Cryptography-Digest Digest #222, Volume #11 Tue, 29 Feb 00 17:13:02 EST
Contents:
Re: On jamming interception networks (Jerry Coffin)
How weak is WeakCipher? ([EMAIL PROTECTED])
Re: Status of alleged *THIRD* key in MS Crypto API ? (David A. Wagner)
Re: Status of alleged *THIRD* key in MS Crypto API ? (David A. Wagner)
Re: Status of alleged *THIRD* key in MS Crypto API ? (David A. Wagner)
Re: - trust us, says NSA (wtshaw)
Re: Best language for encryption?? (wtshaw)
Re: Best language for encryption?? (wtshaw)
Re: CRC-16 Reverse Algorithm ? (David A. Wagner)
Re: are self-shredding files possible? (Jack Diamond)
Re: Can someone break this cipher? ([EMAIL PROTECTED])
Re: Encryption (only) in a extremely small program? (~1.4KB) (David A. Wagner)
Re: protocols with limited transfer? (Jack Diamond)
Re: Ciphering = deciphering; is this a weakness? (David A. Wagner)
Re: Q: 'Linear encipherment' ([EMAIL PROTECTED])
Re: "imparting cryptographic information to individual photons"??? (John Bailey)
Re: Status of alleged *THIRD* key in MS Crypto API ? (Stephen Houchen)
Re: Source Code Available (wtshaw)
Re: How weak is WeakCipher? (David A. Wagner)
Re: NSA now has a FAQ ([EMAIL PROTECTED])
----------------------------------------------------------------------------
From: Jerry Coffin <[EMAIL PROTECTED]>
Subject: Re: On jamming interception networks
Date: Tue, 29 Feb 2000 13:29:36 -0700
In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
says...
[ ... ]
> Certainly, where good targets can be located, it would be a folly
> to ignore these and instead either look at everything or randomly
> pick a certain percentage of the whole traffic. Such targets are
> certainly followed with priority. But besides these definitely
> interesting targets it is evidently a reasonable strategy to also
> look at some of the rest materials as long as the resources permit.
> (Why let machines be idle sometimes and not run to their full
> capacity?)
Given economic realities, the question is NOT whether you let
machines sit idle, or use them to look at randomly selected garbage.
It's whether you can manage to hit the 10% of the most important
targets, or only 5 or even 1%.
> I am not considering any particular national agency. If anything,
> I am considering machineries on the scale of the legendary Echelon,
> which is an multi-national project.
This makes only a little difference: multiplying the budget size by
10 or even 100 or 1000 STILL leaves it in the situation of only being
able to do useful monitoring of quite a small percentage of the most
important communications.
--
Later,
Jerry.
The universe is a figment of its own imagination.
------------------------------
From: [EMAIL PROTECTED]
Subject: How weak is WeakCipher?
Date: 29 Feb 2000 21:02:34 GMT
I constructed a quite simple cipher for the sole purpose of scrambling less
sensitive data and thereby preventing casual access. But exactly how secure
is this cipher?
The IVector consists of 8 bytes / two DWords. The algorithm is run in CFB
mode.
The encryption of DWordi in IVector is described by the formula DWordi <-
gi**DWordi mod 4294967087, where gi is the ith of two DWord subkeys. The
subkey gi is generated by the formula gi <- 2**(2*ki) mod 4294967087, where
ki is a number in the range 0..2147483542.
(This should make it obvious that the cipher cannot easily be run in ECB or
CBC mode.)
By CFB mode I refer to the method described by
* firstly encrypting IVector,
* secondly making the assignment cn <- mn xor b0, where cn is the n:th
cipher
byte, mn is the n:th plain text byte and b0 is the lowest byte of IVector,
and
* thirdly disposing of b0, moving the rest of the bytes in IVector one byte
down and assigning b7 <- cn.
A freeware application that uses this cipher is currently available at
http://w1.462.telia.com/~u46205672/FHH.htm (if anyone should be interested in
testing the cipher practically).
