Cryptography-Digest Digest #820, Volume #10 Sun, 2 Jan 00 04:13:01 EST
Contents:
Re: cracking Triple DES (DJohn37050)
Re: stupid question ("Trevor Jackson, III")
Re: HD encryption passphrase cracked! (Guy Macon)
Re: Encryption: Do Not Be Complacent (Arturo)
Re: Cryptography in Tom Clancy (Arturo)
Re: cracking Triple DES (David Hopwood)
Re: PKZIP compression security (David Hopwood)
CS-3 was Re: File format for CipheSaber-2? ("Joseph Ashwood")
Re: vigenere decrypt routine - help needed (Sisson)
Re: letter-frequency software (johann)
Re: vigenere decrypt routine - help needed (JTong1995)
SIGABA/ECM Mark II (JTong1995)
FREE MONEY$$$$$ (Climbmtns1)
Re: Wagner et Al. ("Daniel Roethlisberger")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (DJohn37050)
Subject: Re: cracking Triple DES
Date: 02 Jan 2000 00:29:31 GMT
Attack in the middle. Attack one pair of keys with 2**112 and the other with
2**56 and look for matches.
Don Johnson
------------------------------
Date: Sat, 01 Jan 2000 19:38:23 -0500
From: "Trevor Jackson, III" <[EMAIL PROTECTED]>
Subject: Re: stupid question
No Spam wrote:
> Joseph Ashwood wrote:
> >
> > > I have a stupid question. But what is the difference between a key of a
> > > stream cipher and a key of an one-time-pad ???
> > The basic difference is where in the process they are used.
> > The basic algorithm is:
> >
> > data--|
> > |
> > RNG------Cipher-----output
> >
> > The difference is where the key is used. In the case of a one time pad the
> > key replaces the RNG (the RNG having been run prior, and being a true Random
> > Number Generator). In a stream cipher the key is used as a seed to a
> > _pseudo_ Random Number Generator (called a pseudo RNG because it does not
> > generate truly random numbers). That is the current typical usage, a while
> > back there was actually some discussion about what constitues a stream
> > cipher and what constitutes a block cipher, and I can extend it to include
> > OTP easily. My personal opinion is that a stream cipher function has as it's
> > inputs data, key, and the previous data (although the effect of the previous
> > data is often limited to the length), a block cipher inputs only data and
> > key, an OTP is simply a block cipher where the key is exactly as long as the
> > data (we have actually discussed some other issues here but that's the
> > basics).
> > Joseph
> Joseph,
>
> I too have a stupid question I hope you will answer for me.
>
> It seems that most of the postings in this news group view the use of
> PRNG in encryption as very poor.
>
> If create a key pass phrase: "ABCDEGGH" and use the first three, two
> byte pairs (AB, CD, and EF) as 16 bit seeds for a PRNG.
>
> Taking the ouput streams fron the PRNG for each of the three seeds, and
> XORing the output into a 10K buffer. So the PRNG's output was XORed
> into the 10k buffer three times.. each with a different seed (AB, CD,
> EF).
>
> Then I take the last key pair GH, seed the PRNG and use the PRNG to pick
> the bytes from the 10K buffer to use as a streaming encryption XOR .
>
> Is there any attack that can be used to break the code other than a
> brute force key phrase attack?
>
> If a large amount of the plain text was know.. say 100K of a 100,100
> byte message, is there an attack the will decrypt the last 100 bytes?
Yes. The mechanism will depende on the kind of PRNG you use, but in general
you've got a bigger weakness. You are reusing your 10Kb buffer. Ten times on
average. Given 100K plaintext & cipher text the entire 10Kb buffer could be
exposed, even it it were generated by a true RNG, (thus 80K bits of seed instead
of 42 bits).
If the whole 10K buffer is not exposed by simple comparison of the plain and
cipher texts the few missing bytes will be easily found by testing keys against
the vast quantity of buffer contents that are known.
If only the pass phrase is secret (the attacker knows how the PRNGs work), you
should be able to break the whole system with around 56 bits of plain/ciphertext.
It would not be simple, but it would work in time O(N log N) or perhaps O(N^2) on
the key length rather than O(2^N) on the key length (brute force).
