has on his desk, she can talk to others in the company. Maybe they'll have it removed. But she CANNOT use the courts to intervene in a matter of how the company's owners deal with their property. Her civil liberties aren't the employers property. Further, the PRIVILIGE of running a business does not have greater importance than freedom of speech and such. "Privilige (sic) of running a business"? Huh? Do you have the "Privilege" of being allowed to work? To say running a business is a "privilege" is to say that every action, everything that a person does besides breathing is a privilege. Who can bestow that privilege? Asinine. Simply having a desire to run a company does not justify using other people as property nor dictating behaviours that don't DIRECTLY effect the Unless you are chaining people to their desks, posting armed guards to prevent them from leaving, or using the law to prevent them from quiting and finding another job, you aren't treating them as property. You are treating them as adults, as independent people who can make up their own minds as to where and under what conditions they are willing to work. process of making profit. Democratic theory demands that unless the calendar can be demonstrably infringing a civil liberty it shouldn't be an issue. Freedom until you infringe anothers. The fundamental flaw with Libertarianism is it's myopic focus on economic efficiency. It's just another form of oppression via another face of socialism. Utter nonsense. But then the further the subject strays from programming and computers, the more that is common from you. As to money being the primary goal of society and it having some ability to guarantee anything approaching 'justice', "Money and not morality is the principle of commerce and commercial nations." Money, or rather the trade of goods and services *is* the morality of a society. Or to put it a little better, Money is the INDICATOR of the morality of a culture. It tells you what they value, what they want and what they think important. -- A quote from Petro's Archives: ** "Despite almost every experience I've ever had with federal authority, I keep imagining its competence." John Perry Barlow
Re: The Cost of California Liberalism
In recent years California citizens have decided against new electric power generation projects within their jurisdiction and to enforce strict air pollution standards on any existing facilities. This is great as long as the people making this decision pay the cost. Unfortunately the cost of these decisions are not being borne only be the citizens of California. The bad decisions of the citizens of California have produced an energy crisis in what is called the Northwest for which all citizens in what is called the Northwest must pay the price. Here I sit in Vancouver BC Canada paying outrageous prices for natural gas because of the demand in California for natural gas for heating and electrical generation purposes. I feel California should pay for their previous decisions themselves, if you don't want power plants don't use power or pay the complete premium for your decision. Of course the system can never be made to work in this way so here I sit in Canada paying for bad decisions in California. I live in California, and I agree 100% with your statements. The reason we aren't "paying our fair share" has to do not with greedy corporations, but with the ignorant peasants whinging to the government. -- A quote from Petro's Archives: ** "Despite almost every experience I've ever had with federal authority, I keep imagining its competence." John Perry Barlow
The Cost of Natural Gas [was Re: The Cost of California Liberalism]
"Raymond D. Mereniuk" wrote: Here I sit in Vancouver BC Canada paying outrageous prices for natural gas because of the demand in California for natural gas for heating and electrical generation purposes. I feel California should pay for their previous decisions themselves, if you don't want power plants don't use power or pay the complete premium for your decision. Sorry, such is the nature of free (and shared) markets. If anything you should thank California; if they had been building more power plants, they'd be buying more natural gas and driving up your prices even more. Besides, have your prices gone up beyond your acceptable level because of California, because of cold weather, because your neighbor replaced his oil burner with a gas furnace, or because Williams Company has been spending its money laying fiber optics instead of more gas pipelines? Natural gas is a great fuel source. You, lots of Californians, and I made a good choice in deciding to use it. Perhaps we need to reevaluate our decisions given the current situation, but blaming others for making the same decision we did doesn't make much sense. Of course the system can never be made to work in this way so here I sit in Canada paying for bad decisions in California. Sure it can, you can just take yourself out of California's market. Buy yourself a wood stove and petition your government to build/encourage more nuclear power plants. (Hey, the bottom's fallen out of the nuclear fuel rod market and I doubt California's going to be responsible for price increases in that market any time soon.)
Re: CDR: Re: This is why a free society is evil. (fwd)
Tim May writes: Folks, this increase in MIME attachments is getting out of hand. People are reading this list on a variety of machines, from PDAs to Amigas to VT100s to Unix boxes to Windows. I have a solution. I keep MIME turned off, and if the 7-bit representation of the message is not instantly recognizable as substantially English, I hit delete. Sometimes, if I am in a bad mood, I hit delete upon seeing the large "M" next to the message on the index, and don't even bother reading it. If the MIME infestation proliferates, this process can be automated. -- Eric Michael Cordian 0+ O:.T:.O:. Mathematical Munitions Division "Do What Thou Wilt Shall Be The Whole Of The Law"
Re: CDR: Re: This is why a free society is evil.
