The Nonsense thread

[IRON CHEF]

YOU WILL BE ABLE TO TRADE YOUR 12oz POST COUNT FOR FOOD CREDITS IN 2012.

[MOOGLE?]

 

.....

[IRON CHEF]

"ISWYDT"

[watson]

[watson]

[YearzOne]

Damn you Moogle...

[SystemFailure]

That Map gets me everytime

[YearzOne]

Wanna thumb wrestle?

[pertplus1]

[Brickos]

 

 

 

 

 

 

 

 

 

 

 

 

[MOOGLE?]

The gunt is the area between the gut and the cunt, usually dominated by hair.

[i'moffthywallz]

[xen]

Wanna thumb wrestle?

 

Folks got into public art? Daaaaaaaaamn son!

 

 

[Akrisone]

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

[Drue_Down]

 

 

 

 

 

I ♥ my imitation SlapChop!

[MOOGLE?]

          

╲╲╲╲╲╭━━━━╮╱╱╱╱╱

╲╲╲╲╲┃┊ ◒◒ ┃╱╱╱╱╱

╭━━━━╯┊╰╯┊╰━━━━╮

┃╭╮╭╮╭╮╭╮╭╮╭╮╭╮┃

┃┃┃┃┃┃┃┃┃┃┃┃┃┃┃┃

╰╯╰╯╰╯╰╯╰╯╰╯╰╯╰╯

ⓅⒶⓊⓁ☝ⓉⒽⒺ☝ⓄⒸⓉⓄⓅⓊⓈ

 

 

 

“http://mishkanyc.com/bloglin/

[KILZ FILLZ]

 

[THEMELGIBSON]

TEPITOS!

[Brickos]

[xen]

haha I wish I had a sex doll... Id hang that bitch from a highway spot with a tag on her ass cheeks...

 

 

http://www.dollforum.com/

[Swindle]

I mean reeally???

 

 

 

I will say I give props to the paint jobs but REALLLY?

 

 

 

i think the only part of this that has been changed is the paintjob. which is really easy, its just painted black then drybrushed silver. drybrushing is a technique where you dip the brush into paint, then wipe the brush with a cloth, and paint using minimal paint.

 

[MOOGLE?]

Honeypot (computing)

From Wikipedia, the free encyclopedia

In computer terminology, a honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be part of a network, but is actually isolated and monitored, and which seems to contain information or a resource of value to attackers.

Contents [hide]

1 Function

2 Types

2.1 Spam versions

2.2 E-mail trap

2.3 Database honeypot

3 Detection

4 Honeynets

5 See also

6 References and notes

7 Further reading

8 External links

[edit]Function

 

 

This section does not cite any references or sources. Please help improve this section by adding citations to reliable sources. Unsourced material may be challenged and removed. (June 2009)

A honeypot is valuable as a surveillance and early-warning tool. While it is often a computer, a honeypot can take other forms, such as files or data records, or even unused IP address space. A honeypot that masquerades as an open proxy to monitor and record those using the system is known as a "sugarcane". Honeypots should have no production value, and hence should not see any legitimate traffic or activity. Whatever they capture is therefore malicious or unauthorized. One practical application of this is the spamtrap - a honeypot that thwarts spam by masquerading as a type of system abused by spammers. These honeypots categorize trapped material 100% accurately: it is all illicit.

Honeypots can carry risks to a network, and must be handled with care. If they are not properly walled off, an attacker can use them to break into a system.

Victim hosts are an active network counter-intrusion tool. These computers run special software, designed to appear to an intruder as being important and worth looking into. In reality, these programs are dummies, and their patterns are constructed specifically to foster interest in attackers. The software installed on, and run by, victim hosts is dual purpose. First, these dummy programs keep a network intruder occupied looking for valuable information where none exists, effectively convincing an intruder to isolate themselves in what is truly an unimportant part of the network. This decoy strategy is designed to keep an intruder from getting bored and heading into truly security-critical systems. The second part of the victim host strategy is intelligence gathering. Once an intruder has broken into the victim host, the machine or a network administrator can examine the intrusion methods used by the intruder. This intelligence can be used to build specific countermeasures to intrusion techniques, making truly important systems on the network less vulnerable to intrusion.

