1994-09-12 - CEB September 11, 1994 issue 2

Header Data

From: “Gary Jeffers” <CCGARY@MIZZOU1.missouri.edu>
To: cypherpunks@toad.com
Message Hash: c056044c011d61cb436cfe778346257dafd7cfbd856370a72efccd91e1fbd3ce
Message ID: <9409120434.AA27988@toad.com>
Reply To: N/A
UTC Datetime: 1994-09-12 04:35:00 UTC
Raw Date: Sun, 11 Sep 94 21:35:00 PDT

Raw message

From: "Gary Jeffers" <CCGARY@MIZZOU1.missouri.edu>
Date: Sun, 11 Sep 94 21:35:00 PDT
To: cypherpunks@toad.com
Subject: CEB September 11, 1994 issue 2
Message-ID: <9409120434.AA27988@toad.com>
MIME-Version: 1.0
Content-Type: text/plain



         CYPHER-REBELS ELECTRONIC BOOK (CEB)  SEPTEMBER 11, 1994
                             ISSUE 2
                    Publisher Gary Lee Jeffers
                   ccgary@mizzou1.missouri.edu

   A compendium of the best software & info for today's electronic
privacy freedom fighters. This text may be distributed in part or
in full anywhere you want. It may be given away freely or copies
may be sold. CEB wants to be free & valuable.


If, as Chairman Mao says: "Political power grows out of the barrel of
a gun.", then what is democracy?


                   TABLE OF CONTENTS

Chapter 1. PGP
Section 1. PGP general
Section 2. Michael Johnson's PGP FAQ contribution
Section 3. Stealth PGP.

Chapter 2. Steganography. "A picture is worth a thousand words."

Chapter 3. Shells for PGP
Section 1. Christopher W. Geib's WinPGP26.ZIP
Section 2. Ross Barclay's WinFront 3.0

Chapter 4. Generally cool things.
Section 1. Loompanics sources.
Section 2. Viruses sources.

Chapter 5. Getting the Cypherpunks' archived & indexed list.

Chapter 6. Remailers & chained remailers.

Chapter 7. Current problems in Crypt.

Chapter 8. Text sources.
Section 1. Books
Section 2. Rants
Section 3. CYPHERNOMICON - Tim May's "official" Cypherpunks' FAQ.

Chapter 9. Cypherpunks' mailing list. getting on etc..




 CCCCCCCCCC    YYYY   YYYY    PPPPPP    HH    HH    EEEEEEE   RRRRRRRRR
 CCCCCCCCCC     YY   YY       PP  PP    HH    HH    EEEEEEE   RRRRRRRRR
 CCC            YY  YY        PP  PP    HH    HH    EE        RR     RR
 CCC            YY YY         PPPPPP    HHHHHHHH    EE        RR     RR
 CCC             YYY          PP        HHHHHHHH    EEEEEEE   RR     RR
 CCC             YYY          PP        HH    HH    EEEEEEE   RRRRRRRR
 CCC             YYY          PP        HH    HH    EE        RRRRRRR
 CCC             YYY          PP        HH    HH    EE        RRRRRR
 CCCCCCCCCC      YYY          PP        HH    HH    EE        RR RR
 CCCCCCCCCCC     YYY          PP        HH    HH    EEEEEEE   RR  RR
                              PP        HH    HH    EEEEEEE   RR   RR
    RRRRRRRRRRR                                               RR    RR
   RRRRRRRRRRRRRR                              EEEEEEEEE
   RRRRRRRRRRR    EEEEEEEEEEE   BBBBBBBB      EEEEEEEEEE         SSSSSSS
   RRRRRRRR         EEEEEEEEE   BBBBBBBBBBB   EE EEEEEEE       SSSSSSSSS
  RR   RRRR        EEEEEEEEEE   BBBBBBBBBB  EEEEEEE           SSSSSSSSS
 RRR     RRRR     EEEEEEEE      BBBBBBBB    EEEEEEE          SSSSSSSS
 RRR      RRRRR   EEEEEE        BBBBBB      EEEEEEEE       SSSSSSSSS
 RRRRRRRRRRRRRR   EEEEEEE       BBB         EEEEEEEEEEE    SSSSSSSSSS
 RRRRRRRRRRRRRR   EEEEEEEEEE    BB          EEEEEEEEEEE   SSSSSSS
 RRRRRRR  RRRR    EEEEEEEEEE    BBB         EEEEEEEEEEEEEE SSSSSSSSSSSSS
 RRR    RRRRR     EEEEEEEEEEEE  BBBBB       EEEEEEEEEEEEEEE SSSSSSSSSSSS
 RRRRR   RR       EEEEEEEE      BBBBBBB     EEEEEEEEE         SSSSSSSSSS
 RR  RRRRR        EEEEEE        BBBBBBBBB   EEEEEEE          SSSSSSSSSS
 RR    RRRRR      EEEEEE        BBBBBBBBB   EEEEEEE         SSSSSSSSSS
 RRR   RRRRRR     EEEEEEEEEEE    BBBBBBBB   EEEEEEEEEEEE   SSSSSSSSSSS
 RRRR  RRRRRRR    EEEEEEEEEEEEE  BBBBBBB   EEEEEEEEEEEEE SSSSSSSSSSSS






