From: Arun Mehta <amehta@giasdl01.vsnl.net.in>
Date: Sat, 13 Jul 1996 13:34:34 +0800
To: "Deranged Mutant" <WlkngOwl@unix.asb.com>
Subject: Re: Destabilizing China's Government with Strong Crypto
Message-ID: <1.5.4.32.19960713003051.002f9dac@giasdl01.vsnl.net.in>
MIME-Version: 1.0
Content-Type: text/plain


At 01:01 12/07/96 +0000, Deranged Mutant wrote:
>On 12 Jul 96 at 9:40, Arun Mehta wrote:
>[..]
>BTW, similar problems in Iran fro what I've heard.  I remember 
>hearing a blurb that VOA Chinese Programs explained how to make a 
>setellite dish out of aluminum foil, so pick up special VOA 
>boradcasts I'm sure... (That's rather intersting, because you can 
>crumple it up or wrap leftovers in it immediately.)

Is there a good hacker handbook, telling you how you can do things your
government won't let you, something along the lines of a modern-day Abbie
Hoffman "Steal This Book"? 
<grin, salivate>

>I'm told by some friends that the Chinese, in large part due to the 
>writing system, prefer FAXs over the internet.  That's something to 
>keep in mind.
>
>Hm... interesting project: a graphics program that works with PGP or 
>PGPlib.  One can import scanned images or draw onto the screen and 
>then encrypt it for mailing.

Excellent project. One reason that e-mail is picking up in popularity is
that sending a fax to the office address is like sending a postcard. 

>> 1) Collect the e-mail addresses as Allen suggested (including those in
>> Hongkong), and send them a single, short message offering to teach them free
>> of cost how to use pgp and all the goodies at
>> http://www.eskimo.com/~joelm/cbsw.html
>
>Might be condescending.  'Civilized white man brings PGP to the 
>barbarians...' 

Look around you: while "civilized", "white" and "man" might characterize the
vast (?) majority on this list, I'm sure that's not the universe on
cypherpunks. And how does it matter? I'm suggesting an e-mail course that
people may subscribe to if they wish. I'm currently attending a course on
Cyberspace-Law for Non-Lawyers, presented by the  Cyberspace Law Institute
and Counsel Connect with thousands of others
<http://www.counsel.com/cyberspace> -- I'm sure there are people from all
continents 
on that course, and the question of it being condescending hasn't arisen.

> They may well know about PGP, but not in a position 
>to make that knowledge widely known.

That's no good to the rest of the world. Forget them: the question is,  are
*you* in a position to share your knowledge?

>And if I were in a 'totalitarian' or restrictive country I'd be damn
suspicious,
>maybe frightened by this ('are the secret police setting me up?' or 'will the
>notice if I reply?'). 

Maybe lesson 1could be on how to use an encrypting anonymous remailer, and
those who succeed get lesson 2 onwards untraceably.  If they are suspicious,
they don't have to join or can unsubscribe.

>What if that person like the way their country is?  They 
>could inform the local authorities and set in motion a crackdown that 
>would not have happened, perhaps.

We say *nothing* during the course about what we feel about the political
situation in Singapore, the work situation in multinationals or Bill
Clinton. We restrict the course to a sharing of knowledge on crypto in the
Internet spirit of a free economy.

>I'd leave the specifics to activists who are already familiar with 
>the respective cultures, societies, politics, etc.... 

I'm one. Be glad to tell you more,...

>chances are they
>are already doing things along those lines. 

If they are, its only in pockets,  and they are doing an awful job of
telling people about it if none of us has heard. The Internet is still very
new here, most people don't know much about it except how to click the porn
bookmarks.

>Otherwise, if you don't 
>know what you're doing, you can unintentionally mess up somebody 
>else's life, if not your own.

It's only crypto, not the Bible or Koran. And let them be their own judges?
You seem to want to protect people in the Third World the way the US
government wants to keep cyberporn from kids.


From: tcmay@got.net (Timothy C. May)
Subject: Destabilizing China's Government with Strong Crypto
Sender: owner-cypherpunks@toad.com

>At 4:40 AM 7/12/96, Arun Mehta wrote:
...
>>2) Encourage the production of simple, cheap devices such as a PGP phone

<cited material snipped>

>>3) Find people who beam radio transmissions into China (Rupert Murdoch via
>>his Star TV satellite is one ;-) and ask them to devote an "Internet hour"

<cited material snipped>

>Good ideas, all. And deploying steganography is a natural fit to this
situation.

Thanks,  mate. What's the use of all the theory you develop and software
you'll write if it is inaccessible to those who need it most? Just think:
you work in a sensitive job, have a bad conscience about all the forests
that are being cut on account of collusion between the Forest Department and
the illegal loggers -- now you can maybe talk to someone about the weather
or the greatness of Kim Jong Il,  and in the process upload all you know
about the scandal, untraceable to you. 

From: "Peter D. Junger" <junger@pdj2-ra.F-REMOTE.CWRU.Edu>

>: 1) Collect the e-mail addresses as Allen suggested (including those in
>: Hongkong), and send them a single, short message offering to teach them free
>: of cost how to use pgp and all the goodies at
>: http://www.eskimo.com/~joelm/cbsw.html
>
>Unfortunately for those of us in the United States or who are
>otherwise subject to its jurisdiction such an offer would require a
>license or a waiver of jurisdiction under the International Traffic in
>Arms Regulations before it could safely be carried out.  That
>particular highly worthwhile project would seem to fall under the
>definition of performing defense services as well as involving the
>disclosure of technical data relating to an item on the United States
>Munitions List.

Did you let that stop you in the past? Suppose the course were conducted
from outside the US? The packages can in any case be downloaded legally from
outside. I'm sure there is no law against your telling me how to use a
particular software package? Anonymously, if you must?

What I have  in mind is as follows: 

"Building a Cryptobook" lists a number of software packages:

SecureDrive
PGP
Private Idaho
PGPfone
Wipe Utilities
S-Tools

Joel provides also the configuration steps needed to get it all working,
which is an excellent starting point. Suppose we do an e-mail course telling
people in simple language *why* they need this, what benefits they would get
as a result, how to download (idiot-proof instructions all through), and how
to set up *for basic, minimum security*. I'm sure the software packages will
have all sorts of bells and whistles that the novice doesn't need, not right
away. Maybe some or all of this instructional material is already available.
Could we pick up a set that is easy to understand and concise? That could be
packaged together as a course or a book, a sort-of "Crypto for Dummies."
Would people like to select individual software packages, and put the
material together? Everyone gets due credit, of course.

Think for a moment: Just as Nelson Mandela stood today at the corner of
Trafalgar Square in front of South Africa House, where I'm sure many of us
have shouted ,"Free Nelson Mandela!", some day soon we might get similar
thanks from some Chinese or heavens knows whom...

>From: Alan Olsen <alano@teleport.com>
>Another thing to do is get more web sites containing information of interest
>to people living in such regimes on SSL enabled web servers. 

This, and the encrypted fax would help greatly. I'm sure others have good
ideas too. Please send them. How does one go about facilitiating their
implementation?
Arun Mehta Phone +91-11-6841172, 6849103 amehta@cpsr.org
http://mahavir.doe.ernet.in/~pinaward/arun.htm
The protestors of Tiananmen Square will be back. Next time, 
the battle will be fought in cyberspace, where the students 
have the more powerful tanks...