[edit]Types

 

Honeypots can be classified based on their deployment and based on their level of involvement. Based on the deployment, honeypots may be classified as

Production Honeypots

Research Honeypots

Production honeypots are easy to use, capture only limited information, and are used primarily by companies or corporations; Production honeypots are placed inside the production network with other production servers by an organization to improve their overall state of security. Normally, production honeypots are low-interaction honeypots, which are easier to deploy. They give less information about the attacks or attackers than research honeypots do. The purpose of a production honeypot is to help mitigate risk in an organization. The honeypot adds value to the security measures of an organization.

Research honeypots are run by a volunteer, non-profit research organization or an educational institution to gather information about the motives and tactics of the Blackhat community targeting different networks. These honeypots do not add direct value to a specific organization; instead, they are used to research the threats organizations face and to learn how to better protect against those threats. This information is then used to protect against those threats. Research honeypots are complex to deploy and maintain, capture extensive information, and are used primarily by research, military, or government organizations.

Based on the design criteria, honeypots can be classified into three categories as

pure honeypots

high interaction honeypots

low interaction honeypots

Pure honeypot is a full fledged production system. The activities of the attacker is monitored using a casual tap has been installed on the honeypots link to the network. No other software's are needed to be installed. Even though a pure honeypot is useful, stealthiness of the defense mechanisms can be ensured by a more controlled mechanism.

 

High interaction honeypots imitate the activities of the real systems that host a varieties of services and, therefore, an attacker may be allowed a lot of services to waste his time. According to recent researches in high interaction honeypot technology, by employing virtual machines, multiple honeypots can be hosted on single physical machine. Therefore, even if the honeypot is compromised, there is chance for quicker recovery. In general, high interaction honeypots provide more security by being difficult to detect but, on the negative side, are highly expensive to maintain. If virtual machines are not available, each honeypot need to maintained for each physical computer, which can be exorbitantly expensive. Example:Honeynet.

 

Low interaction honeypot is based on the services that the attacker normally request for. These services are simulated by this classification of honeypot. There are many positives with the requirement of only few services by the attackers: ease of hosting multiple virtual machines on one physical system as they consume relatively few resources, fast response time of the virtual systems, and shorter code length reduces the complexity in the security of the virtual systems. Example:Honeyd.

[edit]Spam versions

Spammers abuse vulnerable resources such as open mail relays and open proxies. Some system administrators have created honeypot programs that masquerade as these abusable resources to discover spammer activity. There are several capabilities such honeypots provide to these administrators and the existence of such fake abusable systems makes abuse more difficult or risky. Honeypots can be a powerful countermeasure to abuse from those who rely on very high volume abuse (e.g., spammers).

These honeypots can reveal the apparent IP address of the abuse and provide bulk spam capture (which enables operators to determine spammers' URLs and response mechanisms). For open relay honeypots, it is possible to determine the e-mail addresses ("dropboxes") spammers use as targets for their test messages, which are the tool they use to detect open relays. It is then simple to deceive the spammer: transmit any illicit relay e-mail received addressed to that dropbox e-mail address. That tells the spammer the honeypot is a genuine abusable open relay, and they often respond by sending large quantities of relay spam to that honeypot, which stops it. The apparent source may be another abused system—spammers and other abusers may use a chain of abused systems to make detection of the original starting point of the abuse traffic difficult.

This in itself is indicative of the power of honeypots as anti-spam tools. In the early days of anti-spam honeypots, spammers, with little concern for hiding their location, felt safe testing for vulnerabilities and sending spam directly from their own systems. Honeypots made the abuse less easy and safe.

Spam still flows through open relays, but the volume is much smaller than in 2001 to 2002. While most spam originates in the U.S.,[1] spammers hop through open relays across political boundaries to mask their origin. Honeypot operators may use intercepted relay tests to recognize and thwart attempts to relay spam through their honeypots. "Thwart" may mean "accept the relay spam but decline to deliver it." Honeypot operators may discover other details concerning the spam and the spammer by examining the captured spam messages. (However, open relay spam has declined significantly.[citation needed])

Open relay honeypots include Jackpot,[2] written in Java, smtpot.py,[3] written in Python, and spamhole,[4] written in C. The Bubblegum Proxypot[5] is an open proxy honeypot (or proxypot).

