JetBlue: Code Red

2003-09-16 Thread R. A. Hettinga
http://www.dontspyon.us/jetblue.html

DontSpyOnUs :: 

First In Line for Fascism 
Galileo: Police State Collaborator 
Meet Sam Katz: Galileo's Collaborator-in-Chief How CAPPS II Works Why CAPPS II Makes 
Flying MORE Dangerous What's in a PNR? Why This Site Exists Plead the Fourth Press 
Room Mail Bag 

JetBlue: Code Red 
An offer by JetBlue Airways to test the CAPPS II internal border control system has 
been accepted by the Department of Homeland Security's Transportation Security 
Administration. 

In a secret, off-the-record meeting held recently at TSA headquarters, TSA chief James 
M. Loy informed an elite audience of conservative opinion-makers that JetBlue Airways 
is replacing Delta Airlines as the testing platform for the CAPPS II internal border 
control system.  The meeting was attended by former US Representative Bob Barr as well 
as leaders from several conservative public policy groups. 

JetBlue Airways has shown its true spirit by pushing to be first in line for fascism. 

Rather than being merely the airline with free DirecTV, JetBlue shall henceforth be 
known as the airline with thousands of daily, non-stop trips from Washington, DC into 
the private lives of Americans foolish enough to fly their Orwellian, unpatriotic 
airline. 

It's time for all patriotic Americans to share with JetBlue a little of that Boycott 
Delta love.  If the JetBlue leadership hadn't been under a rock for the past six 
months, they would be well aware of the pillorying in the media and the countless 
millions of dollars in lost revenue borne by Delta by participating in the first round 
of CAPPS II testing. 

Until JetBlue publicly withdraws from any and all CAPPS II testing and apologizes to 
the American people for their reckless disregard for the US Constitution, a boycott of 
JetBlue Airways is in effect. 


 




 
They that can give up essential liberty to obtain a little 
temporary safety deserve neither liberty nor safety. 
- Benjamin Franklin 

-- 
-
R. A. Hettinga mailto: [EMAIL PROTECTED]
The Internet Bearer Underwriting Corporation http://www.ibuc.com/
44 Farquhar Street, Boston, MA 02131 USA
... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


PGP makes email encryption easier

2003-09-16 Thread R. A. Hettinga
http://www.theregister.co.uk/content/55/32828.html

The Register

  15 September 2003 
  Updated: 15:06 GMT 



PGP makes email encryption easier 
By John Leyden 
Posted: 15/09/2003 at 14:06 GMT 


 
PGP Corporation today introduced simpler email encryption in which the burden of 
securing email messages is shifted from the client to the network. 

PGP Universal software suite, launched today, represents a new architecture for the 
company. The complexity of email encryption systems has long been a factor holding 
back deployment. Some vendors have responded to by repackaging encrypted email as a 
Web-based service. 

PGP Corp has taken a slightly different tack, adapting its software so that it can be 
loaded onto x86 servers to create an email encryption appliance. These proxy servers 
live between an email server and client machine or in an enterprise's DMZ; they are 
responsible for generating encryption keys and managing the encryption and digital 
signing of email, according to enterprise security policies. The appliances can be 
clustered for higher availability. 

Transmissions between a client machine and PGP can themselves be encrypted using SSL. 

The technology was launched at a Gartner security conference in London this morning. 
Stephan Somogyi, director of products at PGP Corp, told delegates that PGP Universal 
radically simplifies the support and training requirements normally associated with 
deploying enterprise encryption products. 

Desktop solution hit a wall when you hit deployment of 15 per cent within companies 
because of training and deployment issues, Somogyi told The Register . With desktop 
solutions you also have a problem of people accidentally failiing to comply with 
security policies, for example by forgeting to digitally sign email, that's why we're 
moving to a network-based approach. 

But couldn't an enterprise set up a similar system using digital certificates and 
email sent using the TLS protocol, Somogyi was asked. Up to a point, he replied; such 
an approach would only work effectively for site to site email and sets up a 
computational overhead which PGP's architecture is better suited to manage. 

PGP Universal support POP3 and IMAP clients, as well as Lotus Notes systems. Exchange 
support is more problematic, but the PGP Corp intends to support Exchange 2003 support 
via OUtlook HTTPS. 

PGP Corp intends to add support for S/MIME encryption and X.509 certificates to PGP 
Universal later this year. And it aims, at some point, to support secure instant 
messaging and a greater range of mobile devices - PGP has already developed a client 
that works on a Handspring Treo. 

PGP Universal interoperates with AV and content filtering scanners, where messages are 
be checked before encryption and after decryption. Alex Doll, CFO at PGP Corporation 
said the company was in talks with one particular AV vendor, which he declined to name 
as yet, about a possible OEM deal. The company is also in talks with an ISP and 
managed service provider about setting up a premium service based on PGP's technology. 

Pricing for the PGP Universal, which the company says is suitable for companies 
ranging for a handful of employees to thousands, is based on the number of end users, 
gateway and supported domains. Costs are similar to AV pricing, according to Steve 
Abbott, VP of sales at PGP Corp. ® 


-- 
-
R. A. Hettinga mailto: [EMAIL PROTECTED]
The Internet Bearer Underwriting Corporation http://www.ibuc.com/
44 Farquhar Street, Boston, MA 02131 USA
... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: quantum hype

2003-09-16 Thread John Lowry
QC is currently a one-time pad distribution mechanism - or at lower rates a
key establishment mechanism most suitable for symmetric algorithms.

