From: semprini@theschool.com
Date: Sat, 8 Nov 1997 17:08:22 +0800
To: cypherpunks@toad.com
Subject: Totally breakable V(aporware) M(oney-making) E(ncryption)
Message-ID: <199711080901.BAA13088@k2.brigadoon.com>
MIME-Version: 1.0
Content-Type: text/plain



I just finished reading the contents of the VME web-site. I have a 
few things to say. :)

First of all the web-site blows elephant cock. You would think with 
guys smart enough to come up with "unbreakable encryption", they 
would at least be able to design a good site.

Second, they make a big deal about how fast it is and how it can 
encrypt *ONE WHOLE FAT MEGABYTE A MINUTE*! Big whoop. Hope nobody 
wants to encrypt anything useful besides teensy weensy e-mails, 
'cause you're gonna grow old before it finishes encrypting.

Third, what the hell good is it if nobody can see the source code? 
It's well known that a trademark of bad cryptographic systems are the 
ones that rely on secrecy of the algorithm. Some happy little geek in 
his college computer lab is going to spend the time needed to reverse 
engineer the program, which they claim is "impossible to reverse 
engineer". Well, they didn't say it was "impossible", but they did 
say that the code is so complicated that nobody would be able to 
understand it if they ever did reverse engineer it. Bullshit. I know a 
15 year old kid who actually has the patience to go through a few 
thousand lines of assembly code just to see what a program really 
does.

Fourth, as someone else pointed out, the description of the algorithm 
is filled with words like "revolutionary" and "super-fast", etc. The 
descriptions of how the program works are so vague and general that 
it hards to believe they even have a running program. The description 
of the encryption sounds all very pretty, but I seriously wonder if 
that's the extent of the security. Almost like having a gold plated 
sign on your door saying "Keep out!" and then leaving your door 
unlocked. 

Fifth, their "challenge" to these major corportions merely states 
that they gave IBM, MS, and Netscape this big challenge to crack the 
system, but it never actually says the companies took up the offer 
and are actively trying to crack it. How's this one? "Microsoft, 
Netscape, and IBM!! I challenge you to crack my version of the Caesar 
Cipher!" There. I can now claim that I have challenged all the big 
corps to crack my crypto scheme. Challenging a big company doesn't 
prove a thing.

Anyway, that's my rant and rave. Just as a small side note, if you 
would like to see some good examples of Madison Avenue at work then 
just visit this web-site:

http://www.meganet.com

> News report Nov 7, 97:
> 
> AT&T, Hewlett Packard, Intel Corporation, Dell Computers, and 
> many other leading computer corporations have been added to the 
> challenge list by Meganet Corporation. The challenge started 
> last week with Bill Gates, now some of his peers have an opportunity 
> to validate or discredit the bold claim that Meganet's VME 
> (Virtual Matrix Encryption) is totally unbreakable. 
> 
> Unbreakable encryption is the only answer to security 
> in our electronic world. This is graphically illustrated 
> by the recent report from the National Security Agency
> reporting the open market availability of a $10 chip that 
> can test up to 200 million keys per second. The 56-bit key, 
> government and banking standard, can be compromised in 
> twelve (12) seconds with brute force using ASIC
> (Application-specific Integrated Circuits) chips. 
> 
> Meganet has the answer with its new VME (Virtual Matrix 
> Encryption). The impenetrable VME also has extreme speed, 
> much faster than any existing program available today. 
> 
> Major computer companies are already starting discussions 
> to acquire the rights to market this incredible new data 
> encryption system. More information about this
> exciting new technology can be found at: www.meganet.com
> 
> ----------
> 
> Hmm, wonder if it has impenetrable GAK and CAK options.
> 
>