[edit]E-mail trap

Main article: Spamtrap

An e-mail address that is not used for any other purpose than to receive spam can also be considered a spam honeypot. Compared with the term spamtrap, the term "honeypot" might better be reserved for systems and techniques used to detect or counter attacks and probes. Spam arrives at its destination "legitimately"—exactly as non-spam e-mail would arrive.

An amalgam of these techniques is Project Honey Pot. The distributed, open-source Project uses honeypot pages installed on websites around the world. These honeypot pages hand out uniquely tagged spamtrap e-mail addresses. E-mail address harvesting and Spammers can then be tracked as they gather and subsequently send to these spamtrap e-mail addresses.

[edit]Database honeypot

Databases often get attacked by intruders using SQL Injection. Because such activities are not recognized by basic firewalls, companies often use database firewalls. Some of the available SQL database firewalls provide/support honeypot architectures to let the intruder run against a trap database while the web application still runs as usual.[6]

[edit]Detection

 

Just as honeypots are weapons against spammers, honeypot detection systems are spammer-employed counter-weapons. As detection systems would likely use unique characteristics of specific honeypots to identify them, a great deal of honeypots in use makes the set of unique characteristics larger and more daunting to those seeking to detect and thereby identify them. This is an unusual circumstance in software: a situation in which "versionitis" (a large number of versions of the same software, all differing slightly from each other) can be beneficial. There's also an advantage in having some easy-to-detect honeypots deployed. Fred Cohen, the inventor of the Deception Toolkit, even argues that every system running his honeypot should have a deception port that adversaries can use to detect the honeypot.[7] Cohen believes that this might deter adversaries.

[edit]Honeynets

 

Two or more honeypots on a network form a honeynet. Typically, a honeynet is used for monitoring a larger and/or more diverse network in which one honeypot may not be sufficient. Honeynets and honeypots are usually implemented as parts of larger network intrusion detection systems. A honeyfarm is a centralized collection of honeypots and analysis tools.[8][9]

The concept of the honeynet first began in 1999 when Lance Spitzner, founder of the Honeynet Project, published the paper "To Build a Honeypot":

"A honeynet is a network of high interaction honeypots that simulates a production network and configured such that all activity is monitored, recorded and in a degree, discreetly regulated."[10]

[edit]

[Tavaruawon]

 

 

[Duck Butter]

shredding brooooo!

[MOOGLE?]

Cypherpunk

From Wikipedia, the free encyclopedia

Not to be confused with Cyberpunk.

A cypherpunk is an activist advocating widespread use of strong cryptography as a route to social and political change.

Originally communicating through the Cypherpunks electronic mailing list, informal groups aimed to achieve privacy and security through proactive use of cryptography. Cypherpunks have been engaged in an active movement since the late 1980s.

Contents [hide]

1 Origins of the term

2 History

2.1 Before the mailing list

2.2 Cypherpunk mailing list

2.2.1 Early discussion of online privacy

3 Main principles

3.1 Privacy of communications

3.2 Anonymity and pseudonyms

3.3 Censorship and monitoring

3.4 Hiding the act of hiding

3.5 Software projects

3.6 Hardware

3.7 Expert panels

3.8 Lawsuits

3.9 Civil disobedience

3.10 Cypherpunk fiction

3.11 Jim Bell and "Assassination Politics"

4 Noteworthy cypherpunks

5 References

6 External links

[edit]Origins of the term

 

The term cypherpunk, derived from cipher and punk, was coined by Jude Milhon as a pun to describe cyberpunks who used cryptography.[1] In November 2006, the word was added to the Oxford English Dictionary.[2] The Cypherpunks included several notable computer industry figures, for example Ian Goldberg, Bram Cohen and Nikita Borisov.