            PPPPPPPPPPP       GGGGGGGGG            PPPPPPPPPPP
           PPPPPPPPPPP       GGGGGGGGG            PPPPPPPPPPP
          PPP       PP      GGG                  PPP       PP
         PPPPPPPPPPPP      GGG GGGGGGG          PPPPPPPPPPP
        PPPPPPPPPP        GGG  GGGGGGG         PPPPPPPP
       PPP               GGG        GG        PPP
      PPP               GGGGGGGGGGGGG        PPP
     PPP                GGGGGGGGGGGG        PPP



Chapter 1. PGP general.

PGP is Pretty Good Privacy from Phil Zimmermann. It is currently the
best available encryption available to civilians at large.
Zimmermann is the programmer on the original PGP versions but now,
apparently, just guides other programmers in making improved versions.
PGP uses two encryption algorithms: RSA for its Public Key powers &
IDEA for its bulk encryption. The advantages of PGP over other
crypt/decrypt systems are:
1. RSA algorithm. Allows users to communicate without needing a secure
channel to exchange keys. - PUBLIC KEY ENCRYPTION.
2. The program system has been very well done & has huge development
support.
3. It has huge popularity.
4. Security is guaranteed with distribution of source code & public
investigation.
5. Its free.
6. Both RSA & IDEA are "STRONG" algorithms.

MIT,s PGP 2.6 has the blessing of Zimmermann.
PGP 2.6 ui is believed to have Zimmermann's approval because he has not
attacked it. It is believed that Zimmermann will not endorse the ui
version due to possible legal problems.


Section 2: Michael Johnson's PGP FAQ contribution

Michael Paul Johnson <mpj@netcom.com> has an excellent faq on
Subject: Where to Get the Latest PGP (Pretty Good Privacy) FAQ
(Last modified: 7 September 1994 by Mike Johnson)

 You can get this faq by anonymous ftp to:
ftp.csn.net /mpg/getpgp.asc

It is also posted monthly on alt.security.pgp

   The latest versions of PGP are VIACRYPT PGP 2.7 , MIT PGP 2.6.1
& PGP 2.6ui. Which is best? I would say MIT PGP 2.6.1. It has source
code which VIACRYPT doesn't give you & it is more advanced than the
ui version. In comparing the MIT & ui versions, Michael Johnson
had this to say: "The "unofficial international" versions are
really just PGP 2.3a, modified just enough to make it compatible        ust
with MIT PGP 2.6, but do not include all of the fixes in MIT PGP 2.6     the
and MIT PGP 2.6.1.  They are named pgp26ui* or have "ui" somewhere       a
in their file names." In his faq, he gives some instances in which      sions
the ui version might be preferable.


Section 3: Michael Johnson's PGP bomb contribution.
From: Michael Johnson <mpj@csn.org>
Subject: PGP Time Bomb FAQ


PGP TIME BOMB FAQ

Michael Johnson writes:
"There has been some confusion about the annoying "Time Bomb" in MIT PGP2.6,
as well as some other PGP version compatibility issues. This is an attempt to
clear up some of that confusion."

You can get this faq by anonymous ftp to:
ftp.csn.net /mpj/pgpbomb.asc



Section 3. Stealth PGP                                                   37

   Stealth PGP refers to a PGP file that does not have the
RSA prefix tag on the beginning of a PGP encrypted file or to PGP
utility software that disguises this tag. Possibly, a later version
of PGP with have this as an option.

