Cryptography-Digest Digest #987, Volume #11 Fri, 9 Jun 00 11:13:01 EDT
Contents:
Re: Davvey Griffith, bitter little lying PIZZABOY tries to get "malicious" whackers
to do his dirty work. (Charlie Chainsaw)
Re: randomness tests (John)
Re: Some dumb questions (Jim Gillogly)
Re: Random IV Generation (Eric Lee Green)
----------------------------------------------------------------------------
Subject: Re: Davvey Griffith, bitter little lying PIZZABOY tries to get "malicious"
whackers to do his dirty work.
Crossposted-To:
alt.hackers.malicious,alt.usenet.kooks,alt.romath,alt.fan.karl-malden.nose,alt.fan.mark-brian,alt.politics.uk
From: [EMAIL PROTECTED] (Charlie Chainsaw)
Date: Fri, 9 Jun 2000 06:47:18 -0600
[EMAIL PROTECTED] wrote:
> In alt.hackers.malicious Belinda <[EMAIL PROTECTED]> wrote:
>>>> I'm not a barrater. Never claimed to be. Keep repeating a 4 year old lie,
>>>> Daavey. Says a lot about you.
>>>
>>>You don't have to actually BE a lawyer to be a barrater. All it takes is
>>>abuse of the legal system.
>> From the American Heritage Dictionary: bar.ra.tor also bar.ra.ter
>> (b?r??-t?r) n. Law. One that persistently instigates lawsuits.
>> Try to find a more appropriate ad-hominem, Daaavey.
> Why? The definition still suits you?
>>>>>>>These twerps are the ones who attacked APDD and AHM.
>>>>>
>>>>>> The record clearly shows that we were the ones who defended ourselves after
>>>>>> first being attacked by netkkopping pizzaboys and fuckheaded crackers. Spin
>>>>>> it 'til the cows come home, Daaaavey boy - Deja tells the *real* story.
>>>>>
>>>>>Which record? The broken one that keeps going "netkop! postmaster!
>>>>>whaaa!" over and over again? Deja clearly shows that JamesE announced to
>>>>>the world that he was back and wanted revenge.
>>>
>>>> Actually, Daavey, James announced that he would continue to post to APDD, an
>>>> unmoderated alt. group if he pleased. You retaliated with email threats. I
>>>> have all of them, btw.
>>>
>>>James can't even tell the difference between email and usenet.
>> You can't even tell when you've been trolled.
> What can you do to APDD now? Troll it some more? The people your looking
> to irritate are all gone to a mailing list which is quite safe from your
> ilk.
>>>>>He ran to Gary to rally the peanut gallery and they started flooding APDD.
>>>
>>>> This is where the lies start. You were screaming FLOOD! over an
>>>> insignificant amount of posts. *That's* why you got laughed out of nanau.
>>>
>>>Hyperbole.
>> Yes, claiming that a handful of posts was a "flood" was indeed hyperbole.
>> Thanks for admitting it.
> Oops. You missed what I was referring to.
>>>>>Are you capable of
>>>>>noticing this from the general content of the messages from February til
>>>>>mid-April or do you need diagrams and graphs?
>>>
>>>> Chart it out, sweetie. I think you'd be surprised at the numbers.
>>>
>>>Gee, you ARE dense.
>> Um, no. Do the math, Daavey. Maybe the numbers will convince you to put
>> your Burnore obsession aside and deal with some facts.
> Have you any clue of the metric involved? Count the number of posts that
> had anything to do with trollery in February, March, and April. Notice
> the increase.
>>>> It will show that you're a whining little netkop who destroyed APDD because
>>>> you thought it was YOUR group.
>>>
>>>As if you, Gary, or James has more of a claim there than I?
>> What's that whooshing sound I hear? Must be a point flying right over
>> Daaavey's head.
> You mean that wasn't a gnat farting?