[edit]History

 

[edit]Before the mailing list

Until about the 1970s, cryptography was mainly done in secret by military or spy agencies. However, in the '70s, there were two publications that brought it out of the closet, into public awareness. One was the US government publication of the Data Encryption Standard (DES), a block cipher which became very widely used. The other was the publication by Whitfield Diffie and Martin Hellman of the first publicly available work on public-key cryptography.

From that time on, people began to discuss cryptography openly and to examine its political and social consequences. Some of the substantial issues involved in these discussions had to do with the potential uses for and dangers of cryptography. Could it be used by criminals to hide their schemes or their profits, in addition to protecting personal privacy or government and corporate secrets? Should strong cryptography be widely used or strictly limited? Some of the speculations and arguments of these early debates fell along lines now referred to as cypherpunk.

In the late '80s, these ideas coalesced into something like a movement.

[edit]Cypherpunk mailing list

Cypherpunks originated as an informal group of people interested in privacy and cryptography who originally communicated through the cypherpunks mailing list, although there were also cypherpunk physical meetings and parties.

The list was started in 1992, peaked around 1997, and has one remaining node as of August 2010: "cypherpunks@al-qaeda.net". At its peak, "cypherpunks" was a very active list with technical discussion ranging over mathematics, cryptography, computer science, political and philosophical discussion, personal arguments and attacks, etc., with some spam thrown in. An email from John Gilmore shows an average of 30 messages a day from December 1, 1996 to March 1, 1999, and suggests that the number was probably higher earlier.[3] There were well over a thousand subscribers at the peak.

For a time, the cypherpunks mailing list was a popular tool with mailbombers,[4] who would subscribe a victim to the mailing list in order to cause a deluge of messages to be sent to him or her. (This was usually done as a prank, in contrast to the style of terrorist referred to as a mailbomber.) This precipitated the mailing list sysop(s) to institute a reply-to-subscribe system. Approximately two hundred messages a day was typical for the mailing list, divided between personal arguments and attacks, political discussion, technical discussion, and early spam.[5][6]

The cypherpunks mailing list had extensive discussions of the public policy issues related to cryptography and on the politics and philosophy of concepts such as anonymity, pseudonyms, reputation, and privacy. These discussions continue both on the remaining node and elsewhere as the list has become increasingly moribund.

Events such as the GURPS Cyberpunk raid lent weight to the idea that private individuals needed to take steps to protect their privacy. In its heyday, the list discussed public policy issues related to cryptography, as well as more practical nuts-and-bolts mathematical, computational, technological, and cryptographic matters. The list had a range of viewpoints and there was probably no completely unanimous agreement on anything. The general attitude, though, definitely put personal privacy and personal liberty above all other considerations.

[edit]Early discussion of online privacy

In at least two senses, people on the list were ahead of more-or-less everyone else. For one thing, the list was discussing questions about privacy, government monitoring, corporate control of information, and related issues in the early 90s that did not become major topics for broader discussion until ten years or so later. For another, at least some list participants were more radical on these issues than almost anyone else.

Those wishing to understand the context of the list might refer to the history of cryptography; in the early 90s, the US government considered crypto software a "munition" for export purposes, which hampered commercial deployment with no gain in "national security", as knowledge and skill was not limited to US citizens. (PGP source code was published as a paper book to bypass these regulations and demonstrate their futility.) The US government had tried to subvert cryptography (e.g. by requiring SkipJack and key-escrow). It was also not widely known among that all communications were logged by government agencies (which would later be revealed during the NSA and AT&T scandals) though this was taken as an obvious axiom by listmembers.

The original cypherpunk mailing list, and the first list spin-off, "coderpunks", were originally hosted on John Gilmore's toad.com, but after a falling out with the sysop over moderation, the list was migrated to several cross-linked mail-servers in what was called the "distributed mailing list".[7][8] The coderpunks list, open by invitation only, existed for a time. Coderpunks took up more technical matters and had less discussion of public policy implications. There are several lists today that can trace their lineage directly to the original Cypherpunks list: the "Cryptography" list (cryptography@metzdowd.com), the "Financial Cryptography" list (fc-announce@ifca.ai), and a small group of closed (invitation-only) lists as well.