   The advantages of "Stealthy" PGP are that its files  cannot be found
by Internet search programs that hunt for the PGP/RSA tag & that a
"Stealthy" file may be more securely hidden by a good steganography
program.

From: Mark Grant <mark@unicorn.com>
Subject: Stealth PGP

Responding to my question "Has Stealth PGP been done yet?"
Mark Grant says:

Kind of, there's a 'stealth' filter available that strips and attaches
headers to PGP messages after encryption. It's available from various
places, and the documentation is available on my 'other people's PGP
addons' WWW page :

        http://www.c2.org/~mark/pgp/other.html

There's also information about Privtool, my PGP-aware mail program for
Sun workstations at :

        http://www.c2.org/~mark/privtool/privtool.html

                Mark

EMAIL: mark@unicorn.com
URL  : http://www.c2.org/~mark/


 Chapter 2. Steganography "A picture is worth a thousand words."

                   =============================================
    %%             =             !I                            =
   %% %%%          =           !!!                 BB          =
  %%%* *%%%%       =        **!!**                &            =
  *** @**          =       u   \  x!             ) <           =
   *  ***          +   m              )         c   $          =
    **             =   #               k        }             =
                  =    $%-            &         u    =        =
 -------           =     @!p        +e$            ~    #      =
                  =       h      6&                ;    |    =
                  =         =,#                       {{      =
                  =                                           =
                 =                                           =
                 =                                           =
                 =============================================
                         STILL LIFE WITH CRYPT
                   +++++++++++++++++++++++++++++++++++++++++++++

Steganography is the craft of hiding messages in pictures. The text is,
of course, encrypted text rather than plain text.


The current best steganography program has been done by Arsen Arachelian
Below, follows his text contribution:


From: rarachel@prism.poly.edu (Arsen Ray Arachelian)

WNSTORM is available from:
ftp.wimsey.bc.ca:/pub/crypto/software/dist/US_or_Canada_only_XXXXXXX/Steg

Usual routine to get it. i.e. cd /pub/crypto/software, get the README
file, and if you agree to the terms then follow the instructions.

Short description off the top of my head (I wrote the beastie)  Another
info scrap should be in the same directory as WNSTORM.


WNSTORM is a data encryption/steganography utility which is pretty secure for
most uses.  Unlike some stego systems WNSTORM is expandible, all you have to
do is write your own LSB injector/extractor for whatever data format you wish
to hide information into.

WNSTORM doesn't require the recipient of the host picture, sound, movie, etc.
to have the original un-stormed picture.  Unlike primitive stego programs,
WNSTORM doesn't compare an stormed picture with an unstormed picture.

WNSTORM will cover its tracks statistically.  If it changes a 0 bit in the
LSB data stream to a zero, or a 1 bit to a 1, it does nothing.  If it changes
a 1 bit to a zero, it will balance itself by changing an unused adjacent 0
bit to a 1.  Ditto for a 0->1 transform.

WNSTORM will NOT change every bit of the LSB in order to prevent detection.
It will use a passkey along with a probabilistic algorithm to decide which
bits it will change.  The algorithm for picking bits depends on the previous
succesfully encoded/decoded cyphertext AND the passkey.

Internally WNSTORM works by picking "windows" or "packets" of bytes out of
either a random number stream or an LSB stream extracted from a picture,
sound, movie, etc.  It then injects eight bits of cyphertext into this window.
Each window is of variable size.  The bit locations where the bits are inserted
are randomly exchanged for each pass.  The bit values are also randomly
exchanged for each pass.

WNSTORM includes an injector/extractor for PCX images, however I will write
more injecotr/extractor programs for it in the future, and OTHERS can do so
as well.



Chapter 3. Shells for PGP.

Section 1. Christopher W. Geib's WinPGP26.ZIP

From: "David K. Merriman" <merriman@metronet.com>
Subject: Christopher W. Geib's Windows PGP shell

I've just finished making an ftp deposit to soda in the cypherpunks/
 incoming directory of WinPGP26.ZIP; it's the latest version of the
 Windows PGP shell Shareware, and understands 2.6/2.6ui/2.7.