----- Posted via NewsOne.Net: Free Usenet News via the Web -----
----- http://newsone.net/ -- Discussions on every subject. -----
NewsOne.Net prohibits users from posting spam. If this or other posts
made through NewsOne.Net violate posting guidelines, email [EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (David A. Wagner)
Subject: Re: Status of alleged *THIRD* key in MS Crypto API ?
Date: 29 Feb 2000 12:37:41 -0800
In article <[EMAIL PROTECTED]>,
Francois Grieu <[EMAIL PROTECTED]> wrote:
> according to two witnesses attending the conference [presumably:
> Crypto'99], even Microsoft's top crypto programmers were astonished to
> learn that the version of ADVAPI.DLL shipping with Windows 2000 contains
> not two, but three keys. Brian LaMachia, head of CAPI development at
> Microsoft was "stunned" to learn of these discoveries, by outsiders.
Yes, that's right so far.
But the whole NSAKEY flap seems to be mixed up in some rather
strange conspiracy theories. I personally consider it unlikely
that the most extreme interpretations are true, but the purpose
of the NSAKEY does remain unexplained and somewhat suspicious.
If you ask me, I'd have to guess there's something more subtle
going on. I feel the whole thing was poorly handled: there is
room for reasonable concern over the NSAKEY, but we have to
approach it realistically, not hysterically. At the same time,
Microsoft ought to be explaining this stuff, and so far they have
left it a grand mystery, not even trying to suggest any explanation
which makes the slightest sense, which doesn't exactly inspire
trust.
By the way, the Duncan Campbell article describes the NSAKEY as
a "new NSA access system". As far as I can tell, *that* part
appears to be pure speculation (and, in particular, a scenario
that I personally consider somewhat unlikely).
------------------------------
From: [EMAIL PROTECTED] (David A. Wagner)
Subject: Re: Status of alleged *THIRD* key in MS Crypto API ?
Date: 29 Feb 2000 12:40:07 -0800
In article <[EMAIL PROTECTED]>,
Robert Harley <[EMAIL PROTECTED]> wrote:
> As far as I can tell, attempts to discredit such claims ran something
> like: 'only loony conspiracy theorists would think that a variable
> called NSAKEY is an N.S.A. key'.
Naah. See Bruce Schneier's essay on the topic for an example of a more
reasoned refutation. (Still, the most extreme claims *were* pretty loony.)
------------------------------
From: [EMAIL PROTECTED] (David A. Wagner)
Subject: Re: Status of alleged *THIRD* key in MS Crypto API ?
Date: 29 Feb 2000 12:42:56 -0800
In article <[EMAIL PROTECTED]>,
Douglas A. Gwyn <[EMAIL PROTECTED]> wrote:
> Microsoft explained the origin of the secondary key and the
> origin of its name;
Really? Where? All I saw was hardly credible explanations by
PR folks, that were pretty transparently not the whole story if
you understood the technical issues.
> whether or not you believe them, surely you
> can't think the NSA sticks its name on things it covertly touches.
You misunderstood. The allegation wasn't that *NSA* stuck its name
on the key; the allegation was that Microsoft employees, knowing that
this key was requested/required/whatever by the NSA, assigned the name,
not expecting that it would ever see the light of day, but due to some
freak, in one release the symbol-name was released to the world, and
someone happened (by chance) to notice.
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Crossposted-To:
alt.conspiracy.spy,talk.politics.crypto,uk.politics.censorship,us.politics
Subject: Re: - trust us, says NSA
Date: Tue, 29 Feb 2000 14:39:47 -0600
> From National Security Correspondent David Ensor
>
> WASHINGTON (CNN) -- Faced with a barrage of criticism from European
government officials
> and some U.S. privacy advocates, the secretive National Security Agency
has assured
> Congress it is breaking no laws.
>
> "We want to assure you that NSA's activities are conducted in accordance
with the highest
> constitutional, legal and ethical standards and in compliance with
statutes and
> regulations designed to protect the privacy rights of U.S. persons,"
wrote Kenneth Heath,
> of the NSA Legislative Affairs Office in a letter to members of Congress.
