1998-04-15 - RE: Apple crypto engineer position available

Header Data

From: Pablo Calamera <pablo@microsoft.com>
To: “‘Robert Hettinga’” <dcsb@ai.mit.edu>
Message Hash: b5617bebd07d4b15ccb6c70861a4785744607524905c3bc338e325959be736de
Message ID: <AF4C1F8C5306D111AD5F0000F8662ED306287162@red-msg-41.dns.microsoft.com>
Reply To: N/A
UTC Datetime: 1998-04-15 19:31:27 UTC
Raw Date: Wed, 15 Apr 1998 12:31:27 -0700 (PDT)

Raw message

From: Pablo Calamera <pablo@microsoft.com>
Date: Wed, 15 Apr 1998 12:31:27 -0700 (PDT)
To: "'Robert Hettinga'" <dcsb@ai.mit.edu>
Subject: RE: Apple crypto engineer position available
Message-ID: <AF4C1F8C5306D111AD5F0000F8662ED306287162@red-msg-41.dns.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain


Bob,

In general I agree with your points however your historical perspective on
Apple Crypto is far from complete.  You forgot to mention that while Apple
was flailing there where key people who actually did crypto work and managed
to ship great products inspite of Apple.  Those same people tirelessly tried
to evangelize/evolve the technology within Apple to no avail.  We're talking
pre-Vinnie and pre-Jon here.  And in Gursharan Sidhu's defense, he knew
exactly what he had when we got the RSA license!

Pablo Calamera
Security Architect
WebTV Networks, Inc.
voice: 650-614-2749
fax: 650-614-6442


-----Original Message-----
From: mac-crypto@vmeng.com [mailto:mac-crypto@vmeng.com]On Behalf Of
Robert Hettinga
Sent: Tuesday, April 14, 1998 7:00 PM
To: Mac-crypto@vmeng.com; net-thinkers@vmeng.com; cypherpunks@toad.com;
cryptography@c2.net; dcsb@ai.mit.edu
Subject: Re: Apple crypto engineer position available


Please note, this is *not* a flame. I'm not getting even *slightly* warm,
here... :-).


At 6:20 PM -0400 on 4/14/98, Somebody, Waay Up There at Apple, wrote to me,
offline:

> I don't get it.

Yup. The old irony meter is pegged, alright...

:-).

> >At 12:00 PM -0400 on 4/14/98, Mike Barnick wrote:
> >
> >
> >> Apple is looking for a senior engineer to work on providing
cryptographic
> >>APIs on the operating system.
> >
> >:-).
> >
> >I see the law of conservation of irony still holds...
> >
> >Cheers,
> >Bob Hettinga


Tell ya what, Somebody, I'll give you three hints:

Hint 1: Whatsisname Sidhu,

who negotiated the world's first RSA license, and who probably could have
invented digital commerce on the internet all by himself if he only knew
what he had, already bought and paid for, wasted in a mail and LAN
protocol, buried in the bowels of the MacOS.

We still haven't seen what's in that RSA license to Apple, but, given RSA's
financial straits at the time the license was issued, I bet it reads more
of a pornographic act than a legal agreement. :-). I for one would be
interested how transferrable it *still* is. Like, if Apple builds a Mac
crypto toolbox, does that mean that anyone writing code using the crypto
toolbox has a license to use the algorithms therein? I bet so, but the
world will never know. The technology, (RSA, anyway) has a countdown clock
on it now, so it's almost moot. Don't even get me started on ECC, which is,
of course, marvellous, but equally squandered.

Anyway, a more clueful Sidhu, (who, to be fair, couldn't have understood
what was coming) could have, with just a little of the right prompting :-),
taken some of the money you guys gave to, say, Steve, for instance :-), and
bought the blind signature patent at firesale prices from DigiCash ($10
million is chump change, even to Apple, even then, :-)) at last year's
greater-fools exchange of ownership at "the world's greatest financial
cryptography company" (my name, not theirs).

Heck, if Apple had bought DigiCash outright, and just *fired* everybody,
and only used the *technology* (kind of dumb to fire David Chaum, but, hey,
it's my limb, and I'm not coming off of it), Apple could have put blind
signatures into that Macintosh crypto tool box, and the world really
*would* think differently. :-).

That's because, someday sooner than most people think, all these
cryptographic functions, particularly the financial crypto functions like
blind signatures, and probably even something like MicroMint, will be
buried deep in every operating system. Apple could have had crypto for the
rest of us, same as it ever was, way ahead of schedule, same as they always
do. But, no, they fired Sidhu, instead. Causing his whole staff, and every
crypto-clueful person at Apple, to quit in disgust. :-).