The central concept of this kind of attack is that each bit of plain/cipher text
constrains the possible initial seeds. Given enough information the keys are
fully determined.
------------------------------
From: [EMAIL PROTECTED] (Guy Macon)
Crossposted-To: misc.misc
Subject: Re: HD encryption passphrase cracked!
Date: 01 Jan 2000 20:00:33 EST
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Matthew Montchalin) wrote:
>
>On Sat, 1 Jan 2000, Lincoln Yeoh wrote:
>|
>|What's the point? After opening up the drive you can't rely on the drive.
>
>Why not? You a smoker? Don't use air purifiers? Got lots of barnyard
>animals moseying around in your livingroom?
Ever design a mass storage device? I have been involved in
this sort of thing for over 20 years, on projects ranging from
the Perkin-Elmer/Wangco version of the original IBM "Winchester"
30-30 drive to the latest DVD-RAMs. That makes me an expert.
As an expert, my professional opinion is: After opening up the
drive you can't rely on the drive. Please note that the fellow
who described doing it did it a long time ago when the bits were
farther apart and the heads flew higher, and that his experiment
had a sample of one and a poorly defined test strategy (not that
I am implying that he was in any way wrong - half the fun in life
is doing hardware hacking in uncontrolled conditions!)
And, yes, I have worked for the Govt. but only as a contractor. :)
------------------------------
From: [EMAIL PROTECTED]=NOSPAM (Arturo)
Crossposted-To: alt.privacy,talk.politics.crypto,talk.politics.misc,talk.politics.drugs
Subject: Re: Encryption: Do Not Be Complacent
Date: Sat, 01 Jan 2000 16:43:49 GMT
On Fri, 31 Dec 1999 01:20:10 GMT, Gurn Blanston <[EMAIL PROTECTED]>
wrote:
>
>
>
>So the most secure method would be:
>
>Hire two Navajo Code Talkers. Have one encode your message into ciphered
>Navajo, voice recorded into a digital file. Then encrypt the file before
>attaching it. The receiver of the message first decrypts it, then lets
>his own Navajo Code Talker listen to the recording and decipher the
>message.
>
>Right?
Not if the NSA has a Navajo in his payroll!
------------------------------
From: [EMAIL PROTECTED]=NOSPAM (Arturo)
Subject: Re: Cryptography in Tom Clancy
Date: Sat, 01 Jan 2000 16:50:09 GMT
On Wed, 29 Dec 1999 21:51:13 -0500, "Trevor Jackson, III"
<[EMAIL PROTECTED]> wrote:
>Eric Lee Green wrote:
>
>A few days ago the Air Force announced that it expects B-52s to be in service
>through 2045.
As the B52�s comes as far back as the 60s, it�s like having
WWI planes in service today. Saddam�s grandchildren could knock it
out with stones.
------------------------------
Date: Sun, 02 Jan 2000 01:16:41 +0000
From: David Hopwood <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: cracking Triple DES
=====BEGIN PGP SIGNED MESSAGE=====
"P. Daniel Suberviola, II" wrote:
>
> Hello.
>
> How would a meet-in-the-middle attack against three-key triple DES work?
> Schneier asserts that there is one on page 360 of the second edition of
> Applied Cryptography. I do not have access to the Merkle and Hellman
> reference.
For an on-line reference, see
Stefan Lucks,
"Attacking Triple Encryption,"
Fast Software Encryption '98, Volume 1372 of Lecture Notes in
Computer Science (S. Vaudenay, ed.), Springer-Verlag, 1998.
http://th.informatik.uni-mannheim.de/m/lucks/papers.html
Note that this attack pays more attention to time complexity at the expense
of memory consumption than the Merkle and Hellman one.
