1996-02-20 - Guaranteed snake-oil, er, privacy…

Header Data

From: geeman@best.com
To: cypherpunks@toad.com
Message Hash: 27484753311a9ba0f5de9f63917976956b0ad1dc68be6f2727df541fd105cac5
Message ID: <199602200202.SAA18639@shell1.best.com>
Reply To: N/A
UTC Datetime: 1996-02-20 04:36:55 UTC
Raw Date: Tue, 20 Feb 1996 12:36:55 +0800

Raw message

From: geeman@best.com
Date: Tue, 20 Feb 1996 12:36:55 +0800
To: cypherpunks@toad.com
Subject: Guaranteed snake-oil, er, privacy...
Message-ID: <199602200202.SAA18639@shell1.best.com>
MIME-Version: 1.0
Content-Type: text/plain


>> Sigh.  Here comes another one.....

         We have been trying to post this News Release to several 
         places in USENET, but are seemingly being thwarted by 
         person or persons unknown. Shortly after the posting, on 
         01-26-96, our postings were all methodically removed without
         any trace evidence. We have been unable to maintain their 
         posting since.

         We believe that the obvious malefactor may be at the root of these 
         problems. Why would 'they' try to keep this from coming to 
         light? Because 'they' know what is best for all of us. 

>> Maybe they know it's a waste of bandwidth!

The 
         posting(s) concern an extremely easy to use, unbreakable system 
         for encrypting all user sensitive data going out over Internet.
         As a reference to its unbreakability, I refer you to an 
         article by Paul Leyland on Internet at:

                http://dcs.ex.ac.uk/~aba/otp.html

         Mr. Leyland refers to some problems, which our PCX 
         system addresses and resolves.

>> That piece discusses true one-time pads. To anyone reading the posts on
Cpunks 
and sci.crypt regarding another purported purveyor of OTP technology, this is g
oing to ring some very familiar bells. Again: you can't create pseudo-randoms 
on-the-fly, algorithmically, and call it OTP. Just stop it!

[SNIP]

         The good obviously outweighs the bad. We must stop this 
         insanity of some imagined fear being advanced as the rationale 
         from keeping us from doing something that will immensely 
         benefit us all.      

         If we allow some crazed terrorist fear keep us from doing 
         something important, then we become the victims of that terror. 
         That is not right! We cannot let faceless terrorists dictate
         what we can and cannot do.  
                      
         With the forgoing in mind, we are pleased to make the 
         following press release: 
                        
>> I suppose it's possible that some intelligible text was run thru this 
package's transform, producting this example of random unintelligible gibberish!

                  If You Break our System, You've Bought our Company!


         Internet.Privacy.Guaranteed, IPG, today announced a new
         product line that guarantees privacy  for 2 to 20,000 or 
         more or more people on Internet. They back up there 
         Guarantee with their Corporate motto, 'If You Break our 
         System, You Have Bought our Company.'
  
  

         IPG Guarantees Absolute Privacy on Internet. Using the 
         trademark CRE transform, 

>> If I can find an explanation of what a CRE transform really is in any IPG
material, what do I get?

the IPG PCX Nvelopes system 
         translates any intelligble digitized information into
         random gibberish. 

>> So does XOR-ing a message with the output of my compiler's "rand()"
function: does this make it secure?  
Ridiculously not.

Only one other user, or more in certain 
         instances where there is a need to know,  will have the 
         Nvelopener required to transform the random gibberish back
         into intelligible digitized information. CRE Transforms,
         trademark IPG, are the only acknowledged unbreakable method
         of so transforming digitized information. 

>> Acknowledged by whom?  Where are they?  What do they really say?  What
information was given them 
about the implementation?  Who  is IDG, what are their bona-fides?  Did they
work for the Mossad once, per 
chance?  That's always a good line.....

There are no passwords,
         encryption keys, or anything like that to conjure up, remember, 
         and perhaps forget. PCX Nvelopes usage is automatic, similar 
         to PKZIPand PKUNZIP.   Easy to install, use, add to, and
         administer.


                        It is Unbreakable   

         If an individual, or any group of individuals, break the IPG
         Privacy System, IPG will sell them their company for $1.00,
         and even give them the dollar to buy it with. If you think you
         can, just try and find out that it is impossible. There may 
         be rumors that someone has broken the system, but that is not 
         possible, it will never happen.


                     Don't Waste your time !

         How dare IPG have the unmitigated gall? When you are certain,
         then you are certain, and IPG is certain! Others dare not
         make such a brazen boast because they cannot possibly back it
         up, but IPG most certainly can.  Every informed expert of the
         technology will confirm, without reservation, that the IPG
         system is not breakable, as many already have!  There, we
         have thrown down that gauntlet, dare you pick it up?  Be
         forewarned, if you do, in your quest, you will never become a
         knight; but instead, will only become utterly benighted.

>> Would you buy an encryption system from this (wo)/man?

                               CRE Transforms

         The system uses CRE transforms, called Nvelopes, to translate 
         any meaningful digitized information into random gibberish. In
         order to convert that random gibberish back into intelligible
         usable form, a Nvelopener is required, and only the recipient
         has the required Nvelopener.

>> OH, **THAT** explains it!   ROTFL!!!!







Thread