>
Sounds good doesn't it? Ever wonder why you can't be allowed to see too
much? Then, what you say is not a lie, as far as you know. I will grant
that NSA is looking for certain things that affect national security, but
I will suggest that sometimes hints to look into certain matters are not
unknown suggestions to domestics in order to do some useful mutual
backscratching.
>
> .... James Rubin said, "The NSA is not authorized to
> provide intelligence information to private firms ... U.S. intelligence
agencies are not
> tasked to engage in industrial espionage, or obtain trade secrets for
the benefit of any
> U.S. company or companies."
>
Separatimg some companies from goverment is an interesting exercise in
itself, and many companies are international.
--
Many are waking up to the reality of insecurity; imagine that!
You can work against it....or go back to sleep and become a victim.
Users have the right to know if software can abuse their privacy.
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Best language for encryption??
Date: Tue, 29 Feb 2000 14:27:22 -0600
In article <89gidn$1la$[EMAIL PROTECTED]>, [EMAIL PROTECTED] (Paul
Schlyter) wrote:
>
> Not only the language matters -- the implementation also matters, in
> particular for such an inherently non-standard language as BASIC.
> Yes, there is an ANSI BASIC, but hardly anyone implements it -- every
> BASIC implementor implements something else. In BASIC in particular,
> one could choose to use UBASIC (a BASIC implementation with bignum's
> built-in right into the language). UBASIC is great for quick'n'dirty
> programming involvong bignum's. Which means even if you implement
> something in a more decent language, UBASIC can still be useful for
> checking your numerical results.
>
Standard Basic is a subset of the language I use, but any language tends
to be full of added code to make such things as crypto actually useful.
The biggest problem in making crypto attractive to new users is to make it
fit into the rest of the computer world, clipboard access, edit fields,
mouse driven, and reasonable menus.
--
Many are waking up to the reality of insecurity; imagine that!
You can work against it....or go back to sleep and become a victim.
Users have the right to know if software can abuse their privacy.
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Best language for encryption??
Date: Tue, 29 Feb 2000 14:21:37 -0600
In article <89glab$2gr0$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
(SCOTT19U.ZIP_GUY) wrote:
>
> I have used Basic on and off for well over 20 years and for ease of use
> it is hard to beat a good multipurpose BASIC. But I don't have one for my
> PC. I do have access to LIBERTY BASIC in mexico and it seems ok but it
> still lacks many features in old BASIC. Basic is fine for encryption that does
> not make many demands on the processor like your GVA. But it is way to
> slow to try to impliment an encryption program that demands a large amount
> of processing like scott19u. I don't think current machines and current
> versions of BASIC and handle an encryption method like scott19u in any
> reasonable amount of time.
>
Surely, as I eventually work with your algorithm, I will see what you have
done in C, write it in C myself, and also do it in BASIC. The big
advantage of how I do things in BASIC is in the GUI I use. I tend to
convert numbers to compressed strings, and work with them that way, but I
can set the math to bigger ranges with compiler options.
--
Many are waking up to the reality of insecurity; imagine that!
You can work against it....or go back to sleep and become a victim.
Users have the right to know if software can abuse their privacy.
------------------------------
From: [EMAIL PROTECTED] (David A. Wagner)
Subject: Re: CRC-16 Reverse Algorithm ?
Date: 29 Feb 2000 12:50:00 -0800
In article <[EMAIL PROTECTED]>, Terry Ritter <[EMAIL PROTECTED]> wrote:
> Are you now saying that if, mid operations, the CRC register has some
> particular state, it will not detect extra 1's? While that may be an
> interesting idea, it is a completely different issue.
Yup.
But this state I'm describing, in some vague sense that I don't know how
to put my finger on, feels like "just" a renaming of the all-ones state.
In other words, I *suspect* that, no matter which configuration of CRC you
use, there will usually be some initial state which doesn't detect leading
ones. The exact value of that initial state depends on the configuration.
If you pick one particular configuration, that bad initial state is all-ones;
if you pick another one, that bad initial state is something else.