>>>>>Perhaps I should dig up mailing list archives
>>>
>>>> Why don't you just go back to Thorne's site? He put his own spin on every
>>>> single thing the Anonymous Asshole did. One stop shopping for your
>>>> obsession, Daavey. That's how this all started. Your obsession. Remember,
>>>> you had a chance at a truce. But no-o-o-o, Daavey was going to be the one
>>>> to bring down DataBasix.
>>>
>>>Or I could just go back to my archive of Cypherpunk listmail.
>> Oooh, you've got an archive, too! When are you going to immortalize yours
>> on a website? You'll have to go a long way to beat out Jerry Terranson. He
>> spends $29.95 monthly just so he can have a special website devoted to
>> archiving everything Burnore/DataBasix related.
> Why should I bother when one can run a search on altavista for free?
>> Since this will probably go over your head, let me make it simpler for you,
>> Daavey: I don't care about your archive. I'd bet real money that no one
>> other than the usual obsessos care about your archive.
> Where did I imply that you should visit this archive? You can go use a
> search engine like everyone else who lacks access to my machinery.
>>>Which truce are you talking about? The one where James E declared himself
>>>emperor???
>> No. The ones where neutral parties tried to talk you into backing off in
>> return for the stopping the crossposting and concluded that you were being
>> spoon fed by Thorne.
> Neutral parties who just so happened to make regular use of their
> databasix accounts. Uh, right.
>>>> I guess you following me around that means it's going to be your life's
>>>> work, eh?
>>>
>>>Maybe you should ask yourself what's really going on.
>> I see another fanboy following me around screeching about his interpretation
>> of something that happened four years ago.
> Something that I watched unfold as it happened.
>>>>>of Gary doing silly things with the list manager software.
>>>
>>>> This is simple babbling on your part.
>>>
>>>So?
>> Autoflame Grade: A
> Ooo.. smokin!
>>>>>Perhaps I hould dig up texts on the demise of Huge Cajones and your role
>>>>>therein.
>>>
>>>> If you want to drag out stuff that is FOUR YEARS OLD, knock yourself out.
>>>> The simple fact remains that *you* *weren't* *there*. If you want to repeat
>>>> anonymous hearsay, have at it. Apparently that lecture your supervisor gave
>>>> you didn't make any impression, did it?
>>>
>>>Mailing list posts from the man you attacked hardly count as hearsay.
>> No, they count as *one* *side* *of* *the* *story*. No wonder you have to
>> deliver pizzas for a living. You're not smart enough to do anything else.
> You'd be surprised how much money one can make delivering pizza. However,
> programming, sysadminning, and doing security consulting is a bit more
> rewarding. Pizza-delivery was good to get me by until the computer stuff
> took off.
>>>>>The ones where Gary defends the treatment of Jeff are especially juicy.
>>>
>>>> Either you have a significant reading comprehension problem or Thorne's
>>>> coaching was more twisted than usual.
>>>
>>>Thorne was posting to the Cypherpunks list?
>> Gary was posting a 'defense of the treatment of Jeff' to the Cypherpunks
>> list?
> I thought we were talking about Thorne's bogeyman-like power to anywhere
> insert malicious stories about poor ol' Gary.
>>>> FTR, I don't give a damn what you manage to dredge out of the archives.
>>>> Jeff is an arrogant asshole who allowed his remailer to be used for
>>>> widescale spambaiting and illegal harassment and chose to handle it by
>>>> lashing out at the only people he could find. He repeatedly made unfounded
>>>> accusations on Usenet and then issued half-assed retractions in email.
>>>
>>>Please define "illegal harassment".
>> No. This is my last discussion with you on this topic. Take it to
>> alt.dead-horse.beat.beat.beat.
> Noted: Belinda accused Jeff of allowing illegal harassment, but refused
> to explain herself.
>>>Is it fingering someone for a crime?
>> Never happened, Dimmy^H^H^H^Daaavey.
> So are you saying that no such harassment occurred? That there really is
> no such thing as statutory rape?
>>>>>>>Perhaps you should consider an objective view.
>>>>>
>>>>>> Which won't come from Daaavey, bitter little whining pizzaboy who doesn't
>>>>>> like reaping what he has sown.