You are correct that authentication is not inherent.  Then again, this is
also true for classical symmetric and PKI schemes.  To be usable, all
crypto requires some kind of authentication mechanism or scheme.

The QC community is well aware of this problem and is working on it.
Please don't give up yet !  In the mean time, manual establishment of an
authentication secret works as do physical means e.g., optical viewing of a
satellite from a ground station.

Please remember that it's early days yet; the problems are real and hard.
Come join the fun.

And watch out for snake oil from early attempts at commercialization  ;-)

John
PS: a small nit.  The quantum channel is tamper _detectable_.  There is no
claim to being untamperable.  You can always detect tampering (and throw
away those bits) regardless of who you are talking to.  Multiple reads of
a photon (several approaches have been considered) is either equivalent to
tampering or yields no information.  Physics is fun !


On 9/16/03 16:03, Hadmut Danisch [EMAIL PROTECTED] wrote:

 On Sat, Sep 13, 2003 at 09:06:56PM +, David Wagner wrote:
 
 You're absolutely right.  Quantum cryptography *assumes* that you
 have an authentic, untamperable channel between sender and receiver.
 
 So as a result, Quantum cryptography depends on the known
 methods to provide authenticity and integrity. Thus it can not
 be any stronger than the known methods. Since the known methods
 are basically the same a for confidentiality (DLP, Factoring),
 and authentic channels can be turned into confidential channels
 by the same methods (e.g. DH), Quantum cryptography can not be
 stronger than known methods, I guess.
 
 On the other hand, quantum cryptography is based on several
 assumptions. Is there any proof that the polarisation of a
 photon can be read only once and only if you know how to turn
 your detector? 
 
 AFAIK quantum cryptography completey lacks the binding to
 an identity of the receiver. Even if it is true that just a single
 receiver can read the information, it is still unknown, _who_
 it is. All you know is that you send information which can be read
 by a single receiver only. And you hope that this receiver was the
 good guy.
 
 Hadmut
 
 -
 The Cryptography Mailing List
 Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Re: PGP makes email encryption easier

2003-09-16 Thread Ian Grigg
Eric Murray wrote:

  For the record, AFAIK, this approach was invented and
  deployed by Dr. Ian Brown as his undergraduate thesis,
  back in 1996 or so.
 
 Not to take anything away from Dr Brown, but I wrote something very
 similar to what PGP's selling for internal use at SUN in 1995 (to secure
 communications between some eastern european offices).   I'd thought
 about it a couple years before that as I needed something to secure
 communications between the company I worked for and their law firm,
 and teaching executives and chip designers to use PGP wasn't working
 very well.

Thanks for the correction!  Was this project ever released
or documented?  I never heard of it before.

 I don't beleive that I was the first to think of it or the first to
 do it; it's a pretty obvious solution.

:-)  Many inventions are obvious once well understood.

Although I would agree that such an invention should not
deserve to be patented.  Whether that's because it is too
obvious, or too useful, depends on ones pov...

  It's a good approach.  It trades some sysadmin complexity
  for the key admin complexity, but it also raises some
  interesting challenges for deciding when to encrypt,
  when not to encrypt, and also, when to block outgoing
  mail that should be encrypted...
 
 Yep.
 
 Eric

iang

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Baltimore Break-up to Continue

2003-09-16 Thread R. A. Hettinga
http://www.onbusiness.ie/2003/0916/mibusiness.html

OnBusiness

  š Tues, Sept 16, 2003

BALTIMORE BREAK-UP TO CONTINUE - Baltimore Technologies has reported
sharply lower first-half pre-tax losses of £9m, compared with £43m in the
same period last year. Losses before exceptional items were slashed from
£9.9m to £2.2m.

Total revenues dropped from £22.1m to £9.7m, while sales from continuing
businesses fell from £13.2m to £9.3m.

The company had cash balances of £14.6m at the end of the period, but
expects a further £15.9m from a series of disposals. Staff levels at
Baltimore have been cut from 422 to 255 in the period and the company says
this process will continue.


-- 
-
R. A. Hettinga mailto: [EMAIL PROTECTED]
The Internet Bearer Underwriting Corporation http://www.ibuc.com/
44 Farquhar Street, Boston, MA 02131 USA
... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


Quantum cryptography finally commercialized?

2003-09-16 Thread R. A. Hettinga
http://www.net-security.org/news.php?id=3583

Help Net Security -

Quantum cryptography finally commercialized?
Posted by Mirko Zorz - LogError
Tuesday, 16 September 2003, 1:23 PM CET


Start-up MagiQ Technologies, from Somerville, Massachusetts, has released
the first commercial implementation of quantum cryptography, the
much-heralded solution to the perfect encryption cipher. Theoretically,
encryption ciphers created using quantum physics are unbreakable.

While MagiQ Technologies' product, Navajo, isn't itself a quantum device it
uses one of the fundamental tenets of quantum theory: Heisenberg's
Uncertainty Principle, to create a Quantum Key Distribution (QKD) network.
Werner Heisenberg first published his theory in 1927, stating that the more
precisely the position of is known, the less precisely the momentum is
known. This succinct statement addresses the uncertain relationship between
the position and the momentum (mass times velocity) of a subatomic
particle, such as an electron, and has profound impact on the development
of future information systems.


-- 
-
R. A. Hettinga mailto: [EMAIL PROTECTED]
The Internet Bearer Underwriting Corporation http://www.ibuc.com/
44 Farquhar Street, Boston, MA 02131 USA
... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]