Dave Merriman


Section 2. Ross Barclay's WinFront 3.0

From: Ross Barclay <RBARCLAY@TrentU.ca>
Subject: PGP WinFront 3.0 Now Available! (New Windows front end for PGP)
To: cypherpunks@toad.com, ~rbarclay@TrentU.ca

-----BEGIN PGP SIGNED MESSAGE-----

Announcing PGP WinFront 3.0
~~~~~~~~~~~~~~~~~~~~~~~~~~~

A freeware Windows front end for PGP 2.3a and 2.6
Copyright 1994 Ross Barclay (rbarclay@trentu.ca)

WHAT IT IS:

        - PGP WinFront is the most fully featured free (or
        otherwise) Windows front end available. It will make
        using PGP easy for beginners, and it will drastically
        increase the speed at which experts use it too.

        PGP WinFront is now into is third revision and I have
        tried to implement as many of the suggestions that I
        received as possible. PGP WinFront was designed by
        its users, but was coded by me.

        Features:

        - Supports secret key ring placement on floppy drive
        - Support en/decryption to/from clipboard
        - Move / Copy / Delete files
        - Online hypertext help
        - Online hypertext PGP help
        - Keyring reader to pick names, view key characteristics
        - Keyring reader supports less-often used "huge" keyrings
        - Signature Checker
        - Very configurable - over 25 user-definable settings
        - more . . .

        This program does too much to list here. And it's free!

        This version is a complete rewrite of the popular
        PGP WinFront 2.0. The feature-set has largely been
        set by users who sent in suggestions.

        Please read the file README.TXT and peruse the help
        files. Please send me your comments.

HOW TO GET IT:

        At the moment, there are 2 ways to get this program:

        1) Via FTP

        - The PGP WinFront 3.0 filename is called PWF30.ZIP.

        - It has been uploaded to the incoming directories of
        the following FTP sites:

                ftp.cica.indiana.edu
                ftp.eff.org
                ftp.wimsey.bc.ca
                black.ox.ac.uk
                soda.berkeley.edu
                ftp.informatik.uni-hamburg.de
                ftp.ee.und.ac.za
                ftp.demon.co.uk

        - Hopefully, they will be slotted into the PGP directories
        soon. On CICA, it will be placed into \pub\pc\win3\utils.
        That is where PWF20.ZIP was placed.

        - Once you get the program, please upload it to other
        FTP sites!

        2) From Colorado Catacombs BBS

        - dial (303)772-1062. The file is called PWF30.ZIP

        - once you get the program, please upload it to other
        BBSs.

        *** The mail access system I had was discontinued. This is
        because the file was too big to fit into my account.
        However, you can still register PWF and request certain
        PGP and PWF related items using my mail access system.
        Details of these are on the "About" screen of PWF 30.

- --Ross Barclay


- -------------------------------------------------------------------------
Ross Barclay (rbarclay@trentu.ca), Assistant Editor | To receive my PGP
                                                    | public key,  send
PC NEWS Review: Windows Edition                     | me e-mail with the
Bellevue, WA  (206) 399-8700                        | subject: GET KEY
- -------------------------------------------------------------------------
To receive PC NEWS Review, send me e-mail with the subject: GET PNR.
- -------------------------------------------------------------------------


-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQBVAwUBLmZ7fdgpRteEZ9JhAQFeXgIAxIpvJQeMsx7YecNgtusBDMqL662XFeX2
qL0qF8HcN4ReZ9MYjtn9t8N1zWGxkPOXQEI3KfM7uk8JTzxjZ5LG2g==
=gSYT
-----END PGP SIGNATURE-----

Chapter 4. Generally cool things.

Section 1. Loompanics sources.
Something cool from Vincent:

Most of the Loompanics Unlimited catalog is online as:

       gopher://gopher.well.sf.ca.us/00/Business/catalog.asc

And you can send mail to them at:

       loompanx@pt.olympus.net

   You can also get their catalog at:
Loompanics Unlimited
PO box 1197                                                              33
Port Townsend, Wa.
98368                                                                   P id

Send $5.00 for their general catalog - free with any order.

Section 2. Viruses sources.


          AMERICAN EAGLE PUBLICATIONS

Cypherpunks,
   I have found a source of info. that I just must share!

American Eagle Publications, Inc.
P. O. Box 41401
Tucson, AZ 85717

   I'm sure they will send you a catalog just for the asking.