>>>>>
>>>>>Oops, there goes Belinda blowing dandelion seeds around again!
>>>
>>>> Yeah, that really made sense.
>>>
>>>It's called a "metaphor"<SLAP>
>> Give it a break, college boy. It didn't have the relevance to be a
>> metaphor. That makes it a non sequitur.
> Okay, you can ignore that too.
>>>>>>>You should also consider Belinda's history of going real-life in the
>>>>>>>well-documented case of when she impersonated a lawyer to shut down an
>>>>>>>anonymous remailer. Is that what one expects of an honest person?
>>>>>
>>>>>> One expects that an honest person wouldn't persist in going around repeating
>>>>>> nasty, *unfounded* allegations from several years ago, Daavey.
>>>>>
>>>>>Whatever could you be referring to? Huge Cajones? No, that's
>>>>>well-established fact and is now a textbook example of legal assaults on
>>>>>privacy.
>>>
>>>> Something repeated over and over and over again by someone posting
>>>> *anonymously* and then repeated over and over and over again by net.kooks
>>>> like Thorne does not well-established fact make.
>>>
>>>What? That you screwed Jeff to protect Gary?
>> Never happened, Daavey.
> Oops. I should have realized that Belinda might have interpreted that to
> say "...had sex with Jeff to protect Gary?". What I meant was
> "...harassed and threatened Jeff to protect Gary?".
>>>> Ask yourself this, pizzaboy: Jeff claimed that he repeatedly stood up to
>>>> the Church of Scientology and all their lawyers. So why did he supposedly
>>>> cave in to me when I'm not even a fricking lawyer, when he KNEW I wasn't a
>>>> lawyer? Please do explain just how the hell I managed to pull off a
>>>> "textbook example of legal assaults on privacy" simply by sending him ONE
>>>> EMAIL. (Hurry, run off to Dimmy for some coaching.)
>>>
>>>Did you even READ his explaination of why he took it down?
>> I not only read it, I met personally with him and discussed it. The phone
>> calls to his employer, which he specifically stated on Usenet and in person
>> did not come from us, were part of the reason he took it down. The other
>> reason he gave us privately for taking it down turned out to be a lie on his
>> part.
> I can assume that Jeff doesn't like being harassed. Because you and
> others harassed him, he took the remailer down. That rash of harassment
> was prompted by your actions. What is so hard about this?
>>>Everyone has
>>>a breaking point and YOUR harassment of him was the last straw. He states
>>>quite clearly he doesn't want to be harassed anymore.
>> He and others also fingered the person who prompted the barrage of telephone
>> calls. You need to go back and read a bit more carefully, pizzaboy.
> How is that relevant? He was harassed, so he removed what was irritating
> the harassers.
>>>Your impersonation
>>>of a lawyer only made it more odious.
>> I never impersonated a lawyer. Your logic is full of holes, anyway. If I
>> did impersonate a lawyer and Jeff figured it out, then where's the threat to
>> him? Eh?
> Subject: Jeff's Side of the Story.
> From: [EMAIL PROTECTED] (Jeff Burchell)
> Date: 1997/07/01
> Followup-To: alt.privacy.anon-server,alt.fan.steve-winter,
> alt.religion.scientology,alt.anonymous,misc.misc,
> alt.censorship,news.admin.censorship,comp.org.eff.talk,
> news.admin.net-abuse.misc
> Organization: Content, Inc
> Newsgroups: alt.privacy.anon-server,alt.fan.steve-winter,
> alt.religion.scientology,alt.anonymous,misc.misc,
> alt.censorship,news.admin.censorship,alt.cypherpunks,
> comp.org.eff.talk,news.admin.net-abuse.misc
> [snip]
> I did respond in a fashion much like this, about a week before the attacks
> started coming. Mr. Burnore requested a copy of my (non-existant) logs.
> I told him to get me something in writing, signed by his lawyer that
> stipulated that the logs were confidential, and not to be revealed to
> anyone outside of the lawyer's office.
