1. Kryptonite v2.0 Now Available!
- Posted by Alan Tu <ATU5713 at COMPUSERVE.COM> Dec 29, 1998
- 494 views
A totally free, solid encryption program is now available. Some ways it is better than home-grown encryption programs is: * It uses a proven algorithm: Blowfish. * It uses a hash algorithm to detect tampered files and avoids bad decrypts. This program is in a .ZIP file, and contains program, documentation, and credits. E-mail me if you want it. That goes for _anyone_. However, I would like to thank Davi T. Figueiredo for contributing to this program. Without him, this program would be impossible since he created both the Blowfish algorithm and the hash algorithm from specifications. There is a reason why I am not submitting this to the website. This is an excerpt of the documentation. Let's just say I believe in very civil, very non-violent disobedience. Alan Legal Notice The US government forbids exporting of this program. The author believes, however, that information security is not a weapon, and that everyone is entitled to have strong information security. Therefore, as long as the author has an e-mail address, this package will be available to _anyone_ who wants it. However, _use_ of this package is not restricted in the United States, nor in most places. But it is restricted in some places. Use it at your own risk.
2. Re: Kryptonite v2.0 Now Available!
- Posted by "Alfredo Brand V." <abrand at ALUMINA.COM.CO> Dec 29, 1998
- 466 views
I want it! -----Mensaje original----- De: Alan Tu <ATU5713 at COMPUSERVE.COM> Para: EUPHORIA at LISTSERV.MUOHIO.EDU <EUPHORIA at LISTSERV.MUOHIO.EDU> Fecha: Martes 29 de Diciembre de 1998 2:58 PM Asunto: Kryptonite v2.0 Now Available! A totally free, solid encryption program is now available. Some ways it is better than home-grown encryption programs is: * It uses a proven algorithm: Blowfish. * It uses a hash algorithm to detect tampered files and avoids bad decrypts. This program is in a .ZIP file, and contains program, documentation, and credits. E-mail me if you want it. That goes for _anyone_. However, I would like to thank Davi T. Figueiredo for contributing to this program. Without him, this program would be impossible since he created both the Blowfish algorithm and the hash algorithm from specifications. There is a reason why I am not submitting this to the website. This is an excerpt of the documentation. Let's just say I believe in very civil, very non-violent disobedience. Alan Legal Notice The US government forbids exporting of this program. The author believes, however, that information security is not a weapon, and that everyone is entitled to have strong information security. Therefore, as long as the author has an e-mail address, this package will be available to _anyone_ who wants it. However, _use_ of this package is not restricted in the United States, nor in most places. But it is restricted in some places. Use it at your own risk.
3. Re: Kryptonite v2.0 Now Available!
- Posted by Quality <quality at ANNEX.COM> Dec 29, 1998
- 494 views
Alan: First: Let me say that while I disagree with the current encryption export regs, I do so not because I think they are wrong, but rather because I think they are flawed. There is an inherent assumption that we (Americans) are the only people capable of taking a well published algorithm (like Blowfish) and converting it to executable code. This is pure folly. Quite frankly this smells of quasi racial bigotry by implying that peoples of third world countries are intellectual cripples compared to us. Second: I **STRONGLY** disagree with your decision to hand out this code cart-blanche. Just because you disagree with a law does not give you the right to ignore it. Civil disobedience is a powerful tool, but it must be used with prudence. It should be noted that civil disobedience is only acceptable when ALL other efforts to change the law have been fruitless. That does not apply here. There are a number of lawsuits in action right now to lift some or all export regs. Just because you are impatient is not justification for breaking the law. Third: Current US law also allows for algorithms with 56-bit or smaller keys to be exported. Can your algorithm be adapted to use these smaller key sizes? You could then export a reasonable security software without breaking the law. If and when the regs are lifted you could release the better code. Finally As to your statement "The author believes, however, that information security is not a weapon ...". Are you really this naive or is this just your way of trying to justify (to yourself?) your illegal activities? Information is power and is most often used as either a tool or a weapon. In this case it is a defensive weapon designed to defeat the offensive efforts of whomever is seeking knowledge. Imagine Saddam knew all of our troop movements & attack plans during the original Desert Storm... how effective would we have been if he had detailed access to our information? Maybe you should read the story of PURPLE too. All forms of security are defensive weapons and defensive weapons are the most effective (AND most non-violent) means to the end. Your car alarm (physical security) is a defensive weapon against theft. Your insurance policy (financial security) is a defensive weapon against debt. Your encryption program (information security) **is** a defensive weapon against invasions of privacy. Should we be entitled to such privacy? Absolutely yes. Should we break the law to get it? Not if we can change the law instead, and we can.