- --
David Hopwood <[EMAIL PROTECTED]>
PGP public key: http://www.users.zetnet.co.uk/hopwood/public.asc
RSA 2048-bit; fingerprint 71 8E A6 23 0E D3 4C E5 0F 69 8C D4 FA 66 15 01
"Attempts to control the use of encryption technology are wrong in principle,
unworkable in practice, and damaging to the long-term economic value of the
information networks." -- UK Labour Party pre-election policy document
=====BEGIN PGP SIGNATURE=====
Version: 2.6.3i
Charset: noconv
iQEVAwUBOG6hBjkCAxeYt5gVAQEfpAf+KZqwVYAHa+RMYXQJC08cRyUZMSyt9czw
EhZjEYpXI0Hoek/5aif/TykRbaXqpFrKEbAtGsRRyly1V4AjMf5vWDlqkgL9MB1P
Xf7QYsMw2yWWElfS0IDlGu9mTjunOtaOoUQE/Kae37I8eosgdX1WWOczAv6IP7Gm
rzlE3bbl6XL+47CKwGstRrHfgrA+SVZYsH0DWFqyNFJqvzsUPhK5gKFtjo7Yukk7
wWqDXmKkzwT9sU+CYSL3hBLcuhxoJHCu2we0iOVSV51ixgR2wQbiTPIp3ZQszVx4
XGhKS8ntTBddo9ozQOEmhIqNSo/kxx4afWklHy11Q5fehs1yu+hmzg==
=aJ99
=====END PGP SIGNATURE=====
------------------------------
Date: Sun, 02 Jan 2000 01:17:29 +0000
From: David Hopwood <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Subject: Re: PKZIP compression security
=====BEGIN PGP SIGNED MESSAGE=====
ChenNelson wrote:
>
> Yes, PGP compresses with the PKZIP algorithm before encrypting the
> file. From "Applied Cryptography," the security of PKZIP's encryption
> is pretty bad, and can be broken within a few hours on a PC.
PGP compresses with the DEFLATE algorithm before encrypting. PKZIP also
uses DEFLATE (as one of several compression algorithms), but PKZIP's
encryption has nothing to do with PGP.
- --
David Hopwood <[EMAIL PROTECTED]>
PGP public key: http://www.users.zetnet.co.uk/hopwood/public.asc
RSA 2048-bit; fingerprint 71 8E A6 23 0E D3 4C E5 0F 69 8C D4 FA 66 15 01
"Attempts to control the use of encryption technology are wrong in principle,
unworkable in practice, and damaging to the long-term economic value of the
information networks." -- UK Labour Party pre-election policy document
=====BEGIN PGP SIGNATURE=====
Version: 2.6.3i
Charset: noconv
iQEVAwUBOG6lqTkCAxeYt5gVAQFTbAgAx0fSyS3mlRwsz3aL4V+VgxR8DmoQTxC/
nIKGGxBW9cj7j0wQorVp/gj53+7YQpIu0nObbKdtwDw28xCdV2s57jjMpxrG5TbD
bLv2RpUvkqaI1+DW+V5mhu9TJ70qhIdocAJVHZOxj2Gyijaf/oLDKnNyYKrhYRE3
3ZZyvkLZfjMF4anwOKLzEiMgO7IKdbhAv8QRQaahaeR/88nqLdNzTpkBXIEG+wNi
O71kR1s2lsVj82ZQiyku6a9IBPneTncs5hmDs5PBHPFsNeUSyzvvJw5/pgFa857R
ewADQS5QCvTRShKIws4ep6jPpUsi2zS4awPPyJQ6L/U+YzHFuE8KPA==
=Fmd7
=====END PGP SIGNATURE=====
------------------------------
From: "Joseph Ashwood" <[EMAIL PROTECTED]>
Subject: CS-3 was Re: File format for CipheSaber-2?
Date: Sat, 1 Jan 2000 18:40:26 -0800
I began this simply by considering what sideband information we have. As it
turns out we have quite a bit, althought very little of it is indicative of
an attack, some of it can be useful for passing information.
Observation #1) Knowledge of the length of the ciphertext (later I'll detail
how to make it different from the plaintext length for security reasons).
Another advantage is that it remains fairly simple.
Observation #2) The pRNs out of RC4 can be used any way we wish.
Observation #3) We can fairly easily chose a 16-bit number K at random (or
from the user) at encryption time
I'm going to state it the slow way that I think will be conceptually easy
for most. Choose a number at least as large of the plaintext to be the
length of the ciphertext. From there we can easily intialize RC4 using our
key, pull out the ciphertext length, encrypt our 16-bit number using RC4,
encrypt the length of the plaintext using RC4 (I'm not sure of the size
needed, keep both the ciphertexts (A). Reinitialize RC4 with the key, pull
out k bytes, encrypt the plaintext, encrypt random numbers until the
ciphertext length has been reached, write to the file. Postpend A to the
file.