   So, what are they about? They are about VIRUSES! They don't just
carry a couple of virus things - they are the VIRUSES-ARE-US of the
virus world! They have a journal: Computer Virus Developments Quarterly.
They have books on viruses, virus protection, cryptanalysis, the science
fiction book "Heiland", a CD-ROM for $99.95 of several thousand live
viruses, disks of viruses with source code, executable & utilities,
programs & cards for boot protection, & even a virus IDEA computer
system protector.

   Copy follows for two items of particular interest to Cypherpunks:

POTASSIUM HYDROXIDE, KOH
 By the "King of Hearts"
   A sophisticated piece of software which uses ideas first developed by
computer virus writers to secure your computer system against those who
would like to get their hands on the information in it. You give KOH a
pass phrase, & it uses state of the art IDEA data encryption algorithm
to encrypt all of the information on your hard disk & your floppies. It
is, for all intents & purposes, unbreakable, & works well with DOS &
Windows. Many encryption programs offered commercially are easily
cracked, but this one is not.
   Some people call this program a virus, come say it is not. In ways,
it acts like a virus to do some of your security housekeeping for you.
Yet at worst it is a friendly virus that lets you choose when & how
it will replicate.
   program & manual on disk, $10
program, full source, & manual on disk, $20
(Overseas customers add $12: KOH cannot be exported from the US, but
since it was not developed in the US, we will forward your order to the
overseas distributor. Please allow 6 weeks for delivery)


HEILAND
By Franklin Sanders
276 pages, Paperback, 1986

   Here's an entertaining book about America in the year 2020. If you
wonder if it's proper to use viruses in wartime or if such a virus could
be termed "good", this book will give you some food for thought. Sanders
makes use of computer "worms" when the oppressed people of the US attack
the federal government in an all-out war against tyranny. Sanders uses
his worms right too - not as some all-powerful monster. Rather, they are
deployed as part of a larger military strategy. For a book written in
1986, that's not bad!
   And if you're fed up with the government, this book is sure to give
you a vision for the future. Sanders has been part of the mounting tax
protest in this country. He's fought the IRS in court for years & won
some important battles. Unfortunately the government seems to be con-
firming some of his worst suspensions about them. Now you can get a good
dose of his philosophy & his ideas about remedying our problems. And if
you work for the government, don't be offended - this book is doubly
recommended for you!
Book, $8.00

for shipping add $2 per book. 5% sales tax for AZ. residents.

   It is my belief that in the next few years more uses for viruses
than just being a vandal will be found. Also, they may find a place
in protecting our electronic freedom. - for instance virus remailers.
Also see my previous post - The FREEDOM DEAMON. Also, they have a place
in my CHATTERBOX concept(a remailer for chat mode or commands).
"Viruses aren't just for Sociopaths anymore!"
   Also, I suspect the state may start cracking down on virus tech-
nology. Incidentally, did you all know that crypt has a place in modern
viruses? Encryption is used to hide "nasty" code & virus signatures
until they get into the system & decrypt.
                                         Yours Truly,
                                         Gary Jeffers

                                         PUSH EM BACK!  PUSH EM BACK!
                                         WWWAAAYYY  BBBAAACCCKK!
                                         BBBEEEAAATTTTT  STATE  !

Chapter 5. Getting the Cypherpunks' archived & indexed list.

Vincent also tells us about the complete Cypherpunk's text on line
& indexed with fast access times:

Eric Johnson has put one together as:

   http://pmip.maricopa.edu/crypt/cypherpunks/Cypherpunks.src


Please don't think that you used to be safe doing something illegal on
this list and that you no longer are.  That would be foolish.

  -- Vince


The "http" is for "Hyper-Text Transport Protocol".  This is not FTP,
though it is a protocol similar in function to FTP.  It is used by
"WWW" (World Wide Web) of which Mosaic is the most popular
implementation.  If you have Mosaic, you can just give the above path.
If you do not have mosaic, you should spend some time trying to get it.
Mosaic makes it really easy to quickly move through lots of information