But I don't have any evidence for this. These are just squishy, unscientific,
unproven, groundless guesses.
------------------------------
From: Jack Diamond <[EMAIL PROTECTED]>
Crossposted-To: alt.security.pgp,alt.security.scramdisk,comp.security.pgp.discuss
Subject: Re: are self-shredding files possible?
Date: Tue, 29 Feb 2000 21:28:17 GMT
I can assure you that self-shredding is possible. As far as PGP
self-decrypting, your thinking is unclear to me. This is different than
self-shredding, as I think you must know. You could easily solve for the
latter by having a dual PGP function access through either one (or only
one) could be used to shred (or decrypt).
Jack
Thomas Moore wrote:
>
> Does anyone know if self-shredding files are possible? I'm thinking of
> something along the lines of a PGP self-decrypting file, that anyone can
> decrypt without having to have PGP. Wouldn't it be convenient to add
> "self-shred" to certain files so that anyone could permanently and securely
> delete them?
>
> If anyone knows of an existing utility that has a self-shred function,
> please post the name and/or URL.
>
> If you know that self-shredding is not possible for whatever reason, please
> post why. I'm very curious about this and I'm sure that many other people
> are, too.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Can someone break this cipher?
Date: 29 Feb 2000 21:28:48 GMT
In a previous article, <[EMAIL PROTECTED]> writes:
>If you mean the ciphertext is truly random, I think you
>have said the thing that cannot be.
I would not say that. It is actually quite simple to generate a truly random
cipher:
1. Burn a CD-R filled with random data. Use this as a key.
2. Copy the CD-R. Keep one at the home office. Let an agent take the other
with him.
3. Now the agent only has to scramble the (presumably short) plain text
messages he has to send to the home office by xor-ing them with random data
from the CD-R. Both parties have to keep track of what data should be read at
any given time.
4. When the data on the CD-R have been all used up the agent returns to the
home office and picks up a new CD-R.
This solution is a direct consequence of Shannon's impracticability theorem.
Sure, it does collide with what I would call Shannon's impracticability
assumption, but I claim that assumption to be inadequate. The fact is that
the method that I described would probably be a fairly practical solution for
many organisations. It takes a while to write 600MB of plain text e-mail, and
anyone can handle a CD-R.
----- Posted via NewsOne.Net: Free Usenet News via the Web -----
----- http://newsone.net/ -- Discussions on every subject. -----
NewsOne.Net prohibits users from posting spam. If this or other posts
made through NewsOne.Net violate posting guidelines, email [EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (David A. Wagner)
Subject: Re: Encryption (only) in a extremely small program? (~1.4KB)
Date: 29 Feb 2000 12:54:56 -0800
In article <[EMAIL PROTECTED]>,
Paul Rubin <[EMAIL PROTECTED]> wrote:
> I don't remember anything about WTLS in this group. If it's a WAP-adapted
> version of TLS and they didn't mess it up, you should use it if you can.
WTLS has been discussed some here on this group (dejanews should have
archives?). The execuctive summary is they did screw it up in some ways,
although it may still be good enough for your needs.
------------------------------
From: Jack Diamond <[EMAIL PROTECTED]>
Subject: Re: protocols with limited transfer?
Date: Tue, 29 Feb 2000 21:32:44 GMT
I believe there is no general solution to limited transfer control
outside of a closed environment, since there is no control otherwise of
the particular protocol that may be used to effect a transfer. Once the
environment is closed by hardware, physical access or absolutely
monitored, then transfers that violate some level of permission may be
at least detected.
Jack
David A Molnar wrote:
>
> Hi,
>
> I was just skimming Birgit Pfitzmann and Michael Waidner's
> "Unconditionally Untraceable and Fault-tolerant Broadcast and Secret
> Ballot Election."