-- At 02:15 AM 12/17/2000 -0800, petro wrote: Her civil liberties aren't the employers property. Further, the PRIVILIGE of running a business does not have greater importance than freedom of speech and such. If running a business is a privilege, then of course it will be restricted to the privileged, which is exactly what we see in the more extreme social democracies, where the people running the show are usually the lineal descendents of those who got their start at the time of Napoleon. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG v3qxyKbLMz4jMhEuuO+gleBfPXjm9aH4lPJElTCM 4a7b9+GMOQHNYIGTf4tq026J5OgmLPmAFeJcHNyD/
Re: throw-away acct test
On Sun, Dec 17, 2000 at 01:18:11PM -0800, montag montag wrote: testing ... testing CHECK ! It works. Not too useful when Yahoo records your IP address. Received: from [64.164.25.91] by web11403.mail.yahoo.com; Sun, 17 Dec 2000 +13:18:11 PST Date: Sun, 17 Dec 2000 13:18:11 -0800 (PST) From: montag montag [EMAIL PROTECTED] Subject: throw-away acct test And when there are only a couple of regular posters using similar connections to adsl-64-164-25-91.dsl.snfc21.pacbell.net I'd guess that there is a moderate probability of you being "Jonathan Wienke" [EMAIL PROTECTED] - JonathanW (adsl-64-164-156-82.dsl.snfc21.pacbell.net [64.164.156.82]) from a couple of recent postings. Of course this is all rampant speculation on my part. Brian -- Brian C. Lane - Linux Programmer/Consultant/Writer www.brianlane.com Virtual Web Hosting www.nexuscomputing.com NRA Life Member www.libertynews.org 911 -- government sponsored Dial-a-Prayer. PGP signature
Re: The Cost of California Liberalism
At 08:35 AM 12/17/00 -0600, Jim Choate wrote: The reality is the NW people got what they deserved. They voted to use the Cali. power grid instead of their own. No injustice or wrong has occured here because everyone got a say. You reap what you sow. It's a market thing, or as liberals would say, it's about sharing. Power generation capacity on the West Coast normally balances between California air conditioning in the summer and Northwest heating in the winter, and if each area had enough capacity for all its needs, the system would be way overbuilt. I don't know if Northwesters are as aggressive Not In My Back Yarders as Californians about building power plants, but it's much more efficient to use a power grid. Except, of course, when you overload it and stress the capacity limits and have stuff catch fire in the summer... Besides, Jim, as a Texan your tradition role in discussions of natural gas policies is supposed to be to say "let the bastards freeze in the dark" :-) Thanks! Bill Bill Stewart, [EMAIL PROTECTED] PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Re: CDR: Re: This is why a free society is evil.
At 06:13 PM 12/15/00 -0600, Jim Choate wrote: On Fri, 15 Dec 2000, Tim May wrote: -- If an employee doesn't like the calendar that another employee has on his desk, she can talk to others in the company. Maybe they'll have it removed. But she CANNOT use the courts to intervene in a matter of how the company's owners deal with their property. Her civil liberties aren't the employers property. Further, the PRIVILIGE of running a business does not have greater importance than freedom of speech and such. Simply having a desire to run a company does not justify using other people as property nor dictating behaviours that don't DIRECTLY effect the process of making profit. Democratic theory demands that unless the calendar can be demonstrably infringing a civil liberty it shouldn't be an issue. Freedom until you infringe anothers. Tim said that in a free society she wouldn't be able to sue. Jim said that Tim is entirely wrong, that in a free society she wouldn't be able to sue. It's true that they give different reasons, but I can't see that there's a fundamental conflict here. Also, Jim says that "Democratic theory demands that..." Theories don't demand things, people do, but most people who like democracy demand that whatever the majority wants, it gets. (And some say, it ought to get it good and hard.) Some theories about democracy say that this will always be good, because most people are mostly good; some say that this will be inherently right because it's what Da People want; some say that it may not be all that good but you can do a lot worse with most of the available alternatives, and that if you don't settle for that the worse alternatives will take over. Tim, on the other hand, believes that in a free society that if you want to run a business you can (or at least you can try). Jim repeatedly asserts that running a business is a privilege that somebody, I guess Da Majority, graciously grants you, and can take away if they want, and that it's somehow not part of freedom. Thanks! Bill Bill Stewart, [EMAIL PROTECTED] PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Re: This is why a free society is evil.
- Original Message - From: "Jim Choate" [EMAIL PROTECTED] Crypto-anarchy and libertarianism are just another form of fascism at best and socialism at worst. It's a means for one group of people to oppress and control another. If Choatean programming follows Choatean physics and political philosophy, a lot of IBM's design choices suddenly make sense.
Inquiry RE: audiobook reviewers
Found your request on Editor's Choice. I'm a professional writer, avid reader and believe in audiobooks. Spend a lot of time driving across rural Montana. What's your terms? Can you be more specific if your need still exists. I'm capable and interested and have done numerous book reviews from print. Dwayne Parsons [EMAIL PROTECTED]
Re: Final Carnivore Report Offers No New Answers
It's all well and good to hear this coming from a Congressman but this is a Republican Congressman who is using it as a opportunity to attack a Democratic Administration : should we read anything into this statement regarding some significant difference between the two parties in regards privacy and 4th Ammendment issues? Hardly. Mike This just in from US House Majority Leader Dick Armey: - Final Carnivore Report Offers No New Answers A newly released, final version of the report on the Carnivore cybersnooping system offers no assurance that online transactions will be kept confidential. http://freedom.gov/library/technology/carn-review3.asp US House Majority Leader Dick Armey made the following comments about the newly released, final report on the Carnivore cybersnooping system: This superficial review doesn't get to the heart of the matter. It does nothing to restore the confidence that Americans should have in the confidentiality of their online transactions. Why should average Internet users have to wonder whether a rogue agent could snoop through their emails and other online transactions? If this Administration were actually interested in an honest evaluation of Carnivore, it would have shut the system down until the serious privacy concerns had been adequately addressed. Instead, this review by a team with clear ties to this Administration raises more concerns than it answers. Regards, Matt-
Re: ATT signs bulk hosting contract with spammers
On Fri, 15 Dec 2000, Declan McCullagh wrote: BTW the first things the Feds are now saying when they speak in public (http://www.mccullagh.org/image/950-17/aba-netspionage-broadcast.html) is that they do not come in and cart off everything you own. At least that's the latest spin. :) Of course they don't. Carting stuff is a job for union workers, so that's done by the General Services Administration, unless there's some other local union contract that requires your city's workers to do it. And deciding whether you own things or not is a long legal process, as is identifying what things you might own that are somewhere else. So instead they just have the aforementioned union or city workers cart away everything you _have_, and cart back anything later determined to belong to someone else, unless it looks suspictious, of course. Thanks! Bill Bill Stewart, [EMAIL PROTECTED] PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Re: CDR: This is why a free society is evil. [Re: This is why HTML email is evil.]