4. Re: Kryptonite v2.0 Now Available!
- Posted by Ralf Nieuwenhuijsen <nieuwen at XS4ALL.NL> Dec 29, 1998
- 478 views
- Last edited Dec 30, 1998
Quality wrote: >Second: >I **STRONGLY** disagree with your decision to hand out this code >cart-blanche. Just because you disagree with a law does not give you the >right to ignore it. Civil disobedience is a powerful tool, but it must be >used with prudence. It should be noted that civil disobedience is only >acceptable when ALL other efforts to change the law have been fruitless. >That does not apply here. There are a number of lawsuits in action right now >to lift some or all export regs. Just because you are impatient is not >justification for breaking the law. And this: >Should we break the law to get it? Not if we can change the law instead, and >we can. Since when does one need justification to brake the law ? Since when is it wrong to brake the law ? When I steal a car, do you blame me for braking the law or for taking some one else's property ? What is wrong with 'braking the law' on itself. Do you still live in the illusion of a democracy when you can choose between 2 people/parties ? Democracy means (originated from grech): power to the people. Laws, governemnts, and the whole mess that is there is an 'attempt' to achieve that goal. In the same way certain laws are an attempt to be in the best interest of everybody. But they are *always* an attempt. No law, no rule, no system works for the full 100%. There are always more or less exceptions, and you are serving the attemp, rather than the idea behind it. More than that, you are asking one to give up his own beliefs, in the favor of others. A majority-dictature is not what you want as well, do you ? And maybe this all is hard to except for those who get brainwashed through education, that stimulates national feeling and 'overidealizes' democracy. Just because everybody says so, and because everybody seems to be so convienced does not mean what they say is right. Have you ever considered that they might too be so convienced and repeat after the rest, because you and the rest are saying the same ? End of discussion. Ralf
5. Re: Kryptonite v2.0 Now Available!
- Posted by Alan Tu <ATU5713 at COMPUSERVE.COM> Dec 29, 1998
- 495 views
- Last edited Dec 30, 1998
This shall be the last message on the listserver on this subject. All those who want the file (there is a new version with hidden password entry, file wipe, etc), e-mail me personally. Those inside the US I will give the file. Those outside the US, I will not I will not I will not give you the file anymore, but please, e-mail me still if you want it. But I feel I have to have the chance to respond to some comments that already have been made. >It should be noted that civil disobedience is only acceptable when ALL >other efforts to change the law have been fruitless. In 1955, when Martin Luther King boycotted the buses at Montgomery, couldn't he have filed a suit? I'm sure he could have. >That does not apply here. There are a number of lawsuits in action right >now >to lift some or all export regs. If someone in another land asks for my program, I'm supposed to turn him away? Then I become the instrument of these regulations. > Just because you are impatient is not >justification for breaking the law. I'm not impatient; I already have my program. But some people want this program, now. >Current US law also allows for algorithms with 56-bit or smaller keys to >be >exported. 56-bit keys can be broken by brute-force, as was demonstrated at the Crypto '93 conference. It is no longer considered strong by those authoritative people in the crypto community. 2^56 boggles my mind, but the fact is it isn't considered strong. >If and when the regs are lifted you could release the better code. Why should I have to make the people outside the US wait? I should I choose to be the instrument of, as you put it, bigotry? >>>>> Information is power and is most often used as either a tool or a weapon. In this case it is a defensive weapon designed to defeat the offensive efforts of whomever is seeking knowledge. Imagine Saddam knew all of our troop movements & attack plans during the original Desert Storm... how effective would we have been if he had detailed access to our information? Maybe you should read the story of PURPLE too. <<<<< That's why encryption should be propagated naturally, like a river. >>>>> All forms of security are defensive weapons and defensive weapons are the most effective (AND most non-violent) means to the end. Your car alarm (physical security) is a defensive weapon against theft. Your insurance policy (financial security) is a defensive weapon against debt. Your encryption program (information security) **is** a defensive weapon against invasions of privacy. <<<<< Pardon, but you're damned right. A weapon implies destruction. A Hawke AA missile is destructive. But this is not a weapon; it is a counter-measure since it does not destroy. >Should we be entitled to such privacy? Absolutely yes. Tell me how the people in other countries who don't have the talent to write this can have my program within the next wek legally. >Should we break the law to get it? Not if we can change the law instead, >and >we can. OK, longer timeline. Tell me how I can cause the law to change oh, say, in the next six months? Or even a year? Alan