> I received a letter from Belinda Bryan. She is not registered with the
> State Bar of California, and is thus, not a California lawyer. I then
> ignored the request, and forwarded the correspondence to the State
> Attorney General's office (as impersonating a lawyer in CA is defined
> as fraud with extenuating circumstances).
> [end quote]
> Seems pretty clear that Jeff was quite convinced that you presented
> yourself as a lawyer.
>>>> Your pretty words don't mean squat, Daavey. The fact that you are literate
>>>> doesn't disguise the trumping fact that you're simply spreading bullshit
>>>> with an especially nice butter knife.
>>>
>>>You just don't like it when someone sees through your bullshit and calls
>>>you on your inconsistencies.
>> There are no inconsistencies in my side of the story, Daaavey.
> So what do you call your claim to have never impersonated a lawyer while a
> post from Jeff claims that you did? Are you calling Jeff a liar?
>>>> Do continue to ramble on about events of four years ago, fanboy. We'd hate
>>>> for whackjobs like Thorne and Terranson to be the only ones so concerned
>>>> about it.
>>>
>>>How does being immortalized in cryptology texts make you feel?
>> In good company.
> What's that supposed to mean? That you feel good about practicing what's
> known as "rubber-hose cryptography"?
That's "rubber-hose cryptanalysis". You know, if you're going to use
technical terms on Usenet, you really should be aware that each term has a
precisely defined meaning, and posting nonsense like the above is the best
way to ensure that everyone reading your posts knows you're an idiot.
>> The cryptos are always bitching about something.
> Like "that won't work, you can break it by doing this...". Science is
> like that.
>> Their archives also serve as an excellent fanboy meter. (There's a
>> message there, Daavey. Think about it.)
> The "fanboy" metric being defined as anything critical of you and your
> techniques in that field.
>>>> No, that's called common sense. You displayed all the classic signs of
>>>> being coached by Thorne. *Everyone* saw it.
>>>
>>>Show me where I fawned over Thorne and his doings. Since I don't use
>>>"X-No-Archive: yes", this should be easy... if such posts even existed in
>>>the first place.
>> Actions speak louder than words, Daaavey.
> So you've found the articles? What search parameters did you use?
>>>>>Here we go again. Where did I claim to be a postmaster of ANY DOMAIN?
>>>
>>>> When you decided to make harassing phone calls to databasix. When you told
>>>> Gary that you would use your position as postmaster of csu to get our plug
>>>> pulled if Gary wouldn't make James stop crossposting to APDD.
>>>
>>>So it's harassment if as soon as I identify myself, Gary starts screaming
>>>and foaming?
>> Lying comes easily to you, doesn't it?
>> [flush]
> Then prove that the conversation went differently. A lot of people agree
> that Gary screaming on the phone is much more likely than Gary politely
> disagreeing on the phone.
>>>You're not a reliable witness.
>> Says a lying, obsessed pizzaboy.
> Belinda runs out of ammo and pulls out the "liar liar pants of fire"
> defense.
>>>I have a lot of people all over San
>>>Francisco who agree that screaming at people on the phone is very much in
>>>character for Gary.
>> Then where are they? Is this like the "lurkers support me in email" tactic?
> No, it's the people who populate the computer enthusiast scene up there.
>>>Who else would have witnessed this call?
>> Worried?
> Name some names and then I'll consider being a bit worried.
>> [blah blah blah]
> Yet again, no answer to a simple question.
>>>And you can't prove the content of that call.
>> Nor can you.
> I can show that my version is much more likely than yours.
>>>You have your reputation for telling the truth (ie, none).
>> My reputation for telling the truth is just fine among the non-kook faction.
> non-kook defined as who? non-cryptologists? non-computer-types?
>>>I have mine
>> as a whining netkop who brags about making people lose net access over
>> off-topic posts to a fricking pizza delivery group by lying about
>> non-existent status as a university postmaster.