on the net.  Mosaic is a point and click hypertext interface.  You
can FTP to ftp.ncsa.uiuc.edu and go into Mosaic.


WWW has a simple language for writting your own hypertext documents -
"HTML" (Hyper Text Markup Language).  You can think of this as sort of
like Troff, LaTeX or Postscript, but for hypertext documents.  One page
of HTML can make dozens of normal files easy to access. For example, my
README.html security page points to many normal files:

     ftp://furmint.nectar.cs.cmu.edu/security/README.html

It turns out that the mail database is really in "WAIS" (Wide Area
Information Server).  You can use WAIS directly, though I think it is
easier to use through mosaic.  To use WAIS you would do:

 ws -h pmip.maricopa.edu -d cpindex/Cypherpunks <keyword>

The "ws" may be "waissearch" on your system.  You can get lots of info
on WAIS from ftp://wais.think.com/comp.infosystems.wais-FAQ

As someone pointed out, this "http" method does not yet work with
"lynx" (a text only implementation of WWW) on the cypherpunks mail
database.  It seems it will take a new version of lynx or WAIS for this
to work.  But the Unix "xmosaic" works fine. :-)

This form of global filename starting with something like "ftp://",
"http://", "gopher://" etc is also part of the WWW architecture.
These names are called "URLs" for Universal Resource Locator.

Well, that is probably enough acronyms for today.  :-)

   -- Vince

From: Vincent.Cate@FURMINT.NECTAR.CS.CMU.EDU
To: cypherpunks@toad.com
Subject: WWW Acronyms (was Re: Cypherpunks' mail database does exist)

Gary Jeffers:
>   Vincent, you  state that a fully archived, indexed cypherpunks
>mailing list exists as:
>http://pmip.maricopa.edu/crypt/cypherpunks/cypherpunks.src
>Ok, so I ftp'ed to pmip.maricopa.edu & tried to get to cypherpunks.src,
>but even the subdirectories weren't there.

The "http" is for "Hyper-Text Transport Protocol".  This is not FTP,
though it is a protocol similar in function to FTP.  It is used by
"WWW" (World Wide Web) of which Mosaic is the most popular
implementation.  If you have Mosaic, you can just give the above path.
If you do not have mosaic, you should spend some time trying to get it.
Mosaic makes it really easy to quickly move through lots of information
on the net.  Mosaic is a point and click hypertext interface.  You
can FTP to ftp.ncsa.uiuc.edu and go into Mosaic.

You also have a typo, it is "Cypherpunks.src" with a capital C.

WWW has a simple language for writting your own hypertext documents -
"HTML" (Hyper Text Markup Language).  You can think of this as sort of
like Troff, LaTeX or Postscript, but for hypertext documents.  One page
of HTML can make dozens of normal files easy to access. For example, my
README.html security page points to many normal files:

     ftp://furmint.nectar.cs.cmu.edu/security/README.html

It turns out that the mail database is really in "WAIS" (Wide Area
Information Server).  You can use WAIS directly, though I think it is
easier to use through mosaic.  To use WAIS you would do:

 ws -h pmip.maricopa.edu -d cpindex/Cypherpunks <keyword>

The "ws" may be "waissearch" on your system.  You can get lots of info
on WAIS from ftp://wais.think.com/comp.infosystems.wais-FAQ

As someone pointed out, this "http" method does not yet work with
"lynx" (a text only implementation of WWW) on the cypherpunks mail
database.  It seems it will take a new version of lynx or WAIS for this
to work.  But the Unix "xmosaic" works fine. :-)

This form of global filename starting with something like "ftp://",
"http://", "gopher://" etc is also part of the WWW architecture.
These names are called "URLs" for Universal Resource Locator.

Well, that is probably enough acronyms for today.  :-)

   -- Vince

PS  I only read cypherpunks once a day, some time after midnight when my
    collection for the day is done.





From: rishab@dxm.ernet.in
Subject: Accessing the Cpunk WAIS archive

"Gary Jeffers" <vikram!CCGARY@MIZZOU1.missouri.edu>
> http://pmip.maricopa.edu/crypt/cypherpunks/Cypherpunks.src
> is the location of all the Cypherpunks' posts with index. I can
> get to this place by placing a "www" in front of this instruction.

Do an archie search for lynx or mosaic or some other decent browser.
This is a WAIS indexed archive; no hyper links; you type in a keyword,
and get a list of matching articles, and select one (or more) of them to
look at.

-----------------------------------------------------------------------------
Rishab Aiyer Ghosh             "Clean the air! clean the sky! wash the wind!
rishab@dxm.ernet.in                   take stone from stone and wash them..."