Decoding the file consists of.
Initialize RC4 with the key, pull out the length of the ciphertext, decrypt
the last bytes of the file, this reveals the length of the plaintext and the
number of bytes k to pull before encryption (up to 2^16-1). Initialize RC4
with the key, pull out k bytes, decrypt. The behavior is of course poorly
behaved under certain circumstances, and there are some very important
considerations, the most important is that in order to be secure K _must_ be
at least 2+ the length of the length of the file, otherwise collisions might
be guessable. It is also possible if it is expected that K will be at least
the length of the file to use a single initialized version of RC4. In the
case where K=0, Ciphersabre-1 should be capable of decoding the messages,
but Ciphersabre-1 messages can't be read.
As usual with security YMMV
Joseph
------------------------------
From: Sisson <[EMAIL PROTECTED]>
Subject: Re: vigenere decrypt routine - help needed
Date: Sun, 02 Jan 2000 02:54:04 GMT
do u want the answer in english or java code?
english answer:
1)find a letter combination that appears at least 3 times throughout the
enciphered text
2)count spacing between the first occurance, and the second
3)repeat 2 but with second and third
4)find the factors of the spacing. the common factor is the length of the
key
eg:
UIQJDKCASUIQMNBDSKGKAUIQ
so, UIQ appears three times. the first is spaced 9 away from the second, and
the second is 12 away from the third. therefore the only factors of both 9 &
12 (excluding 1) is 3
# Factors
9 3,9
12 2,3,4,6,12
Mike Todd wrote:
> hi,
> I`m trying to write a vigenere-polyalphabetic decrypt routine in Java,
> but I`m having bother getting the probable length of the key. If anyone
> knows/has a routine to decrypt the vigenere that I could refer to I`d be
> grateful.
>
> thanks
>
> Mike
------------------------------
From: [EMAIL PROTECTED] (johann)
Subject: Re: letter-frequency software
Date: Sun, 02 Jan 2000 04:15:54 GMT
On 31 Dec 1999 22:01:35 GMT, [EMAIL PROTECTED] (Bill Unruh) wrote:
>In <Hcab4.3892$[EMAIL PROTECTED]> "Colonel Mustard"
><[EMAIL PROTECTED]> writes:
>
>]You can find the GNU C++ compiler for free at
>]http://agnes.dida.physik.uni-essen.de/~janjaap/mingw32/download.html
>]or a zip version of all the packages at
>]http://www.seg.etsmtl.ca/inf125/Documents/Gcc.exe
>]It's 7 Mb and it is working under windows.
>]Have fun!
>
>
>
>]r.e.s. <[EMAIL PROTECTED]> a ecrit dans le message :
>]84e1m6$75r$[EMAIL PROTECTED]
>]> At http://www.und.nodak.edu/org/crypto/crypto/stattools/
>]> there is C source code for a program (letcount.c), to do
>]> some simple letter-freqency anaylsis, but, unfortunately,
>]> I don't have access to a C-compiler. Does anyone know
>]> where an executable version of this might be found?
>]> (preferrably for win98, but even DOS will do ;)
>
>Actually, with a bit of work, awk will do fine for reasonable length
>text.
>If you want to preserve spaces, replace spaces by some other character
>like *. Then break up the text into one character per line. Then use awk
>with its associative arrays.
>Eg
>cat document.txt|awk 'BEGIN{N=0} {f[$1]++}END{ for (j in f) print j, " ", f[j]}'|sort
>-n +1
>cat document.txt| awk 'BEGIN {N=0} N>0{f[i" "$1]++ } {i=$1;N++}END {for( j in f)
>print j," ",f[j]' |sort -n +2
>cat document.txt| awk 'BEGIN {N=0} N>1{f[j" "i" "$1]++}N>0{j=i} {i=$1}
>END {for(k in f) print k, " " , f[k]}'|sort -n +3
> This will count the frequency of all one, two and three letter
>combinations in the text.(ducument.txt is the one with all letters one
>to a line. If you are doing a playfair, then document.txt would be the
>one with all pairs on a single line, etc.