Tim May wrote: In a free society, free economy, then employers and employees are much more flexible. A solid contributor would not be fired for something so trivial as having a porn picture embedded in some minor way. Hell, a solid contributor probably wouldn't be fired even for sending MPEG porn movies to his buddies! ... and Tim goes on to attribute this to lawsuits of types that he asserts wouldn't happen in a free society. It's not that cut and dried - in a free society, solid contributors are often fired for non-economic reasons, and one reason such people are _not_ fired is also fear of lawsuits. Stupidity may be stupid, but it's not rare, and there are lots more opportunities for random decisions to get made. One friend of mine was having lunch with her boss and a male coworker that she got along well with, (back in the 70s) and the boss asked if they were going out. "No, Bob, Charlie and I are both gay"; she and her coworker were both fired that week. It wouldn't happen today, at least here in San Francisco, partly because of changing attitudes in society (or at least because people got used to it), and partly because the boss would worry about losing other productive workers or customers, but also because the boss would get sued or harassed by _some_ city or state agency whose job is harassing businesses. But there's much of the country where it could happen. An employer might also be concerned about the effects of a hostile atmosphere on the productivity of other employees, not just the lawsuitishness of those employees - in a free society you have more flexibility to make decisions about how to handle situations. Sometimes companies don't deal with personnel-relationships problems until hit on the head with a two-by-four made of compressed lawyers. Thanks! Bill Bill Stewart, [EMAIL PROTECTED] PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Re: All these different addresses.
Gary, take a look at http://einstein.ssz.com/cdr/index.html The short answer is that the list is intentionally distributed, so that there is no single point of failure, censure or seizure. They're all real addresses, though @toad.com is deprecated. The software details for each address may be different, but essentially each list will distribute, to its subscribers, the traffic from all the other addresses. -- Greg PS: Yes, this makes setting up anti-spam filters more difficult for subscribers. PPS: No, ideas about having subscriber-only posting are not likely to be favorably entertained -- check out the list archives for loads of discussion on the topic, as recently as last month. On Thu, Dec 14, 2000 at 06:45:13PM +, Gary Benson wrote: How come this list has so many addresses: [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED] Is any of these the *real* address, or it is a personal choice? -- My real email address is embedded in my public key: 85A8F78B 6646 CF68 DEA8 07CA CA64 C18C A150 FC2D 85A8 F78B
Re: nambla
Only four lines of curses? Sheesh. Thought we'd rate at least five. -Declan On Thu, Dec 14, 2000 at 12:03:09PM -0800, gary seven wrote: You are under the Judgement of the LORD GOD OF HOST for the sin of the sea of babies, abortion and infant sacrifice to the devil. You will burn in the presence of the HOLY Angels. The seals are opened. PREPARE FOR YOUR DESTRUCTION CAMAEL ARCHANGEL OF DESTRUCTION THE PLAGUES OF THE LORD FOR THE SIN OF THE SEA OF BABIES UPON ALL NATIONS OF THE EARTH IAIAIAIAIOIOIOIOIO I AM BEFORE ALL BUT THE FATHER; MELOCH HEL ALOKIM TPHARET HOD JESAITH; BAHANDO HELESLOIR DEALZAT Cursed shall you be in the city, and cursed shall you be in the field. Cursed shall be your basket and your kneading-trough. Cursed shall be the fruit of your body, and the fruit of your ground, the increase of your cattle, and the young of your flock. Cursed shall you be when you come in, and cursed shall you be when you go out. "The LORD will send upon you curses, confusion, and frustration, in all that you undertake to do, until you are destroyed and perish quickly, on account of the evil of your doings, because you have forsaken me. The LORD will make the pestilence cleave to you until he has consumed you off the land which you are entering to take possession of it. The LORD will smite you with consumption, and with fever, inflammation, and fiery heat, and with drought, and with blasting, and with mildew; they shall pursue you until you perish. And the heavens over your head shall be brass, and the earth under you shall be iron. The LORD will make the rain of your land powder and dust; from heaven it shall come down upon you until you are destroyed. "The LORD will cause you to be defeated before your enemies; you shall go out one way against them, and flee seven ways before them; and you shall be a horror to all the kingdoms of the earth. And your dead body shall be food for all birds of the air, and for the beasts of the earth; and there shall be no one to frighten them away. The LORD will smite you with the boils of Egypt, and with the ulcers and the scurvy and the itch, of which you cannot be healed. The LORD will smite you with madness and blindness and confusion of mind; and you shall grope at noonday, as the blind grope in darkness, and you shall not prosper in your ways; and you shall be only oppressed and robbed continually, and there shall be no one to help you. You shall betroth a wife, and another man shall lie with her; you shall build a house, and you shall not dwell in it; you shall plant a vineyard, and you shall not use the fruit of it. Your ox shall be slain before your eyes, and you shall not eat of it; your ass shall be violently taken away before your face, and shall not be restored to you; your sheep shall be given to your enemies, and there shall be no one to help you. Your sons and your daughters shall be given to another people, while your eyes look on and fail with longing for them all the day; and it shall not be in the power of your hand to prevent it. A nation which you have not known shall eat up the fruit of your ground and of all your labors; and you shall be only oppressed and crushed continually; so that you shall be driven mad by the sight which your eyes shall see. The LORD will smite you on the knees and on the legs with grievous boils of which you cannot be healed, from the sole of your foot to the crown of your head. "The LORD will bring you, and your king whom you set over you, to a nation that neither you nor your fathers have known; and there you shall serve other gods, of wood and stone. And you shall become a horror, a proverb, and a byword, among all the peoples where the LORD will lead you away. You shall carry much seed into the field, and shall gather little in; for the locust shall consume it. You shall plant vineyards and dress them, but you shall neither drink of the wine nor gather the grapes; for the worm shall eat them. You shall have olive trees throughout all your territory, but you shall not anoint yourself with the oil; for your olives shall drop off. You shall beget sons and daughters, but they shall not be yours; for they shall go into captivity. All your trees and the fruit of your ground the locust shall possess. The sojourner who is among you shall mount above you higher and higher; and you shall come down lower and lower. He shall lend to you, and you shall not lend to him; he shall be the head, and you shall be the tail. All these curses shall come upon you and pursue you and overtake you, till you are destroyed, because you did not obey the voice of the LORD your God, to keep his commandments and his statutes which he commanded you. They shall be upon you as a sign and a wonder, and upon your descendants for ever. "Because you did not serve the LORD your God with joyfulness and gladness of heart, by reason of the abundance of all things, therefore you shall
Re: All these different addresses.