Voice/Fax/Data +91 11 6853410
Voicemail +91 11 3760335                 H 34C Saket, New Delhi 110017, INDIA


Chapter 6. Remailers & chained remailers.


From: wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
Message-Id: <9408300753.AA22369@anchor.ho.att.com>
To: CCGARY@MIZZOU1.missouri.edu
Subject: Re:  Using remailers, chained remailers?

There's somebody who posts a remailer summary to the list about monthly.

There are three or four sets of remailers out there:
- anon.penet.fi, which gives you an account an12345@anon.penet.fi
which people can reply to.  Send "Subject: help" to anon@anon.penet.fi
and it'll probably give you a useful reply.  Its big use is for
anonymous Usenet posting with working replies.

- The cypherpunks remailers, which are mostly one-way no-reply mailers;
some also support Usenet posting.  Soda is pretty typical.

- Various enhanced cypherpunks remailers, which have features like
encrypted reply addresses you can attach at the end.

You can get information on using the soda remailer by sending email
to remailer@csua.berkeley.edu, with "help" somewhere in the posting;
I'm not sure if it wants it in the Subject: or in the body.
That's the remailer that posts from "Tommy the Tourist" with
random NSA-bait at the bottom of postings.

Here's a recent posting on getting status of remailers.
Note that some really only remail once per day, so they may be
working fine even if it says they're not.

----
Date: Mon, 15 Aug 1994 13:39:33 -0700
From: Raph Levien <raph@kiwi.CS.Berkeley.EDU>
To: cypherpunks@toad.com
Subject: "finger remailer-list@kiwi.cs.berkeley.edu" now operational

Hi all,

   I have written and installed a remailer pinging script which
collects detailed information about remailer features and reliability.

   To use it, just finger remailer-list@kiwi.cs.berkeley.edu

   There is also a Web version of the same information, at
http://http.cs.berkeley.edu/~raph/remailer-list.html

   Please do not take the uptime figures too seriously, at least for
another week or so. The script has only been running reliably for a
few days.

   Please let me know about any other remailers which I missed. I've
only included remailers which can mail to arbitrary addresses, so I
already know chop and twwells are missing.

   If you've got a Web page, please feel free to include a link to
this page. If you think your Web page is relevant to the subject of
remailers, let me know and I'll link it in.

   Comments and suggestions welcome!

Raph Levien


-------
# Bill Stewart  AT&T Global Information Solutions, aka NCR Corp
# 6870 Koll Center Parkway, Pleasanton CA, 94566 Phone 1-510-484-6204 fax-6399
# email bill.stewart@pleasantonca.ncr.com billstewart@attmail.com
# ViaCrypt PGP Key IDs 384/C2AFCD 1024/9D6465


Chapter 7. Current problems in Crypt.

1. We need an Internet Chat PGP system for conversations in real time.
   Note: #Freedom channel on the Internet Chat system has carried out
   fast encrypted conversations for years. When a Cypherpunk contacted
   one of their members (Sargent someone), he was politely told that
   their system was private. Sargent was unwilling to disclose method.
   Is their system some kind of security by obscurity code that
   cannot be varied (like by a drop in crypt/decrypt algorithm)? Or
   maybe the crypt method could be a drop in variable method & Sarge
   was unaware of it? Possibly other #Freedom members would be more
   knowledgeable? Possibly, a knowledgeable & diplomatic Cypherpunk
   could hit paydirt by pursuing this.
2. Has Arsen Arachelian really solved the problem of discovery of crypt
   in steganograpy by statistical examination of the least significant
   bits in his WNSTROM? I have seen no debate on this.
3. If the Feds capture the internet & put their anti-privacy hardware
   & protocols in place & outlaw remailers, does anyone have any idea
   how to build secure & effective remailers? A "Fortress remailer"?
4. If the above possibility happens & Cyperpunks' list is outlawed,
   does anyone have ideas how to make a "Fortress list"?


Chapter 8. Text sources.
Section 1. Books.

From: Stanton McCandlish <mech@eff.org>
Subject: O'Reilly PGP book
Date: Wed, 7 Sep 1994 13:38:58 -0400 (EDT)

coming soon, PGP hits the mainstream:


   PGP: Pretty Good Privacy
   by Simson Garfinkel
   1st Edition November 1994 (est.)
   250 pages (est),ISBN: 1-56592-098-8, $17.95 (est)

     PGP is a freely available encryption program that protects the
privacy of files and electronic mail.  It uses powerful public key
cryptography and works on virtually every platform.  PGP: Pretty Good
