1995-09-22 - Re: The Next Hack

Header Data

From: alt@iquest.net (Al Thompson)
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Message Hash: 3a95e4d07d66494ae11c58f31e57a417eedd0343ade05a839145e06309cca113
Message ID: <m0swDUR-00061EC@dorite1.iquest.net>
Reply To: N/A
UTC Datetime: 1995-09-22 19:10:46 UTC
Raw Date: Fri, 22 Sep 95 12:10:46 PDT

Raw message

From: alt@iquest.net (Al Thompson)
Date: Fri, 22 Sep 95 12:10:46 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: The Next Hack
Message-ID: <m0swDUR-00061EC@dorite1.iquest.net>
MIME-Version: 1.0
Content-Type: text/plain


At 05:01 AM 9/22/95 -0400, Futplex wrote:
>sameer writes:
>> 2) Organize a net-wide search over the space of the RNG seed to 
>> crack the private key of some well known secure server.
>> 
>> 3) Release the private key to the net.
>
>FWIW, for the record, I'm uncomfortable with this. It sounds unethical, IMHO.
>
>For me at least, targeting the key of some particular server that happens to
>be out there is over the line.
>
>If you said you would have someone volunteer a supposedly secure server for
>the challenge, I'd have no qualms.
  
I might disagree with the part about releasing it to the net, but I don't
disagree
with targeting a server which is claimed to be "secure."
 
Why?
 
Nobody would have been too upset or surprised if someone had built the
Titanic for the sole purpose of trying to sink it.  It only made waves (pun
alert)
because it was claimed to be "unsinkable" (secure), but sank anyway.
 
Maybe a good tactic would be to crack a "secure" server, and send the results
ONLY to the server operators, along with a description of machine-time involved.
 
Put out a public press release, describing the machine-time involved, how it was
possible due to weak crypto imposed by the government, and the possible
economic and commercial implications of said weak crypto.
 






Thread