On Thu, 14 Dec 2000, Gary Benson wrote: How come this list has so many addresses: snip Is any of these the *real* address, or it is a personal choice? Yes. Bear
Re: nambla
Our father, who's art is in porn ; Halloween by Thy name; Thy kingdom Cum; Thy wife will be done, on earth as she were in a whore house. Give us this day our daily blow job; and forgive us our sales taxes, as we forgive those who tax against us, and lead us not into D.C. ; but deliver us from Church. Amen. author unknown Regards, Matt- ** Subscribe to Freematt's Alerts: Pro-Individual Rights Issues Send a blank message to: [EMAIL PROTECTED] with the words subscribe FA on the subject line. List is private and moderated (7-30 messages per month) Matthew Gaylor, 1933 E. Dublin-Granville Rd., PMB 176, Columbus, OH 43229 (614) 313-5722 Archived at http://www.egroups.com/list/fa/ **
Re: nambla
Matt, I didn't know you were the religious type! -Declan At 21:07 12/14/2000 -0500, Matthew Gaylor wrote: Our father, who's art is in porn ; Halloween by Thy name; Thy kingdom Cum; Thy wife will be done, on earth as she were in a whore house. Give us this day our daily blow job; and forgive us our sales taxes, as we forgive those who tax against us, and lead us not into D.C. ; but deliver us from Church. Amen. author unknown Regards, Matt-
Re: Ranks Of Privacy 'Pragmatists' Are Growing
Bill, this is splendid! Can I talk you into writing a similar screed about privacy leftists? I'll cite you in my weekly column. --Declan At 21:28 12/13/2000 -0800, Bill Stewart wrote: At 04:46 PM 12/13/00 -0800, R. A. Hettinga wrote: At 11:35 AM -0500 on 12/9/00, Declan McCullagh wrote: Privacy leftists We have a winner. Time to patch the old buzzword engine with something *truly* inflammatory... Of course, "Privacy Rightwingers" don't believe in real privacy either. (You can't use the term "privacy rightists" to parallel "privacy leftists" because it will be interpreted wrong, but "Privacy Rightwingers" is close.) After all, the government ought to be able to poke into your business, and tap your phone calls in traditional fashion, and keep track of your race, and keep track of your nationality in case you might be a furriner, and keep track of who lives where because there might be (gasp!) unmarried persons of opposite sex sharing living quarters, or otherwise shacking up. Motels, too. And anywhere Commies do anything. They probably don't insist on violating your privacy in everything - for instance there's no need to search people getting on airplanes, because if everybody took handguns on planes they could shoot any Commie hijackers trying to go to Cuba Then there's Barlow's definition of privacy in a small town "where you don't need to use your turn signal because everybody knows where you're going anyway." Thanks! Bill Bill Stewart, [EMAIL PROTECTED] PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Re: My short writeup of the NymIP effort
Now Im confused REALLY confused. For a second there, I thought ZKS was actually executing a turnaround to become a real privacy company, what with their recent repositioning towards managed privacy services and all. Companies out there need privacy solutions, and the field is wide open for the taking right now.. There arent many other companies out there with shipping products for the enterprise space yet .. in addition to ZKS (which Im not sure if they REALLY have a product for the enterprise space? although they seem to like to talk about it??) theres PrivacyRight and Privada out in California, and then thats about it.. and from what I can tell, the enterprise market is more than large enough for 3 companies right now.. I mean, if ZKS ever got their head screwed on right (read: fired Austin Hill??), they MIGHT stand a sliver of a chance of actually making some money -- But NOW, ZKS turns around and pulls a NymIP project for the IETF? What does this have to do w/ anything? (or at least, what does it have to do w/ the ZKS repositioning to become a genuine privacy company?) It seems this has more in line w/ what Ive been saying all along: the ZKS is really a free speech company, not a privacy company. Ive perused the (so far short) NymIP mailing lists and even the members agree that the NymIP project shares more in common w/ Fling (http://fling.sourceforge.net/), a free-speech system for the Internet, than it does w/ anything privacy related.. First, Ill go over all the obvious technical flaws w/ NymIP. For this protocol to have any practical applicability, we have to believe the ZKS mantra that IP addresses somehow represents personally identifiable information (PII) that is highly sensitive, and therefore must be encrypted We are asked to believe, in other words, that 1 IP address == 1 person.. Notwithstanding the obvious fact that today 60% of the Internet population logs on through AOL where 10,000 users share one IP address at the same time, Id like to ask the NymIP team what they plan to do once IPv6 is rolled out?? The 1 IP address == 1 person concept is highly tenuous under IPv4, and altogether laughable under IPv6.. Reading of the Goals of NymIP draft, the project lacks clear definition apparently they want to throw a bunch of academics in a room and see if they can come up w/ some vacuous concept called controlled nymity ( - - what the hell does that mean??) all w/o attempting to set any concrete benchmarks or milestones? The draft also stresses PKI.. Im wondering how much trust ZKS in general places in PKI? Have they read Schneiers 10 risks of PKI?: http://www.counterpane.com/pki-risks-ft.txt You have to wonder about IETF adoption too .. I checked out the agenda for the San Diego meeting and there is no mention of NymIP: http://www.ietf.org/meetings/IETF-49.html Also, just run through the standards that the IETF really does back: LDAP, Kerberos, IP telephony, VoIP, IPSec, and on and on.. these are