What's funny is, Apple *still* has this enormous competitive advantage if
they still want it. Because, even though they're goliath, Microsoft can't
do crypto very well right now. They've got this homunculus called the
Justice Department's antitrust division sitting on their sholder, and they
don't want to do anything to upset Dammit Janet. (I immediately have this
ludicrous picture my head of Ms. Reno in wet underware, with Riff Raff
[Carville, right?] leering at her.) Not to mention the Wrath of the Whole
Rest of the Computer Business, voted through their pocketbooks on capital
hill. ;-). Actually, Microsoft's trying to do strong crypto anyway, bless
their hearts, but they're not going to do it for long, given all the flying
monkeys headed in their general direction.

Fortunately, compared to the antitrust division and their minions, the FBI
is a mere gnat's fart, believe it or not.

That's because, to torture dear Mr. Wolfe, "no Buck Rogers, no bucks":
Digital Commerce *is* Financial Cryptography, and all that. So, all it
really takes from Apple to have this huge advantage, crypto-wise, is for it
to have more cajones than grey matter, which, unfortunately, is exactly the
inverse problem at 1 Infinite Loop, the last I looked. Apple being a
founding signatory to the Key Recovery Alliance Program is a marvellous
example of that. Look, it's a complement, okay? You're *smart*, right? You
just have no --, well, anyway, on to the next hint...


Hint 2: Jon Callas,

who was not only CTO for PGP, but, through being both clueful and at the
right place the right time, ended up CTO for all of Network Associates. NA
is now (or will be soon, after the TIS merger's done) the 900-lb
cryptogorilla nobody's supposed to think about, but can't get out of their
minds.

Of course, this is the same Jon Callas who used to work for the
aforementioned Sidhu, and who, for fun one day, thought up a really
*really* spiffy, rock-solid way to extract real live entropy from the
normal operation of any Macintosh. And I don't mean memory conflicts
either. :-)

What? What's entropy? Hmmm... Well, there's this book you can read, it's
called "Applied Cryptography". It's by a former Mac maven named Bruce
Schneier. You might want to look it up there.  Entropy, of course, brings
me to the the final hint,


Hint 3: Vinnie Moscaritolo,

the guy whose name is written all over Apple's new job discription for a
crypto engineer. The guy who now works for Jon over at PGP-now-NA. Vinnie,
who, while he was at Apple Developer Technical Support last year, asked you
guys to set up a crypto engineering department, not to mention a crypto
toolbox, not to mention a crypto API. Who left in disgust shortly after the
aforementioned Sidhu, but not because you fired Sidhu, because, in typical
Vinnie fashion, he practically venerated Sidhu's clueness about commerce,
because Vinnie saw it as an opportunity (Marines are wierd that way). :-).
Who is probably making waay too much money to come back now, and who would
have probably taken a pay *cut*, even at *DTS* salaries, to do the job had
you offered it to him even a year ago.


Ironic, isn't it?



In the final bit of irony, Somebody Else, in Apple Evangelism at the time,
who was not even especially crypto-clueful back then, and who will also
remain nameless :-), once bandied about the idea of an actual crypto
*evangelist* at Apple. Maybe even a digital commerce evangelist, who, of
course, would be one and the same (digital commerce being financial
cryptography and all).

The irony there is that said evangelist, if hired, would end up spending
all his time evangelizing *Apple*, and not the developer community, who of
course, are clueful and don't need evangelizing about such things.  Such
are things at the new Apple, I guess.

Of course, Somebody Else also doesn't work at Apple anymore either. He
works in, you guessed it, another financial cryptography company. I even
yelled at him about his antics at Apple, even though he's not there
anymore, while we were at the Hansa Bank party at Serenity during FC98 on
Anguilla this year. :-).

Now, what I said *then* was a flame, you better believe it, because back
*then*, when Somebody Else was at Apple, it cost me actual money.

This time, with you, Somebody, it's free of charge, and so I'm not nearly
so worked up.


Cheers,
Bob Hettinga

PS. To save you the cost of a white paper, Somebody, or maybe you can just
pay us for it, already :-), go look at "Digital Commerce for the Rest of
Us", a longish rant Vinnie and I wrote almost two years ago. For some
strange reason, it's still pretty current. ;-).

It's at <http://www.shipwright.com/rants/rant_15.html>

Raines Cohen actually moshed it a bit and stuck it into the inaugural issue
of NetProfessional magazine, god rest it's soul, so you might have seen
some of it there as well.




-----------------
Robert Hettinga (rah@shipwright.com), Philodox
e$, 44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
The e$ Home Page: http://www.shipwright.com/








Thread