> Whoops! There goes the ol' postmaster accusation again. Don't you ever
> tire of that one? How about showing me where I bragged about making
> someone lose access?
>>>(can point to lots of
>>>people who agree that Gary's behavior is in character)
>> because they either exist only in my imagination or are obsessed kooks, just
>> like me.
> Trouble with grammer, hm?
>>>Try to find a lie.
>> You'll become so exhausted pointing each one out that
>>>You won't find any.
>> time to stop to eat or sleep and eventually you'll die, making me happy.
> This is unintelligible.
>>>>>If you disbelieve that Gary would scream obscenities and hurl wild threats
>>>>>like that over the phone, one need only talk to people who were involved
>>>>>in the ISP business in San Fransisco when he lived there.
>>>
>>>> Oh, really? Is that why we've had no problems finding peers based on the
>>>> recommendations of people he did business with in northern California?
>>>
>>>Common repeat spammers can often get peers. They often tell other
>>>spammers about service providers friendly to their activities. The same
>>>principle applies to you.
>> You might want to think about who peers with us before you make such
>> ludicrous remarks.
> The very same uu.net which has often allowed spam to be emailed and posted
> to usenet?
>>>>>> Not to mention the ones where you brag about
>>>>>> calling our then-current upstream and our then-pending upstream in an
>>>>>> effort to get our connectivity yanked.
>>>>>And this is significant because...
>>>> Because it proves that you're a netkkkopping control freak who, rather than
>>>> ignore a few crossposts, tries to bring down a whole domain.
>>>
>>>Belinda redefines "few" again...
>> Daavey demonstrates his inability to deal with the truth again.
> Your version of the truth doesn't jive with observable fact (refer to the
> above post from Jeff about you playing lawyer).
>>>> And here you are, following me around and posting to AHM, hoping they'll be
>>>> able to accomplish what you didn't. Dream on, pizzaboy.
>>>
>>>AHM was a scapegoat for yours and Gary's own incompetence. Someone broke
>>>in and you two needed someone to blame.
>> The people who admitted to it would seem a logical choice.
> So you picked up more attackers from AHM. Big deal.
>>>If a script kiddie from AHM or the like really did cause you damage,
>> Who said anything about damage, Daavey?
> Notice that word "if" up there. It means something.
>>>as you claim,
>> And this claim can be seen where?
> This was around the 30th of May when you said that the attacks came well
> before someone nabbed your unshadowed password file. Search dejanews for
> "+hackers +databasix +ahm +security +"cra><0r"". It's in the quotes of
> the first hit you find.
>>>then your problems are much more serious.
>> Problems? What problems?
> Do you know what computer security is?
>>>> Poor, bitter Daavey. Your brand spankin' new majordomo list just doesn't
>>>> cut it, does it?
>>>
>>>It works just fine, thanks.
>> Then why are you back on Usenet whining about "your" pizza delivery group?
> I'm here to challenge your supposed right to cause trouble.
>>>> You had to come back to Usenet and follow me around like a
>>>> yipping little ankle-biter. Following in the footsteps of an anonymous
>>>> lunatic and a the small, albeit determined cadre of net.kooks who dog my
>>>> every word. Here comes Daavey, sniffing along behind them, thinking
>>>> maybe if *he* repeats the old stuff over again, he might actually
>>>> accomplish something other than making himself look like just another
>>>> fanboy.
>>>
>>>Poor abused Belinda...
>> You misspelled "amused". HTH.
> You think it funny that you can accuse without proof? You think it funny
> that you can harass people without pissing them off? You think it funny
> that your actions are coming back to haunt you?
>>>> Say, what's the subscription address of that list again? I know someone who
>>>> might be interested.
>>>
>>>Since you're apparently are so 31337, you can find it yourself.
>> I've never claimed to be elite. But I'll tell my friend that you're not
>> really anxious to have new subscribers because after all, if your list
>> succeeds, you'll have one less thing to bitch about.
> So you'll sic a script kiddie on me?