6. Re: Kryptonite v2.0 Now Available!
- Posted by Quality <quality at ANNEX.COM> Dec 29, 1998
- 475 views
- Last edited Dec 30, 1998
You asked some questions, I will answer them. If anyone wants this discussion to go further we can do it in private e-mail, I am willing to coordinate a small mail-list for interested parties. >In 1955, when Martin Luther King boycotted the buses at Montgomery, >couldn't he have filed a suit? I'm sure he could have. Obviously you don't know much about our history. A great many lawsuits **were** filed but the bigoted courts of the time violated the law and either allowed biased/illegal decisions or dismissed the lawsuits as "frivolous" preventing their day in court. When the courts failed to work then civil disobediance became a **WEAPON** to overcome the system. >>That does not apply here. There are a number of lawsuits in action right >>now to lift some or all export regs. > >If someone in another land asks for my program, I'm supposed to turn him >away? Then I become the instrument of these regulations. You become a dutiful citizen obeying the laws of your country. Not all laws are good, but we have a system that allows changes to bad laws. We should use this system and not bypass it because it is convenient to do so. >I'm not impatient; I already have my program. But some people want this program, now. And some people want heroine and crack legalized. Would you distribute these destructive drugs to people just because they asked for it **now**? I think not. >Why should I have to make the people outside the US wait? I should I >choose to be the instrument of, as you put it, bigotry? You choose to live here. That gives you an obligation to live by the laws of here. Move to Iraq and distribute your code from there if you dont like these laws. I promise you will like their laws even less. >Pardon, but you're damned right. A weapon implies destruction. A Hawke AA >missile is destructive. But this is not a weapon; it is a counter-measure >since it does not destroy. A defensive weapon DESTROYS an offensive effort. A car alarm destroys a burglury attempt. >OK, longer timeline. Tell me how I can cause the law to change oh, say, in >the next six months? Or even a year? Well, you might start by reading up on the current efforts ongoing, then see if you can add anything of value to these efforts. You might be surprised that almost every court decision so far has been on **your** side but laws are indeed slow to change. I understand that the export limit is being raised to 64-bits next year (not sure if this is solid yet). I agree that the law is wrong, but I know our system works (eventually). What we are really talking about is politics, and politics is like Judo, Learn to work within the system and use its own force to change the law. It is not easy, but few worthwhile things are. ** AGAIN, PLEASE REPLY VIA PRIVATE EMAIL AND LETS TAKE THIS OFF THE LIST-SERVER **
7. Re: Kryptonite v2.0 Now Available!
- Posted by Robert Pilkington <pilking at BELLATLANTIC.NET> Dec 30, 1998
- 462 views
>* It uses a hash algorithm to detect tampered files and avoids bad >decrypts. Are you sure that's a good idea? Watch this (using my encryption program, not released.) C:\TEXT>encrypt secure.txt secure.enc Encrypt 1.0 by Robert Brandon Pilkington [E]ncrypt or [D]ecrypt? e Input password: **** Retype password: **** Encrypting... 100% done! C:\TEXT>encrypt secure.txt secure2.enc Encrypt 1.0 by Robert Brandon Pilkington [E]ncrypt or [D]ecrypt? d Input password: ***** Retype password: ***** Decrypting... 100% done! Now, secure2.enc is more secure than secure.enc. To decode it, you have to encrypt it with the decryption password, and decrypt it using the encryption password. Pretty sneaky, the text (or binary, whatever) would be even more mangled, but still repairable. What do you think?