real applications for have real business uses for enterprises and individuals. Thats why they have the support of the IEFT.. Wheres the real use for nyms? How many people have downloaded Freedom and are using? (I never see anyone I know on the Internet using @freedom.net addresses..) How many businesses are using ZKS? (if in fact they even have a product for businesses?) If nyms were a real thing, technologically + economically, they would have happened by now, but they havent.. (YES Im using a nym to write this email, but I dont use one nym to purchase computer books on Amazon, use a different nym to buy porno books on Amazon, etc.. and THAT is the economic reality that would have to be occurring for ZKS-style nyms to have any real traction yet it does NOT occur..) What irritates me more than anything about ZKS is their belief that cryptography can solve all the worlds privacy problems.. any sophisticated security professional will tell you that cryptography barely solves any security problems, and although good privacy starts w/ good security (since w/o security, information will tend to leak around where you dont want it to), privacy is vastly more complex than security.. 10 years ago you had people like Schneier talking about the role of cryptography in security. Since then, these people have moved beyond the algorithms and protocols, into the products, then into the policies and procedures, and today you have people like Schneier basically advising companies to just buy insurance to cover computer security risks after all, the whole security game is just a risk management game, and what better way to manage risk than via insurance? But at ZKS, theyre still living in a world where cryptography solves everything, completely ignoring the human element.. (which is really the most important) (and while we're on the subject on cryptography, what exactly is wrong w/ SSL? And don't tell me
Re: Geodesic Fractal Whatitz
"Carskadden, Rush" wrote: Well, hell, that's what I said. Well I'll be! I guess you did! But you make it sound so much more _clear_. I don't remember who was saying that geodesic definition is based solely on local information, but that appears to be the major roadblock for our logic. Mathematically I think that's correct. Isn't the blockage the idea that a structure ( the economic network ) must necessarily reflect 1:1 the underlying structures ( transport, communication ) on which it depends? If I could find out where this stipulation is coming from the idea that network == internet ? and figure out the necessary logical proofs, you could possibly have a water-tight buzzword. Just the thing to keep the softening economy afloat. Pass it on to the new prez, he'll like it and it will the communication of his ideas to the citizens more effective. I don't believe I have ever heard one of those (the marketing favorite, "paradigm shift" is an excellent example of why buzzwords don't have to be logical anyway). Paradigm shifts are very real. Every time I spend 20 cents. Isn't the "synergy" on this list encouraging? To: [EMAIL PROTECTED] Subject: Geodesic Fractal Whatitz Bob, We *do* all trade with our neighbors so your term is only trouble when looking at the wrong part of the geometry. With trade the measure should not be based on physical space or network geometry, those are transient and permutable, rather the measure should be based on the proximity of the parties in terms of goods consumed, goods produced and pricing. The networks are not electrical or geographical they're economic. So while it does affect cost all this communication and transportation technology is only the physical layer. Mike
RE: Geodesic Fractal Whatitz
Title: RE: Geodesic Fractal Whatitz Well, hell, that's what I said. But you make it sound so much more _clear_. I don't remember who was saying that geodesic definition is based solely on local information, but that appears to be the major roadblock for our logic. If I could find out where this stipulation is coming from and figure out the necessary logical proofs, you could possibly have a water-tight buzzword. I don't believe I have ever heard one of those (the marketing favorite, paradigm shift is an excellent example of why buzzwords don't have to be logical anyway). -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 12, 2000 11:19 AM To: [EMAIL PROTECTED] Subject: Geodesic Fractal Whatitz Bob, We *do* all trade with our neighbors so your term is only trouble when looking at the wrong part of the geometry. With trade the measure should not be based on physical space or network geometry, those are transient and permutable, rather the measure should be based on the proximity of the parties in terms of goods consumed, goods produced and pricing. The networks are not electrical or geographical they're economic. So while it does affect cost all this communication and transportation technology is only the physical layer. Mike
Re: Ranks Of Privacy 'Pragmatists' Are Growing
At 11:35 AM -0500 on 12/9/00, Declan McCullagh wrote: Privacy leftists We have a winner. Time to patch the old buzzword engine with something *truly* inflammatory... :-). Cheers, RAH -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Re: Geodesic Fractal Whatzit
I think this article from satirewire sums it all up: http://satirewire.com/briefs/lobster.shtml Neil M. Johnson [EMAIL PROTECTED] http://www.interl.net/~njohnson PGP Key Finger Print: 93C0 793F B66E A0C7 CEEA 3E92 6B99 2DCC
Re: CDR: RE: Re: About 5yr. log retention
Tim May wrote: Lighten up. It was a joke. (I even provided a hint, in the "honored in some cultures.") sorry, I've been working overtime on some stuff here lately, and I was too tired to get it. also, I'm tired of the nitpicking some people here exhibit as if there were nothing more important to do than ignore the main point of a posting and nibble on the minor errors.