Privacy by Simson Garfinkel is both a readable technical users guide and
a fascinating behind-the-scenes look at cryptography and privacy.  Part I
of the book describes how to use PGP:  protecting files and email,
creating and using keys, signing messages, certifying and distributing
keys, and using key servers.  Part II provides background on cryptography,
battles against public key patents and U.S. government export restrictions,
and other aspects of the ongoing public debates about privacy and free
speech.
--
<A HREF="http://www.eff.org/~mech/mech.html">       Stanton McCandlish
</A><HR><A HREF="mailto:mech@eff.org">              mech@eff.org
</A><P><A HREF="http://www.eff.org/">               Electronic Frontier Fndtn.
</A><P>   Online Activist       

   The best book in cryptography is:
APPLIED CRYPTOGRAPHY  Protocols, Algorithms, and Source Code in C
by Bruce Schneier
Loompanics advertising copy follows:
 In Applied Cryptography, data security expert Bruce Schneier details
how programmers can use cryptography - the technique of enciphering
messages - to maintain the privacy of computer data. Covering the latest
developments in practical cryptographic techniques, the book shows
programmers who design computer software and systems we use every day.
   Along with more than 100 pages of actual C source code of working
cryptographic algorithms, this pratical handbook:

* Explains data encryption protocols and techniques currently in use
and likely to be used in the future.
* Offers numerous present day applications - from secure correspondence
to anonymous messaging.
* Includes numerous source code fragments and shows how to incorporate
them into larger programs.
* Discusses related issues like patents, export laws, and legal rulings.
  And much more!

1994, 7 1/2 x 9, 636 pp, Illustrated, indexed, soft cover.
APPLIED CRYPTOGRAPHY: $44.95
(order number 10062)
$4.00 for shipping and handling. UPS ground. Additional $7.50 if you
want UPS w day air(blue)- that would be $11.50.

Loompanics Unlimited
PO Box 1197
Port Townsend, WA 98368

Section 2. Rants.


For good rants FTP to soda.berkeley.edu   /pub/cypherpunks/rants

Section 3. CYPHERNOMICON - Tim May's "official" Cypherpunks' FAQ.
   This is a giant (1.3MB uncompressed) faq by Tim May.

To get it by anonymous ftp:
ftp to ftp.netcom.com /pub/tcmay  - This directory has it & its
associated files.


Chapter 9. Cypherpunks' mailing list. getting on etc..


======================================================================== 63
X-Delivery-Notice:  SMTP MAIL FROM does not correspond to sender.
Received: from MIZZOU1 (SMTP) by MIZZOU1 (Mailer R2.10 ptf000) with BSMTP id
 8875; Sun, 11 Sep 94 23:25:40 CDT
Received: from relay2.UU.NET by MIZZOU1.missouri.edu (IBM VM SMTP V2R2)
   with TCP; Sun, 11 Sep 94 23:25:39 CDT
Received: from toad.com by relay2.UU.NET with SMTP
        id QQxgzh01248; Mon, 12 Sep 1994 00:22:38 -0400
Received: by toad.com id AA27527; Sun, 11 Sep 94 21:22:46 PDT
Date: Sun, 11 Sep 94 21:22:46 PDT
Message-Id: <9409120422.AA27527@toad.com>
To: CCGARY@MIZZOU1.missouri.edu
From: Majordomo@toad.com
Subject: Majordomo results
Reply-To: Majordomo@toad.com

--

>>>> help
This is Brent Chapman's "Majordomo" mailing list manager, version 1.92.

In the description below items contained in []'s are optional. When
providing the item, do not include the []'s around it.

It understands the following commands:

    subscribe <list> [<address>]
        Subscribe yourself (or <address> if specified) to the named <list>.

    unsubscribe <list> [<address>]
        Unsubscribe yourself (or <address> if specified) from the named <list>.

    get <list> <filename>
        Get a file related to <list>.

    index <list>
        Return an index of files you can "get" for <list>.

    which [<address>]
        Find out which lists you (or <address> if specified) are on.

    who <list>
        Find out who is on the named <list>.

    info <list>
        Retrieve the general introductory information for the named <list>.

    lists
        Show the lists served by this Majordomo server.

    help
        Retrieve this message.

    end
        Stop processing commands (useful if your mailer adds a signature).

Commands should be sent in the body of an email message to
"Majordomo@toad.com".

Commands in the "Subject:" line NOT processed.

If you have any questions or problems, please contact
"Majordomo-Owner@toad.com".




                                       PUSH EM BACK! PUSH EM BACK!
                                       WWWAAAYYYY  BBBAAACCCK!
                                       BBBEEEAAATTTT  STATE!





Thread