Re: Criminalizing crypto criticism

2001-07-28 Thread John Gilmore
Much of the hysteria regarding the DMCA's supposed ability to quash free speech by cryptographic researchers is being whipped up by opponents to the DMCA who are misrepresenting the DMCA in a calculated fashion in order to promote opposition. The anonymous poster's legal analysis was not

Re: chip-level randomness?

2001-09-19 Thread John Gilmore
The real-RNG in the Intel chip generates something like 75 kbits/sec of processed random bits. These are merely wasted if nobody reads them before it generates 75kbits more in the next second. I suggest that if application programs don't read all of these bits out of /dev/intel-rng (or whatever

Re: California appeals court holds that DeCSS code is protected speech

2001-11-04 Thread John Gilmore
Second, the court ruled that the preliminary injunction which the lower court had issued was an unconstitutional prior restraint on speech, but went out of its way not to answer whether damages and/or a permanent injunction after trial would suffer the same fate. Actually, the fact that

cypherpunks@toad.com is going away

2001-11-27 Thread John Gilmore
is no longer in existence. There remains a single encryption-related mailing list on toad.com, coderpunks which is for people who write code. John Gilmore - The Cryptography Mailing List Unsubscribe by sending unsubscribe

Re: Computer Security Division Activities

2001-10-13 Thread John Gilmore
make us feel much safer. Just like children, which is the way our government is treating us. I will not participate in activities that require me to identify myself to the government, or to be pre-vetted for attendance. John Gilmore

Re: FreeSWAN US export controls

2001-12-10 Thread John Gilmore
would already exist in the mainline Linux kernel. Make my day. John Gilmore PS: Of course, the only software worth wasting your time on comes from those macho dudes of the U.S. of A. Those furriners don't even know how to speek the lingua proper, let alone write solid buggy code like

Re: [DailyRotten] FBI requests worm-built password log

2001-12-17 Thread John Gilmore
Perhaps more on target, possession of those passwords does *not*, as far as I can tell, change the FBI's legal ability to, for example, read someone's email. They'd still need a court order... Steve, the FBI doesn't care about what the law says. Their big concern is what they can get away

Re: Stegdetect 0.4 released and results from USENET search available

2001-12-21 Thread John Gilmore
Niels Peter, congratulations on finding no secret messages. This is why computers are getting faster -- so we can spend more and more time searching out the lack of any information being communicated. An obvious step is to extend your detector to handle other formats besides JPEG. That would

Re: Steganography covert communications - Between Silk and Cyanide

2001-12-30 Thread John Gilmore
John Gilmore - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Baltimore Sun: MD police seek easier wiretaps

2002-01-05 Thread John Gilmore
http://www.sunspot.net/news/custom/guns/bal-wiretap03.story?coll=bal-home-headlines Md. police seek law for easier wiretaps Use of technology by criminals outruns current authority By Sarah Koenig Sun Staff Originally

Re: On ISPs Not Filtering Viruses

2002-01-07 Thread John Gilmore
John Young, why are your web servers running virus-prone operating systems? Haven't you installed the Linux security patches on 'em and turned off all nonessential services? I thought ISPs were supposed to be bit-pipes. End-to-end unrestricted connectivity is the basic feature of the Internet.

Re: FreeSWAN US export controls

2002-01-13 Thread John Gilmore
Or is there something we should be doing to get RedHat, and Debian, and other US-based distributions to include it? Absolutely. It's already pretty secure. We should just make it trivial to install, automatic, transparent, self-configuring, painless to administer, and free of serious bugs.

Re: PGP GPG compatibility

2002-01-20 Thread John Gilmore
These days, PGP is effectively useless for interoperable email. If you have not prearranged with the recipient, you can't exchange encrypted mail. And even if you have, one or the other of you will probably have to change your software, which will produce other ripple effects if you are trying

James Bamford talk: Intelligence Failures that led to Sep 11th attacks

2002-01-24 Thread John Gilmore
From the privacy-invasions-don't-protect-our-security department... Date: Thu, 24 Jan 2002 12:28:08 -0800 From: Poli Sci Advisers [EMAIL PROTECTED] Subject: Lecture: INTELLIGENCE FAILURES THAT LED TO THE SEPTEMBER 11TH ATTACKS The Goldman School of Public Policy is pleased to announce the

Re: A risk with using MD5 for software package fingerprinting

2002-01-28 Thread John Gilmore
A small PS to my last message. In 1978 I was lent an Apple II running the ABBS software (Apple Bulletin Board System), and it ran in a corner of my bedroom for some years as the PCnet ABBS in San Francisco. This was a machine with an 8-bit 1 MHz processor, 48K of RAM, and a custom floppy that