Re: Questions of size...
"R. A. Hettinga" wrote: At 9:48 PM + on 12/11/00, Ben Laurie wrote: Chambers defines geodesic as "the shortest line on a surface between two points on it" Thank you. It works in all dimensions, and, thus it's topological, right? Indeed. Cheers, Ben. -- http://www.apache-ssl.org/ben.html "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
Re: Questions of size...
On Mon, 11 Dec 2000, Ben Laurie wrote:
Chambers defines geodesic as "the shortest line on a surface between two
points on it" and that is precisely the meaning in general relativity.
No question about it. The term also doesn't mean a whole lot when applied
as-is in the many instances it is on this list. As Tim put it, it pretty
much equates to "cyberpunkish". What little I've grasped of RAH's usage
is that "geodesic" often translates as "distributed", one of the main
features of which is that it "operates based on locally available
information". Hence... Besides, if you know your Einstein (or Riemann, or
Minkowsky) even a little bit you will recognize that one of the prime
reasons for the development of a geometric interpretation of physics is the
need to have a solid theory not reliant on instantaneous transfer of
information ("local"). My interpretation is not unreasonable at all,
considering the alternatives. Wanna drop it?
Saying that it has anything to do with distributed systems is making it
up as you go along.
Ain't everybody?
And if RAH is now going to claim that's what he meant then he's making
it up as he goes along, too (well, we knew that anyway, but redefining
geodesic in this way is going too far).
It's good to know you're hip to this.
Sampo Syreeni [EMAIL PROTECTED], aka decoy, student/math/Helsinki university
Re: Questions of size...
On Mon, 11 Dec 2000, R. A. Hettinga wrote: Chambers defines geodesic as "the shortest line on a surface between two points on it" Thank you. It works in all dimensions, and, thus it's topological, right? Topology does not deal with dimension or distance. Pure geometry. Not even affine or anything. As I've seen them defined, geodesics do not necessarily mean the shortest path but rather the shortest path based on local knowledge. I.e. if you have a wormhole in general relativity, the possible shortcut does not affect the definition of geodesics in any way. You calculate the geodesic based on the local curvature measure of the space, that's it. Sampo Syreeni [EMAIL PROTECTED], aka decoy, student/math/Helsinki university
RE: Questions of size...
Title: RE: Questions of size... Comments below: -Original Message- From: Tim May [mailto:[EMAIL PROTECTED]] Sent: Monday, December 11, 2000 5:51 PM To: [EMAIL PROTECTED] Subject: Re: Questions of size... snip By the way, one topological aspect of a geodesic dome, to go back to that, is that each node is surrounded by some number of neighbors. Applied to a geodesic economy, this image/metaphor would strongly suggest that economic agents are trading with their neighbors, who then trade with other neighbors, and so on. Tribes deep in the Amazon, who deal only with their neighbors, are then the canonical geodesic economy. I would disagree with the supporting logic here. You could theoretically conclude that such systems were geodesic in nature if you really wanted to, but it would be due to the fact that there is a minimum economic distance (cost, perhaps) in dealings between participants. I don't think it is safe to say that these transactions are canonically geodesic, unless you are also willing to propose that the surface of the economic structure is bound inseperably to the geography of the planet. I believe that when we are talking about a distance metric associated with the structure of economic transactions (we are talking about transactions, right?), the most natural metric to be used in geodesic economics would be cost. That's not to say that I have, at this point, read any material that makes a great logical case for the geodesic nature of the economic transactions that Mr. Hettinga describes. I am currently operating on a little blind faith and a big hunch when assuming for the sake of conversation that Mr. Hettinga's proposed transactions would be reduced-cost. It just seems to make sense. I agree with you, Mr. May, that a seemingly geodesic economomic system can be achieved through localization of the market and direct trade. I do not believe that localization is a defining element of a geodesic economy. It seems that a broad move toward localization being in-efficient in our own economy (one would have to prove this, and why), the concepts that Mr. Hettinga proposes may provide a working substitute for localization, by proposing a means of direct interaction between parties that breaks geographical limitations, and thereby reducing E.D. (economic distance). Again, one would have to prove that cost is a good metric for E.D., and then one would have to prove that Mr. Hettinga's proposals result in reduced cost in transactions. It's a tough case, but my hunch sides with Mr. Hettinga. This is precisely the _opposite_ of the mulitiply-connected trading situation which modern systems make possible. So, aside from the cuteness of suggesting a connection with geodesic domes, with buckybits as the currency perhaps?, this all creates confusion rather than clarity. --Tim May -- (This .sig file has not been significantly changed since 1992. As the election debacle unfolds, it is time to prepare a new one. Stay tuned.)
Re: Questions of size...
Sampo A Syreeni wrote:
On Mon, 11 Dec 2000, Ben Laurie wrote:
Chambers defines geodesic as "the shortest line on a surface between two
points on it" and that is precisely the meaning in general relativity.