Toad.com continued to run with the existing subscriber list, those that didn't unsubscribe, and was mirrored on the new distributed mailing list, but messages from the distributed list didn't appear on toad.com.[9] As the list faded in popularity, so too did it fade in the number of cross-linked subscription nodes.

To some extent, the cryptography list acts as a successor to cypherpunks; it has many of the people and continues some of the same discussions. However, it is a moderated list, considerably less zany and somewhat more technical. A number of current systems in use trace to the mailing list, including Pretty Good Privacy, /dev/random in the Linux kernel (the actual code has been completely reimplemented several times since then) and today's anonymous remailers.

[edit]Main principles

 

The basic ideas are in this quote from "A Cypherpunk's Manifesto" (Eric Hughes, 1993):

Privacy is necessary for an open society in the electronic age. ... We cannot expect governments, corporations, or other large, faceless organizations to grant us privacy ... We must defend our own privacy if we expect to have any. ... Cypherpunks write code. We know that someone has to write software to defend privacy, and ... we're going to write it. ...[10]

 

Some are or were quite senior people at major hi-tech companies and others are well-known researchers (see list with affiliations below). However, the "punk" part of the name indicates an attitude:

We don't much care if you don't approve of the software we write. We know that software can't be destroyed and that a widely dispersed system can't be shut down.[10]

 

This is crypto with an attitude, best embodied by the group's moniker: Cypherpunks.[11]

 

The first mass media discussion of cypherpunks was in a 1993 Wired article by Steven Levy titled "Code Rebels":

The people in this room hope for a world where an individual's informational footprints -- everything from an opinion on abortion to the medical record of an actual abortion -- can be traced only if the individual involved chooses to reveal them; a world where coherent messages shoot around the globe by network and microwave, but intruders and feds trying to pluck them out of the vapor find only gibberish; a world where the tools of prying are transformed into the instruments of privacy.

 

There is only one way this vision will materialize, and that is by widespread use of cryptography. Is this technologically possible? Definitely. The obstacles are political -- some of the most powerful forces in government are devoted to the control of these tools. In short, there is a war going on between those who would liberate crypto and those who would suppress it. The seemingly innocuous bunch strewn around this conference room represents the vanguard of the pro-crypto forces. Though the battleground seems remote, the stakes are not: The outcome of this struggle may determine the amount of freedom our society will grant us in the 21st century. To the Cypherpunks, freedom is an issue worth some risk.[11]

 

The three masked men on the cover of that edition of Wired were prominent cypherpunks Tim May, Eric Hughes and John Gilmore.

Later, Levy wrote a book, Crypto: How the Code Rebels Beat the Government – Saving Privacy in the Digital Age,[12] covering the "crypto wars" of the 90s in detail. "Code Rebels" in the title is almost synonymous with "cypherpunks".

The term "cypherpunk" is mildly ambiguous. In most contexts it means anyone advocating cryptography as a tool for social change. However, it can also be used to mean a participant in the Cypherpunks electronic mailing list described below. The two meanings obviously overlap, but they are by no means synonymous.

Documents exemplifying cypherpunk ideas include Timothy C. May's "The Crypto Anarchist Manifesto" (1992)[13] and "The Cyphernomicon" (1994),[14]"A Cypherpunk's Manifesto".[10]

[edit]Privacy of communications

A very basic cypherpunk issue is privacy in communications. John Gilmore said:

That's the kind of society I want to build. I want a guarantee -- with physics and mathematics, not with laws -- that we can give ourselves real privacy of personal communications.[15]

 

Such guarantees require strong cryptography, so cypherpunks are fundamentally opposed to government policies attempting to control the usage or export of cryptography. See politics of cryptography for discussion.

Cypherpunks deplore regulations on cryptography, for encryption is fundamentally a private act.[10]

 

This was a central issue for many cypherpunks. Most were passionately opposed to various government attempts to limit cryptography — export laws, promotion of limited key length ciphers, and especially escrowed encryption.

[edit]Anonymity and pseudonyms

The questions of anonymity, pseudonymity and reputation were also extensively discussed.