> http://www.semper.org/sirene/publ/PfWa5_92DC1_1IB.ps.gz
>
> In it, they mention a primitive called "pseudosignatures". These are
> signatures which can only "transferred" N times, in this sense :
>
> If Alice has a pseudosignature on a message which is good for 2
> transfers, then she can give it to Bob, and Bob can give it to Carol,
> but afterwards the pseudosignature has "run out" and Carol can't
> give the pseudosignature to anyone else. It seems to be something like
> a MAC, but unlike a MAC can be used to show 3rd parties a message is
> correct. It also seems fairly annoying as stated, with a serious
> amount of setup required. :-(
>
> So this is kind of interesting - especially when thinking about how to
> delegate some kind of credential so that you can enforce limits on its
> use. or just in general interesting.
>
> So I was wondering : what other protocols are there which have this
> flavor of "limited transfer" or "no transfer"?
>
> Two other similar things I know of :
>
> "Designated Verifier Proofs" : Jakobsson, Impagliazzo, and Sako.
> http://www.bell-labs.com/user/markusj/dvp.ps
> Creates signatures which are valid for
> a single "designated verifier", but not
> for anyone else. So _no_ transferability
> at all!
> (recently extended for "abuse-free contract
> signing" -- contracting parties can't tell
> anyone else that they even have a contract!)
>
> and
>
> "Self-Delegation with Controlled Propagation"
> Birgit Pfitzmann, Oded Goldreich, Ron Rivest
> CRYPTO '98 also Theory of Crypto Library at
> http://philby.ucsd.edu/cryptolib/psfiles/97-12r2.ps
>
> "Pseudonym Systems"
> Anna Lysyanskaya, Amit Sahai, Stefan Wolf, Ron Rivest
> Selected Areas in Cryptography '99
>
> "Homage : A Secure Resource-Efficient Group ID Protocol"
> Ben Handley
> Financial Crypto 2000
>
> All of these have credentials which include part or all of the
> user's private key. If the user tries to give away the
> credential, they end up possibly giving away their entire
> private key. The user may still be able to prove that they have
> such a credential to someone other than the credential issuer,
> if they want to, without actually transferring it.
>
>
> So has anyone seen anything else along these lines ?
> can think of anything else?
>
> Thanks,
> -David
------------------------------
From: [EMAIL PROTECTED] (David A. Wagner)
Subject: Re: Ciphering = deciphering; is this a weakness?
Date: 29 Feb 2000 13:01:26 -0800
In article <89g6k3$pjb$[EMAIL PROTECTED]>,
Manuel Pancorbo <[EMAIL PROTECTED]> wrote:
> E(E(m;k) ;k) = m
It is often considered preferable to avoid this property,
although it is not necessarily deadly in all applications.
The bottom line is, noone designing systems wants to worry
about this type of property if they don't have to. And there
are plenty of other block ciphers out there that don't have
this property. So it probably counts against you to have this
type of property in your cipher, unless there is a really good
reason why we should overlook it.
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: Q: 'Linear encipherment'
Date: Tue, 29 Feb 2000 21:27:40 GMT
In article <[EMAIL PROTECTED]>,
Mok-Kong Shen <[EMAIL PROTECTED]>
wrote:
> Mike Andrews wrote:
> >
>
> > I'm certain that 'vector' in this context has the meaning usually
> > associated with 'vector' in linear algebra; the Hill schema is just
> > linear algebra as an implementation of a cryptosystem.
>
> Could you provide a mini-example showing 'vector' encryption?
> Please show what are the 'elements' of the 'vector'. I suppose
> one doesn't call 'any' sequence of numbers a 'vector' in the
> present context. One 'can', of course, but doing that doesn't
> convey any particular meaning relevant to crypto, I am afraid.
> (I mean such 'vector' encryption should have some features that
> distinguish it from other encryptions.)
>
Scott Sutherland teaches a course which
covers this subject using Maple. Read the
parts on vectors and enciphering matrices at
//www.math.sunysb.edu/~scott/Book331
> M. K. Shen
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
From: [EMAIL PROTECTED] (John Bailey)
Subject: Re: "imparting cryptographic information to individual photons"???