Canadian CSE wiretaps used against US citizens in court

2002-08-02 Thread John Gilmore
[CSE = Canada's NSA. Supposedly legal under Patriot Act? --gnu] http://cryptome.org/ Canadians Listen in on NSA's Behalf A high-level U.S. intelligence source has revealed exclusively to Intelligence Online that some of the communications surveillance evidence used by the U.S. government to

Re: responding to claims about TCPA

2002-08-10 Thread John Gilmore
I asked Eric Murray, who knows something about TCPA, what he thought of some of the more ridiculous claims in Ross Anderson's FAQ (like the SNRL), and he didn't respond. I believe it is because he is unwilling to publicly take a position in opposition to such a famous and respected figure.

Paul Wouters: Update Tapping in the Netherlands

2002-08-13 Thread John Gilmore
[Paul has been tracking Dutch government requirements that ISPs implement covert wiretaps against their customers -- and the technical standards of the equipment that does it -- for a few years. See www.opentap.org. --gnu] From: Paul Wouters [EMAIL PROTECTED] Update tapping in the

NSA director Hayden's testimony on NSA and 9/11

2002-11-03 Thread John Gilmore
http://intelligence.senate.gov/0210hrg/021017/hayden.pdf Hayden's testimony deserves to go into the cryptome archives, and should be read by everyone on this list. He spends ten pages explaining how NSA worked on terrorism pre- and post-9/11, and then tells Congress that they can best help him

Why we spent a decade+ building strong crypto security

2002-11-19 Thread John Gilmore
. Make your security work end-to-end. Got STARTTLS? Got IPSEC? Got SSH? Use it or lose it. John Gilmore - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: AIR TRAVELER ID REQUIREMENT CHALLENGED

2002-11-19 Thread John Gilmore
I was browsing some of my old mail when I came across this. What's the status of Gilmore's case? The regulations I'm challenging purport to require air and train travelers to show a government issued ID. Every traveler has been subjected to these requirements, but it turns out that they

Re: DeCSS, crypto, law, and economics

2003-01-08 Thread John Gilmore
The truly amazing thing about this case is that the crime would not have occured if the studios had used decently-strong crypto. It's ironic that in an age when for cryptographers enjoy a historically-unprecedented lopsided advantage over cryptanalysts, the industry adopted a system that

Air ID: Gilmore v. Ashcroft: Friday AM hearing in SF

2003-01-14 Thread John Gilmore
. John Gilmore - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Re: RIAA turns against Hollings bill

2003-01-15 Thread John Gilmore
How does this latest development change the picture? If there is no Hollings bill, does this mean that Trusted Computing will be voluntary, as its proponents have always claimed? And if we no longer have such a threat of a mandated Trusted Computing technology, how bad is it for the system

Peacefire VOA need tech help to defeat China Firewall

2003-01-23 Thread John Gilmore
From: Bennett Haselton [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, January 20, 2003 6:26 AM Subject: volunteers to help work on anti-censorship technology [You are receiving this after signing up for membership in Peacefire at http://www.peacefire.org/join/. To unsubscribe yourself

NASA/NSA searching for Shuttle encryption system

2003-02-08 Thread John Gilmore
AP reported on Feb 7 that NASA is looking for a secret device that encrypts communication between the shuttle and ground controllers. If someone else finds it they could study the technology, says the AP. Sounds like fun for cypherpunks. Anybody seen it on eBay? :-) Alternatively, c'punks

Re: NSA being used to influence UN votes on Iraq

2003-03-05 Thread John Gilmore
JI questioned: Why is this even newsworthy? It's the NSA's responsibility to provide sigint and comint. Furthermore, if the delegates are not US citizens, and at least one end of the communication is outside the US, they are not even breaking any laws in doing so. If the US found a similar

Re: Russia Intercepts US Military Communications?

2003-03-31 Thread John Gilmore
I'm amazed at their claims of radio interception. 1. Look for plaintext. This was rule #1 stated by Robert Morris Sr. in his lecture to the annual Crypto conference after retiring as NSA's chief scientist. You'd be amazed how much of it is floating around out there, even in military

Re: GPS phones confiscated from reporters in Iraq

2003-03-31 Thread John Gilmore
http://www.newscientist.com/news/print.jsp?id=ns3567 It's nice to see that the US military realizes the terrible possibilities from tracking the movements of ordinary people (who happen to be soldiers or with soldiers). When will they get on the bandwagon demanding that person-tracking