Arguably, the possibility of anonymous speech and publication is vital for an open society, an essential requirement for genuine freedom of speech — this was the position of most cypherpunks. A frequently cited example is that some of the leaders of the American Revolution published anonymously. On the other hand, the possibility of anonymity may facilitate various forms of criminal activity, notably conspiracy and libel.

On the net, one can use a pseudonym, often shortened to just nym. This has some of the advantages and problems of anonymity, but adds its own complications. A pseudonym can be tied to a public key so that only an authorised person can use it. Several people might share a pseudonym, as for the mathematician Nicolas Bourbaki who published a number of papers but never actually existed. One person might have multiple pseudonyms. A pseudonym can acquire a reputation — if clever things often appear under the pseudonym, then a new message using that name will be taken seriously. On the other hand, if many messages from a nym are idiotic, a new one may not even be read and will certainly not be accepted without caution.

[edit]Censorship and monitoring

Questions of censorship and government or police monitoring of various things were also much discussed. Generally, cypherpunks opposed both.

In particular, the US government's Clipper chip scheme for escrowed encryption of telephone conversations (encryption secure against most attackers, but breakable at need by government) was seen as anathema by many on the list. This was an issue that provoked strong opposition and brought many new recruits to the cypherpunk ranks. List participant Matt Blaze found a serious flaw[16] in the scheme, helping to hasten its demise.

[edit]Hiding the act of hiding

Another important set of discussions continues to be the use of crypto itself as a flag to oppressive authorities. As a result, Cypherpunks have discussed (and even developed) several approaches to crypto that hides even the use of crypto itself or that allows interrogators to believe that they have forcibly extracted hidden information from an interogee. For instance, "Rubberhose" was a tool (developed by Julian Assange) that partitioned and intermixed secret data on a drive with "fake secret data", each of which accessed via a different password. Interrogators, receiving extracting a password, will be lead to believe that they have indeed extracted the desired secrets, whereas in reality the actual data is still hidden. In other words, even its presence is hidden. Likewise, Cypherpunks have also discussed under what conditions messages could be encrypted without becoming noticed or flagged as special by network monitoring systems installed by oppressive regimes.

[edit]Software projects

As the Manifesto says "Cypherpunks write code";[10] the notion that good ideas need to be implemented, not just discussed, is very much part of the culture.

John Gilmore, whose site hosted the original cypherpunks mailing list, wrote:

We are literally in a race between our ability to build and deploy technology, and their ability to build and deploy laws and treaties. Neither side is likely to back down or wise up until it has definitively lost the race.

 

Anonymous remailers such as the Mixmaster Remailer were almost entirely a cypherpunk development. Among the other projects they have been involved in were PGP for email privacy, FreeS/WAN for opportunistic encryption of the whole net, Off-the-record messaging for privacy in Internet chat, and the Tor project for anonymous web surfing.

[edit]Hardware

In 1998, the Electronic Frontier Foundation built a $200,000 machine that finds a Data Encryption Standard key in a few days; details are in Cracking DES.[17] See DES for background.

The project leader was John Gilmore, and the goal of the project was to demonstrate beyond question that DES was insecure. As many cypherpunks saw it, this was necessary because the US government had been telling deliberate lies about the security of DES for some time.

[edit]Expert panels

Cypherpunks also participated, along with other experts, in several reports on cryptographic matters.

One such paper was Minimal Key Lengths for Symmetric Ciphers to Provide Adequate Commercial Security.[18] It suggested 75 bits was the minimum key size to allow an existing cipher to be considered secure and kept in service. At the time, the Data Encryption Standard with 56-bit keys was still a US government standard, mandatory for some applications.

Other papers were critical analysis of government schemes. The Risks of Key Recovery, Key Escrow, and Trusted Third-Party Encryption,[19] evaluated escrowed encryption proposals. Comments on the Carnivore System Technical Review.[20] looked at an FBI scheme for monitoring email.