Date: Tue, 29 Feb 2000 21:41:06 GMT
On Tue, 29 Feb 2000 17:17:59 GMT, [EMAIL PROTECTED] (David Ross)
wrote:
>Anyone know anything about this? From an article on pages 120 & 122
>of the Feb. 21 2000 issue of 'Aviation Week & Space Technology'.
reference:
The New Scientist Article for October 2, 1999
www.newscientist.co.uk/ns/19991002/quantumcon.html
(Quoting)
In 1995, researchers at the University of Geneva successfully
sent a message down an optical fibre to the town of
Nyon, more than 20 kilometres to the north. This
year, researchers at Los Alamos established a new
record when they sent a quantum key through a
48-kilometre optical fibre--long enough to set up a
network between neighbouring branches of a bank
say, or government offices. But extending the
technology any further is more problematic, because
individual photons struggle to survive the journey
through the fibres without being absorbed. Over
distances of hundreds or thousands of kilometres,
the signal would dwindle to nothing.
(end quote)
John
------------------------------
From: Stephen Houchen <[EMAIL PROTECTED]>
Subject: Re: Status of alleged *THIRD* key in MS Crypto API ?
Date: Tue, 29 Feb 2000 15:42:20 -0600
> > As far as I can tell, attempts to discredit such claims ran something
> > like: 'only loony conspiracy theorists would think that a variable
> > called NSAKEY is an N.S.A. key'.
>
> Naah. See Bruce Schneier's essay on the topic for an example of a more
> reasoned refutation. (Still, the most extreme claims *were* pretty loony.)
Where can this essay be found?
S
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (wtshaw)
Subject: Re: Source Code Available
Date: Tue, 29 Feb 2000 14:53:24 -0600
In article <89gkml$2gr0$[EMAIL PROTECTED]>, [EMAIL PROTECTED]
(SCOTT19U.ZIP_GUY) wrote:
> Way to go I hope the bastards at [EMAIL PROTECTED] don't come after you.
> By the way did they write you back. I wrote the bastards with a few questions
> but they never answered. ...
>
It would seem that compliance with a government request should rate a
reply. It should not matter whether they are particularilly happy to hear
from you or not, as it is their job to serve. Their pattern of arrogance
is worth noting in that they see themselves as in charge, and like to
leave people hanging about.
--
Many are waking up to the reality of insecurity; imagine that!
You can work against it....or go back to sleep and become a victim.
Users have the right to know if software can abuse their privacy.
------------------------------
From: [EMAIL PROTECTED] (David A. Wagner)
Subject: Re: How weak is WeakCipher?
Date: 29 Feb 2000 13:15:37 -0800
In article <89hc5a$s6k$[EMAIL PROTECTED]>,
<[EMAIL PROTECTED]> wrote:
> The IVector consists of 8 bytes / two DWords. The algorithm is run in CFB
> mode. [More precisely, CFB-8. -- David]
>
> The encryption of DWordi in IVector is described by the formula DWordi <-
> gi**DWordi mod 4294967087, where gi is the ith of two DWord subkeys. The
> subkey gi is generated by the formula gi <- 2**(2*ki) mod 4294967087, where
> ki is a number in the range 0..2147483542.
Well, let's see. There appears to be a divide-and conquer attack (with
workfactor O(2^32)) that appears quite feasible to implement in practice.
Suppose for simplicity that we have a byte of known plaintext at location i.
Then we may deduce the value of IVector used as input to CFB-8 mode when
encrypting location i from the ciphertext bytes at positions i-8,i-7,..,i-1.
Also we know the low byte of the new IVector as output from the scrambler.
In other words, we know a value of D for which the low byte of
gi**D mod 4294967087 is known. If we simply guess gi (32 bits), we may
eliminate all but 1/2^8 of the wrong guesses. If we do this at a few
locations where the plaintext byte is known (note that the same value of
gi is used in all locations), we should be able to eliminate all the wrong
guesses, leaving only the correct value of gi. We can find first g1 and
then g2 in turn in this way, each with O(2^32) work, for a total of
O(2 * 2^32) work.
The attack can also be generalized to work even in the case where known
plaintext is not available, if we assume some statistical model on the
plaintext (e.g., that we can recognize plausible messages and distinguish
them from purely random noise).