i've written an alphabetic histogram filter in C & PERL for both DOS
and Linux. willing to supply source and binaries via email.
johann
[EMAIL PROTECTED]
(remove despamifier above :-)
------------------------------
From: [EMAIL PROTECTED] (JTong1995)
Subject: Re: vigenere decrypt routine - help needed
Date: 02 Jan 2000 04:57:08 GMT
Or more generically, rather than trying to find a "three-peat" in a
Vigenere-enchipered ciphertext, look for a repeat that is 4 or more letters
long. When you look at the statistics, the odds of an accidential (random)
repeat of ciphertext four or more letters long is so small as to be neglible.
The probability of having two occurances of a 4-letter ciphertext repetition in
a polyalphabetic cipher that is 300 characters long is only 0.096 (200 yields
0.043, 400 yields 0.171). Hence when you see one in the ciphertext you are
examining, you can assume that the repeat is caused by a repeat in the
plaintext that coincides with a repeat in the key (ala Kasiski) and calculate
the period. This can be confirmed by determining the Index of Coincidence for
the resulting monoalphabetic distributions and then attempting a solution via
crib dragging, direct symetery of position, frequency matching, indirect
symetery of position, generatrix, or other methods.
Jeffrey Tong [EMAIL PROTECTED]<Jeffrey Tong>
PGP 5 Key available for download at WWW.PGP.COM Key ID: BFF6BFC1
Fingerprint: 6B29 1A18 A89A CB54 90B9 BEA3 E3F0 7FFE BFF6 BFC1
------------------------------
From: [EMAIL PROTECTED] (JTong1995)
Subject: SIGABA/ECM Mark II
Date: 02 Jan 2000 04:59:58 GMT
Does anyone know if the SECRET patent that Rowlett and Friedman received for
the cryptographic principles implemented into the SIGABA / ECM Mark 2 have been
released to the public?
Jeffrey Tong [EMAIL PROTECTED]<Jeffrey Tong>
PGP 5 Key available for download at WWW.PGP.COM Key ID: BFF6BFC1
Fingerprint: 6B29 1A18 A89A CB54 90B9 BEA3 E3F0 7FFE BFF6 BFC1
------------------------------
From: [EMAIL PROTECTED] (Climbmtns1)
Subject: FREE MONEY$$$$$
Date: 02 Jan 2000 08:23:30 GMT
I thought at first it was a scam, but I took a chance and only sacrificed 6
dollars and 6
stamps and after da money started coming I forgot about dat measly 6 dollars
and was
rolling in mad cash. Just read da bottom and u'll see
First, I would like to start off by telling you i am only 16 and rolling in c
Iash. This really
WORKS! But you must follow my instructions and do everything just like I say.
I had to
read this a couple of times to fully understand how it works. But once you get
the hang of
it, it's easy. So if you need some extra cash, and would like to earn it by
doing nothing,
then it is worth it. I like this because it's like I'll scratch your back if
you scratch mine.
But to fully understand read on....
THIS REALLY CAN MAKE YOU EASY MONEY! BUT REMEMBER THIS " YOU
WILL GET OUT OF THIS WHAT YOU PUT INTO IT". IF YOU WANT LOTS OF
MONEY, THEN YOU BETTER POST THIS NARRATIVE A LOT!
A little while back, I was browsing some newsgroups and came across an article
similar
to this that said you could make thousands of dollars within weeks with only an
initial
investment of $6.00! So I thought, "OK, why not try this if it is a scam I
will only lose
$6.00.". Anyway, it said that you send $1.00 to each of the 6 names and address
stated in
the article. You then place your own name and address at the bottom of the
list at #6,
and post
the article in some newsgroups(There are thousands) or e-mail it to some
people. No
catch, that was it. The main difference between this system and others is that
you have a
mailing list of 6 instead of 5. This means that you average gain will be
approximately 15
times higher!!!
So after talking to a few people, I thought, what have I got to lose except 6
stamps and
$6.00 dollars, right?
But like most of us I was a little skeptical and a little worried about the
legal aspects of it
all. So I checked it out with the U.S. Post Office(1-800-725-2161) and they
confirmed
that it is indeed legal!
I then invested the measly $6.00, and stamps.