Cypherpunks provided significant input to the 1996 National Research Council report on encryption policy, Cryptography's Role In Securing the Information Society (CRISIS)[21] This report, commissioned by the U.S. Congress in 1993, was developed via extensive hearings across the nation from all interested stakeholders, by a committee of talented people. It recommended a gradual relaxation of the existing U.S. government restrictions on encryption. Like many such study reports, its conclusions were largely ignored by policy-makers. Later events such as the final rulings in the cypherpunks lawsuits forced a more complete relaxation of the unconstitutional controls on encryption software.

[edit]Lawsuits

Cypherpunks have filed a number of lawsuits, mostly suits against the US government alleging that some government action is unconstitutional.

Phil Karn sued the State Department in 1994 over cryptography export controls [22] after they ruled that, while the book Applied Cryptography[23] could legally be exported, a floppy disk containing a verbatim copy of code printed in the book was legally a munition and required an export permit, which they refused to grant. Karn also appeared before both House and Senate committees looking at cryptography issues.

Daniel Bernstein, supported by the EFF, also sued over the export restrictions, arguing that preventing publication of cryptographic source code is an unconstitutional restriction on freedom of speech. He won, effectively overturning the export law. See Bernstein v. United States for details.

Peter Junger also sued on similar grounds, and won.

John Gilmore has sued two US Attorneys General (Ashcroft and Gonzales), arguing that the requirement to present identification documents before boarding a plane is unconstitutional.[24] These suits have not been successful to date.

[edit]Civil disobedience

Cypherpunks encouraged civil disobedience, in particular US law on the export of cryptography. Until about 2000, cryptographic code was legally a munition and export required a permit.

Adam Back wrote a version of the RSA algorithm for public-key cryptography in three lines of Perl[25][26] and suggested people use it as an email signature file:

#!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj

$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1

lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)

Vince Cate put up a web page that invited anyone to become an international arms trafficker; every time someone clicked on the form, an export-restricted item — originally PGP, later a copy of Back's program — would be mailed from a US server to one in Anguilla.[27] There were options to add your name to a list of such traffickers and to send email to the president registering your protest.

[edit]Cypherpunk fiction

In Neal Stephenson's novel Cryptonomicon many characters are on the "Secret Admirers" mailing list. This is fairly obviously based on the cypherpunks list, and several well-known cypherpunks are mentioned in the acknowledgements. Much of the plot revolves around cypherpunk ideas; the leading characters are building a data haven which will allow anonymous financial transactions, and the book is full of cryptography. But, according to the author[28] the book's title is — in spite of its similarity — not based on the Cyphernomicon,[14] an online cypherpunk FAQ document.

There was a pornographic cypherpunk movie called Cryptic Seduction, produced by someone using the pseudonym Randy French. It caused great amusement in cypherpunk circles, with references to and cameos by several prominent cypherpunks, but did not make money. At one point the copyright for it was up for auction.[29]

[edit]Jim Bell and "Assassination Politics"

Jim Bell took the general cypherpunk tendencies toward further in an essay titled "Assassination Politics":[30]

Imagine for a moment that as ordinary citizens ... see an act by a government employee or officeholder that they feel violates their rights ... If only 0.1% of the population, or one person in a thousand, was willing to pay $1 to see some government slimeball dead, that would be, in effect, a $250,000 bounty on his head. Further, imagine that anyone considering collecting that bounty could do so with the mathematical certainty that he could not be identified, ... Perfect anonymity, perfect secrecy, and perfect security.

 

He worked out the mechanisms for this in considerable detail, and speculated extensively on the political consequences. Naturally, the discussion on the list was intense. Later, Bell was arrested and convicted[31] for tax evasion, with accusations of attempts to intimidate IRS agents. Still later, another case was brought against him, alleging "stalking and intimidating local agents of the IRS, Treasury Department and BATF".[32] Another list subscriber, Carl Johnson, was also convicted[33] of sending threatening emails. Discussion of Bell's essay played a prominent part in all three trials.

[edit]

 

 

 

 

 

and this

[Tavaruawon]

 

 

 

 

 

 

 

 

[shameless self promotion]

[Decyferon]

[KnifeHits RS]

 

 

 

 

 

 

 

 

 

 

 

 

[watson]

^ $20,000 bail for that