> --
> David Griffith
> [EMAIL PROTECTED]
------------------------------
Subject: Re: randomness tests
From: John <[EMAIL PROTECTED]>
Date: Fri, 09 Jun 2000 08:01:05 -0700
You want to start with the standard mean, standard deviation,
etc. Also, the spread is very important. Chi-Square test is
also a good one.
Also, it is important to test a big enough sample.
* Sent from RemarQ http://www.remarq.com The Internet's Discussion Network *
The fastest and easiest way to search and participate in Usenet - Free!
------------------------------
From: Jim Gillogly <[EMAIL PROTECTED]>
Subject: Re: Some dumb questions
Date: Fri, 09 Jun 2000 15:06:03 +0000
Mok-Kong Shen wrote:
>
> Jim Gillogly wrote:
>
> > Mok-Kong Shen wrote:
> > > from other viewpoints, e.g. operating expenses/difficulties. (To
> > > avoid flames from other readers due to misunderstanding, let me
> > > repeat that I don't 'recommend' or 'propose' using n-OTP with
> > > frequency flattening as desciribed above and that I am in fact not
> > > even sympathetic to OTP as such.)
> >
> > Why, then, did you restart this discussion? Trying to help somebody
> > out who was trying to breathe new life into the rotting corpse of
> > a dead system seemed like a worthy goal, but wanking around with
> > something <nobody> believes in seems like a waste of time. I'm out
> > of this one.
>
> Pardon. Which discussion? The frequency distribution issue? Since
> you in your previous post once again touched about the issue of
> cracking based on frequencies, I thought that it were consequently
> allowed to respond to that on my part. Or was that perhaps a sin
> of mine?
Not at all. The discussion is the one with the above title, i.e. the
entire thread -- you initiated it apparently to find out ways to improve
the security of N-time pads, but you've said here that you do not
recommend or propose either N-time pads or 1-time pads. This leads
me to wonder what the point was of this exercise -- was it simply to
increase the volume in sci.crypt?
> Nonetheless, I like to point out it is a subjective matter whether
> OTP is a 'dead system'. At least till recently there have been several
The "dead system" is the N-time pad, not the 1-time pad.
--
Jim Gillogly
20 Forelithe S.R. 2000, 15:01
12.19.7.5.0, 13 Ahau 3 Zotz, First Lord of Night
------------------------------
From: Eric Lee Green <[EMAIL PROTECTED]>
Subject: Re: Random IV Generation
Date: Fri, 09 Jun 2000 15:08:09 GMT
Adam Durana wrote:
> An initialization vector (IV), does not need to be generated by a secure
> random number generator. It does not even need to be random. It just has
> to be unique for each message.
Good point. So really, a non-cryptographic-quality PRNG (i.e., statistically
valid but predictable PRNG) would be just as useful for IV generation as long
as it has a period equal to or longer than 2^block_size and an initialization
set as large as the block size.
The advantage of using a cryptographic-quality RNG/PRNG in this situation is
more related to the fact that most non-cryptographic-quality PRNG's have a
very limited initialization set. For example, one PRNG that I looked at has
2^24 possible initial values. If you are trying to ensure uniqueness, that
means that you're going to have to re-key your cipher after that # of messages
(actually, after some smaller # of messages, I'll let someone who knows more
math tackle that one). If you are doing something like, say, IPSec, you could
easily have that number of messages in a fairly short amount of time.
Of course, for something like IPSec, you could simply establish a symmetric
key and IV when the tunnel is established, and simply increment the IV
(rolling over at 2^BLOCK_SIZE) for each subsequent message sent with that
symmetric key, right? Of course, you still need a cryptographic-quality
RNG/PRNG to establish the symmetric key...
--
Eric Lee Green [EMAIL PROTECTED]
Software Engineer Visit our Web page:
Enhanced Software Technologies, Inc. http://www.estinc.com/
(602) 470-1115 voice (602) 470-1116 fax
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and sci.crypt) via:
Internet: [EMAIL PROTECTED]
End of Cryptography-Digest Digest
******************************