No question about it. The term also doesn't mean a whole lot when applied
as-is in the many instances it is on this list. As Tim put it, it pretty
much equates to "cyberpunkish".
Not being subscribed to cypherpunks (has S/R improved?) I will have
missed that.
What little I've grasped of RAH's usage
is that "geodesic" often translates as "distributed", one of the main
features of which is that it "operates based on locally available
information". Hence... Besides, if you know your Einstein (or Riemann, or
Minkowsky) even a little bit you will recognize that one of the prime
reasons for the development of a geometric interpretation of physics is the
need to have a solid theory not reliant on instantaneous transfer of
information ("local"). My interpretation is not unreasonable at all,
considering the alternatives. Wanna drop it?
:-) Certainly not. AFAIK, RAH has always used "geodesic" in conjuction
with "settlement", which clearly says to me that he's talking about the
quickest/easiest way to do money transfer. You may, or may not, achieve
that with distributed systems, but so what?
And, to hit relativity, for completeness, geodesic in that sense is
about figuring out curvature. That is, knowing all geodesics tells you
the shape of space-time. And, natch, light follows geodesics, which is
the glue that holds it all together (and brings in your non-instaneous
transfer, too, but again, that is neither a consequence of, nor a
requirement for, geodesics).
Saying that it has anything to do with distributed systems is making it
up as you go along.
Ain't everybody?
I'm taking the fifth on that one.
And if RAH is now going to claim that's what he meant then he's making
it up as he goes along, too (well, we knew that anyway, but redefining
geodesic in this way is going too far).
It's good to know you're hip to this.
Like, yeah, daddy-o.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
Re: Questions of size...
At 7:42 PM + 12/12/00, Ben Laurie wrote: Sampo A Syreeni wrote: On Mon, 11 Dec 2000, Ben Laurie wrote: Chambers defines geodesic as "the shortest line on a surface between two points on it" and that is precisely the meaning in general relativity. No question about it. The term also doesn't mean a whole lot when applied as-is in the many instances it is on this list. As Tim put it, it pretty much equates to "cyberpunkish". Not being subscribed to cypherpunks (has S/R improved?) I will have missed that. Signal happens when good writers contribute good articles. Noise happens in the expected ways. Noise is what the delete key, and filters, were made for. As you are apparently reading this from the "DBS" list, you are not seeing any of my contributions. Regrettfully, DBS (and DCSB, or Bearebucks, or whatever Bob is calling his list(s)) is not an "open system." The Cypherpunks tried such a censored list a few years ago, and we rejected the approach. I wrote a large article debunking the "geodesics is about topology" point of view. Others have said similar things. Please don't contribute articles to the Cypherpunks list if you are, as you say, not subscribed. While we don't reject articles by nonsubscribers, as per the above, it is tacky and rude for nonsubscribers to address articles to lists they are not tracking. Thank you, --Tim May -- (This .sig file has not been significantly changed since 1992. As the election debacle unfolds, it is time to prepare a new one. Stay tuned.)
Re: Info..help
At 04:11 AM 12/12/00 MST, sunil pandith wrote: Dear Sir, I am an engineering student. I am interested in real time encryption of = voice using a DSP kit and a stream cipher., Kindly send me the link = where the algorithm is available... I am in need of the white paper or similar thing, which is going to = explain me the algoritm clearly, You're an engineering student, and since you're on USA.NET, I'd assume you're in the US. So go to your school's library, and get a copy of books on cryptography - I'd recommend Bruce Schneier's "Applied Cryptography". It's got a bibliography with over 1000 references, so you should be able to use your library to look up more detail about anything that Schneier talks about. You're talking about "The Algorithm" like there's only one. There are lots. Read Schneier, pick an algorithm, and explain your selection to your professor. Think about the security of the algorithm, things you need to be careful of for using it securely, the performance needs of the algorithm, the capabilities of your DSP and programming environment and the things you'll need to do to implement it. How do you plan to exchange keys? Are there algorithms that are designed for that? What weaknesses do they have? How do you plan to test your system, to be sure the data is really encrypted? Also think about how you'll handle the voice itself. What are your input formats? What's your networking environment? Do you need to do compression? How much bandwidth will your network have? How much computational ability does your DSP have? Are there standard algorithm libraries available for your DSP, or will you need to roll your own? What constraints on voice quality do you have? Thanks! Bill Bill Stewart, [EMAIL PROTECTED] PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Re: Hettinga does *nothing* but hand-waving, folks...
--- begin forwarded text Date: Sun, 10 Dec 2000 14:49:44 -0800 To: "R. A. Hettinga" [EMAIL PROTECTED] From: Somebody Subject: Re: Hettinga does *nothing* but hand-waving, folks... Note: This is off-list. I don't care if you post it back there, but I don't see the need to take it there. You have said repeatedly: "...and, two, that our social structures map directly to our communication architectures..." I've been doing some thinking about this, and it seems to me that you are about 95% correct in this, you just don't take it far enough. It seems to me that what we think of as society is our communication. Social structures don't just map to the communication infrastructure (architecture, whatever), the communication infrastructure IS the social infrastructure. Society is Communication. Communication is Society. You can't have society without communication. As soon as you have any communication, you include (or are included) in the society of the person you are communicating with--and as soon as the communication is stopped for any length of time you are not apart of it any more. Somebody's .sig --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
RE: Re: About 5yr. log retention
At 12:45 PM +0100 12/11/00, Tom Vogt wrote: Tim May wrote: At 1:41 PM +0100 12/8/00, Tom Vogt wrote: Me wrote: In English it is preferable to write "I wrote," though "Me wrote" is honored in some subcultures. that part is put in automatically by netscape. I don't usually add obvious statements like "look, I can write" to my mails. :) anyways, my whole point was that for many people, religion is as or even more important than law. I'm sure you have a fair share of them as well. so things can get pretty interesting when 2 such high-level values collide. more interesting than a collision between, say, the law and a more-or-less important demand for privacy. that's the whole point. I know some people just can't help turning every spelling error into an attack on their fundamental values, but frankly, that's not my problem. Lighten up. It was a joke. (I even provided a hint, in the "honored in some cultures.") --Tim May -- (This .sig file has not been significantly changed since 1992. As the election debacle unfolds, it is time to prepare a new one. Stay tuned.)