Well, GUESS WHAT..... within 7 days, I started getting money in the mail!
I was shocked! I still figured it would end soon, and didn't give it another
thought. But the
money coming in. In my first week, I made about $36.00 dollars. By the end of
the
second week I had made a total of over $1,000.00 dollars!!!!!! In the third
week I had
over $10,000.00 and its still growing. This is now my fourth week and I have
made a
total of just over $42,000.00 and it's still coming in VERY rapidly!
It's certainly worth $6.00 and 6 stamps, I spent more than that on the
lottery!!
Let me tell you how this works and most importantly why it works....also make
sure you
print a copy of this article NOW. So you can get the information off it as you
need it. The
process is very simple and consists of 3 easy steps:
STEP 1:Get 6 separate pieces of paper and write the following on each piece of
paper
"PLEASE PUT ME ON YOUR MAILING LIST. + your name and address." Now get 6
U.S. $1.00 bills (or equivalent in your local currency) and place ONE inside
EACH of the
6 pieces of paper so the bill will not be seen through the envelope to prevent
thievery.
Next, place one paper in each of the envelopes and seal them. You should now
have 6
sealed envelopes, each with a piece of paper stating the above phrase, your
name, and a
$1.00 dollar bill. What you are doing is creating a service by this. THIS IS
ABSOLUTELY LEGAL!
STEP 2: Mail the 6 envelopes to the following addresses:
1.Bill Weinberger
3000 Anderson rd
Whitehall MD, 21161
2.Scott Mckee
6221 S. 251st PL #MM203
Kent, WA 98032
3.JAKE MILLER
808 W AMESBURY
DeWitt,MI 48820
4.Keith Raymond
28d Old Hickory Dr.
Albany, NY 12204
5.Ryan Murphy
7722 Cedar Creek
Corpus Christi, Tx 78413
6.Mike Sulberg
1935 N 270 E
Orem, UT 84057
STEP 3: Now take the number one name off the list that you see above, move the
other
names up (#6 becomes #5, #5 becomes #4, etc...) and add YOUR name as #6 on the
list.
STEP 4: Change anything you need to, but try to keep this article as close to
original as
possible. Now, post your amended article to some newsgroups (I think there are
close to
24,000 newsgroups) and/or e-mail it to some people. Remember, the more you
post, the
more money you will make!
Don't know HOW to post in the newsgroups? Well do exactly the following:
____________________________________
DIRECTIONS-HOW TO POST TO NEWSGROUPS
STEP 1: You do not need to re-type this entire letter to do your own posting.
Simply put
your cursor at the beginning of this letter, click and hold down the mouse
button. While
continuing to hold down the mouse button, drag your cursor to the bottom of
this
document and over to just after the last character, and release the mouse
button. At this
point the entire letter should be highlighted. Then, from the 'edit' pull down
menu at the
top of your screen select 'copy'. This will copy the entire letter into the
computers
memory.
STEP 2: Open a blank 'notepad' file and place your cursor at the top of the
blank page.
>From the 'edit' pull down menu select 'paste'. This will paste a copy of the
letter into
notepad so that you can add your name to the list. Remember to eliminate the #1
position, move everyone up a spot(re-number everyone else's positions), and add
yourself
in as #6.
Step 3: Save your new notepad file as a .txt file. If you want to do your
postings in
different sitting, you'll always have this file to go back to.
FOR NETSCAPE USERS:
___________________
Step 4: Within the Netscape program, go to the pull down window entitled
'Window'
select 'Netscape News'. Then from the pull down menu 'Options', select 'Show
all
Newsgroups'. After a few moments a list of all the newsgroups on your screen
server will
show up. Click on any newsgroup you desire. From within the newsgroup click on
the
'TO NEWS' button, which should be in the top left corner of the newsgroups
page. This
will bring up a message box.
Step 5: Fill in the subject. This will be the header that everyone sees as they
scroll
through the list of postings in a particular group.
Step 6: Highlight the entire contents of your .txt file and copy them using the
same
technique as before. Go back to the newsgroup 'TO NEWS' posting you are
creating and
paste the letter into the body of your posting.
Step 7: Hit the 'Send' Button in the upper left corner. You're done with your
first one!
Congratulations...