------------------------------
From: [EMAIL PROTECTED]
Subject: Re: NSA now has a FAQ
Date: Tue, 29 Feb 2000 21:47:13 GMT
In article <89h881$1aig$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (SCOTT19U.ZIP_GUY)
wrote:
> In article <89h1db$3sg$[EMAIL PROTECTED]>, [EMAIL PROTECTED] wrote:
> >In article <[EMAIL PROTECTED]>,
> > Nuno Jaime Cardoso <
> >[EMAIL PROTECTED]> wrote:
> >> You liked it??
> >>
> >> I Loved it. I am Portuguese so, NSA doesn't have that big efect on me but, I
> >> realy loved this question:
> >>
> >> "Lately, I've seen NSA/CSS a lot in movies and on TV. Do you
> >> assassinate people? Do you secretly perform experiments on us?
> >>
> >> Because we work with highly sensitive information, we are
> >> frequently the
> >> subject of speculation - and highly imaginative and
> > creative
> >> fictitious
> >> pieces in the media. However, it is important to
> > distinguish
> >> fiction from fact.
> >> The fact is that the Executive Order 12333 (EO 12333)
> > strictly
> >> prohibits any
> >> intelligence agency from conducting these unethical
> >> activities, and we
> >> strictly abide by the Order. "
> >>
> >> I don't know mutch about US recent History but, that makes me want to say:
> >>
> >> "I am not a murderer, I am not a murderer" :)))))
> >>
> >The NSA actively gathered intelligence on
> >American citizens until the 1970s. On the
> >History Channel, Lt. Col. Dan Marvin told about
> >his days as an assassin for the Green Berets
> >and that he was requested to kill a U.S. Naval
> >Officer in 1965. Former Army seargent
> >Clifford Stone has also spoken about U.S.
> >Goverment- led assassination of American
> >citizens. Nowadays, for the sake of the
> >security of deep black projects, a hitman
> >would be contracted from the private WFO
> >(work for others contracting) sector. This is
> >done for reasons of cover-up, i.e. plausible
> >deniability, and major governmental entities
> >like the NSA are not knowingly involved in
> >this kind of activity.
>
> I don't think this is ture. The US government has
> hitmen directly on the pay roll. You could even call
> the sniper who killed the unarmed woman holding a
> baby at Ruby Ridge a hit man. He was so good at killing
> moms with babies that he was specificly assigned to
> Waco where once again the FBI needed a killer not afraid
> of killing unarmed women with babies. Who knows how
> many women and children the FBI has had him kill for
> Uncle Sam.
> I expect to see more cover ups in the news on Waco in the
> near future. It least the FBI does a good job of hiding evidence
> and it rebarrels the guns of its killers when they get the job
> done as in Waco. I would be willing to bet the reinactment
> of the shooting will prove the FBI correct in that it will show
> that they were not firing. Of course the testing will be a setup
> and special gun powder will be used to get the results the
> FBI wants. And yes my mom worked for the FBI they are above
> the law anybody who thinks other wise is stupid.
>
I was referring only to the security of deep
black projects which is maintained partly by
keeping these projects separated from the
government. Even former C.I.A. director James
Woolsey had to get a civilian, Dr. Steven
Greer, to brief him on UFOs because he could
not gain access to black info on the subject.
> David A. Scott
> --
>
> SCOTT19U.ZIP NOW AVAILABLE WORLD WIDE
> http://www.jim.com/jamesd/Kong/scott19u.zip
>
> Scott famous encryption website NOT FOR WIMPS
> http://members.xoom.com/ecil/index.htm
>
> Scott rejected paper for the ACM
> http://members.xoom.com/ecil/dspaper.htm
>
> Scott famous Compression Page WIMPS allowed
> http://members.xoom.com/ecil/compress.htm
>
> **NOTE EMAIL address is for SPAMERS***
>
> I leave you with this final thought from President Bill Clinton:
>
> "The road to tyranny, we must never forget, begins with the destruction of the
>truth."
>
Sent via Deja.com http://www.deja.com/
Before you buy.
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