Re: Questions of size...
What Chambers defines geodesic as "the shortest line on a surface between two points on it" and that is precisely the meaning in general relativity. Saying that it has anything to do with distributed systems is making it up as you go along. And if RAH is now going to claim that's what he meant then he's making it up as he goes along, too (well, we knew that anyway, but redefining geodesic in this way is going too far). Cheers, Ben. "R. A. Hettinga" wrote: --- begin forwarded text Date: Sun, 10 Dec 2000 19:04:12 +0200 (EET) From: Sampo A Syreeni [EMAIL PROTECTED] To: Ray Dillinger [EMAIL PROTECTED] cc: [EMAIL PROTECTED] Subject: Re: Questions of size... Sender: [EMAIL PROTECTED] Reply-To: Sampo A Syreeni [EMAIL PROTECTED] On Fri, 8 Dec 2000, Ray Dillinger wrote: (RAH might have called it a geodesic political culture if he hadn't got this strange Marxist idea that politics is just an emergent property of economics :-) Just by the way, how widespread is this use of the word 'geodesic'? Not very, I think. It seems it's RAH's specialty. It's quite poetic, actually. Offhand, I'd refer to many of the things I've seen it used for here as 'distributed' or 'fractal'. Is 'geodesic' an accepted term of art for a network or protocol in which all the parts work roughly the same way? Although 'geodesic' does have, through its use in general relativity, some faint echo of 'operates purely based on local information', I think it's a misnomer. People should rather use the term 'distributed' literally, as it's used in computer science. That's the meaning RAH is after, not true? Sampo Syreeni [EMAIL PROTECTED], aka decoy, student/math/Helsinki university --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' -- http://www.apache-ssl.org/ben.html "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff
RE: Personal Firewalls Fail the Leak Test
Title: RE: Personal Firewalls Fail the Leak Test Whatever. Comments below. -Original Message- From: Nomen Nescio [mailto:[EMAIL PROTECTED]] Sent: Saturday, December 09, 2000 12:00 AM To: [EMAIL PROTECTED] Subject: Personal Firewalls Fail the Leak Test problem of hacker attacks. Most people don't have any vulnerabilities; there's nothing a hacker can do to you. So I argue against the necessity of any kind of inbound blocking tool, said Gibson. This man is clearly a security genius. They do a cryptographic signature of the programs you're allowing. That's not hard to do, but they're the only ones who do it, he said. Is it the responsibility of firewall software to do integrity checking? Isn't host-based intrusion detection a different thing altogether? I'm not defending software that is pretty obviously crap, but at least make an intelligent argument on it's weakness.
Re: The US mis-election - an oportunity for e-voting..
At 11:58 AM -0500 12/10/00, Robert Guerra wrote: Declan: I completely agree with you that internet voting isn't quite ready fom prime-time just yet. But given the current snafu I highly suspect that there will be a lot of interest in the field. Certainly, I hope one of the few things the new congress will be able to do is set-up a commission to propose new voting standards. Hopefully they will pick a standard that doesn't give rise to problems 30-40 years in the future... personally, if I had a say I'd say they should adopt the same system Canada uses. They use a 100 year old system, had few if any recounts, and managed to count all thier manual ballots in less than 72 hours. It wasn't a close election, was it? Didn't think so. In the U.S., when the election isn't close, the ballots are counted, and recounted, by midnight of the day of the election...maybe by mid-morning the next day. It's the _closeness_ that magnifies potential hinge points into court cases, redefinitions, and recriminations. As for "Hey, kids, let's all put on an electronic vote!," it's been discussed many times here. And elsewhere. RISKS had a major discussion of the...risks. As someone said in recentl weeks, if we really want to see elections stolen efficiently, make them electronic. No paper trail, no evidence, no chads, just pure gleaming bits. --Tim May -- (This .sig file has not been significantly changed since 1992. As the election debacle unfolds, it is time to prepare a new one. Stay tuned.)
Re: IBM Uses Keystroke-monitoring in NJ Mob Case (was Re:
RAH whinged: At 6:52 PM -0800 on 12/7/00, petro wrote: At 05:31 PM 12/5/00 -0500, R. A. Hettinga wrote: An instructive case. Apparently they used the keystroke monitoring to obtain the pgp passphrase, which was then used to decrypt the files. A PDA would have been harder to hack, one imagines. Are there padlockable metal cases for PDAs? As I've written, the FBI should run quality house cleaning services in large cities. How do you know they don't? Watch your attributions. I didn't say the above... Anyone who has spent *ANY* time on Usenet or mailing lists can easily read the 's . If you didn't write *ANY* of the above, then your gripe is with the person to whom I am replying. -- A quote from Petro's Archives: ** "Despite almost every experience I've ever had with federal authority, I keep imagining its competence." John Perry Barlow