INTERNET EXPLORER USERS:
________________________
Step 4: Go to newsgroups and select 'Post an Article'.
Step 5: Fill in the subject. This will be the header that everybody sees as
they scroll
through the list of postings in a particular group.
Step 6: Highlight the entire contents of your .txt file and copy them using the
same
technique as before. Go back to the newsgroup 'TO NEWS' posting you are
creating and
paste the letter into the body of your posting.
Step 7: Hit the 'Send' Button in the upper left corner. you're done with your
first one!
Congratulations...
____________________________________________________________________
THAT'S IT! All you have to is jump to different newsgroups and post away, after
you get
the hang of it, it will take about 30 seconds for each newsgroup!
**THE MORE NEWSGROUPS YOU POST IN, THE MORE MONEY YOU WILL
MAKE!!** That's it! You will begin receiving money from around the world
within
days! You may eventually want to rent a P.O. box due to the large amount of
mail you
receive. If you wish to stay anonymous, you can invent a name to use, as long
as the
postman will deliver it.
**JUST MAKE SURE ALL THE ADDRESSES ARE CORECT.**
Now the WHY part:
Out of 200 postings, say I receive only 5 replies (a very low example). So then
I made
$5.00 with my name at #6 on the letter. Now, each of the 5 persons who just
sent me
$1.00 make 200 postings, each with my name at #5 and only 5 persons respond to
each of
the original 5, that is another $25.00 for me, now those 25 each make 200 posts
with my
name at #4 and only 5 replies each, I will bring in an additional $125.00! Now,
those 125
persons turn around and post 200 with my name at #3 and only receive 5 replies
each, I
will make an additional $626.00! OK, now here is the fun part, each of those
625 persons
post 200
letters with my name at #2 and they each only receive 5 replies, that just made
me
$3,125.00!!! Those 3,125 persons will deliver this message to 200 newsgroups
with my
name at #1 and if still 5 persons per 200 newsgroups react I will receive
$15,625.00!
With an original investment
of only $6.00! AMAZING! And as I said 5 responses are actually VERY LOW!
Average
are probable 20 to 30! SO lets put those figures at just 15 responses per
person. Here is
what you will make:
at #6 $15.00
at #5 $225.00
at #4 $3,375.00
at #3 $50,625.00
at #2 $759,375.00
at #1 #11,390,625.00
When your name is no longer on the list, you just take the latest posting in
the
newsgroups, and send out another $6.00 to names on the list, putting your name
at
number 6 again. And start posting again. The thing to remember is, do you
realize that
thousands of people all over the world are joining the Internet and reading
these articles
everyday, JUST LIKE YOU are now!! So can you afford $6.00 and see if it really
works?? I think so... People Have
said, "what if the plan is played out and no one sends you money? So what! What
are the
chances of that happening when there are tons of new honest users and new
honest
people who are joining the internet and newsgroups everyday and are willing to
give it a
try? Estimates are at 20,000 to 50,000 new users, everyday, with thousands of
those
joining the actual Internet. Remember, play FAIRLY and HONESTLY and this will
work
you just
have to be honest. Make sure you print this article out RIGHT NOW, also. Try
to keep a
list of everybody that sends you money and always keep an eye on the newsgroups
to
make sure everyone is playing fairly. Remember, HONEST IS THE BEST POLICY. You
don't need to cheat the basic idea to make money!! GOOD LUCK to all and please
play
fairly and reap the huge rewards from this, which is tons of extra CASH
------------------------------
From: "Daniel Roethlisberger" <[EMAIL PROTECTED]>
Subject: Re: Wagner et Al.
Date: Sun, 2 Jan 2000 03:52:15 +0100
>Anyways to my point. Can someone please take sometime to peek at
>Peekboo. I would love to see some cryptanalysis/suggestions/etc from
>the 'pros'. Please and thank you :)
Well, I'm no 'pro', but still, FWIW:
You are sending secret data (such as the resulting key of a DH exchange) as
a Windows message to the main window. These windows messages can quite
easily intercepted, as far as I know and understand the win architecture. I
think that is not a good way to handle sensitive data.
I have only looked at the Diffie-Hellman part of it, but I suppose you use
the same technique all over the code.
/Dan
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