8. Re: Kryptonite v2.0 Now Available!
- Posted by "Carl R. White" <C.R.White at SCM.BRAD.AC.UK> Dec 30, 1998
- 490 views
On Wed, 30 Dec 1998, Robert Pilkington wrote: > C:\TEXT>encrypt secure.txt secure.enc > Encrypt 1.0 by Robert Brandon Pilkington > [E]ncrypt or [D]ecrypt? e > Input password: **** > Retype password: **** > Encrypting... > 100% done! > ...wrong password. Pretty sneaky, the text (or binary, whatever) would > be even more mangled, but still repairable. What do you think? Does it use XOR password encryption? I have something that does this: My Site -> Euphoria -> My Programs -> eucode/ -> eucode.ex eucode.txt My site's down at the moment. Server trouble. It'll be up in the new year. I go home now, Carl -- Carl R White -- Final Year Computer Science at the University of Bradford E-mail...: cyrek- at -bigfoot.com -- Remove the hyphens before mailing. Ta :) URL......: http://www.bigfoot.com/~cyrek/ Ykk rnyllaqur rgiokc cea nyemdok ymc giququezka caysgr -- B.Q.Vgesa
9. Re: Kryptonite v2.0 Now Available!
- Posted by Alan Tu <ATU5713 at COMPUSERVE.COM> Dec 30, 1998
- 459 views
>>>>> Now, secure2.enc is more secure than secure.enc. To decode it, you have to encrypt it with the decryption password, and decrypt it using the encryption password. Pretty sneaky, the text (or binary, whatever) would be even more mangled, but still repairable. What do you think? <<<<< It is sneaky, and therefore more secure. But I'm not counting on sneaks here; I'm counting on blowfish. Your program (I don't mean this mean) is one of those fly-by-nighters; hey, I made one. Its soley based on algorithm. So you can decrypt and encrypt or whatever; in the "business" world, e is e and d is d. See what I mean? Alan
10. Re: Kryptonite v2.0 Now Available!
- Posted by Flash Braden <anathema at IX.NETCOM.COM> Dec 30, 1998
- 465 views
- Last edited Dec 31, 1998
Ralf, you sanctimonious moron, the word is spelled B R E A K, not B R A K E. The post to which you are responding contains several correctly spelled examples for you to copy. Last but not least, your perspective on the law is no better than your spelling. So, tell me, how long have you been employed at the White House? cheers, -Flash-> Ralf Nieuwenhuijsen wrote: > > Quality wrote: > >Second: > >I **STRONGLY** disagree with your decision to hand out this code > >cart-blanche. Just because you disagree with a law does not give you the > >right to ignore it. Civil disobedience is a powerful tool, but it must be > >used with prudence. It should be noted that civil disobedience is only > >acceptable when ALL other efforts to change the law have been fruitless. > >That does not apply here. There are a number of lawsuits in action right > now > >to lift some or all export regs. Just because you are impatient is not > >justification for breaking the law. > > And this: > >Should we break the law to get it? Not if we can change the law instead, > and > >we can. > > Since when does one need justification to brake the law ? > Since when is it wrong to brake the law ? > > When I steal a car, do you blame me for braking the law or for taking some > one else's property ? > > What is wrong with 'braking the law' on itself. Do you still live in the > illusion of a democracy when you can choose between 2 people/parties ? > Democracy means (originated from grech): power to the people. Laws, > governemnts, and the whole mess that is there is an 'attempt' to achieve > that goal. > > In the same way certain laws are an attempt to be in the best interest of > everybody. But they are *always* an attempt. No law, no rule, no system > works for the full 100%. There are always more or less exceptions, and you > are serving the attemp, rather than the idea behind it. > > More than that, you are asking one to give up his own beliefs, in the favor > of others. A majority-dictature is not what you want as well, do you ? > > And maybe this all is hard to except for those who get brainwashed through > education, that stimulates national feeling and 'overidealizes' democracy. > Just because everybody says so, and because everybody seems to be so > convienced does not mean what they say is right. Have you ever considered > that they might too be so convienced and repeat after the rest, because you > and the rest are saying the same ? > > End of discussion. > > Ralf -- ------------------- C. C. -Flash-> Braden, linkmaster: http://www.freecitizen.com/ This week's cartoon: http://www.freecitizen.com/carlmoore/NEW.HTM
11. Re: Kryptonite v2.0 Now Available!
- Posted by Ralf Nieuwenhuijsen <nieuwen at XS4ALL.NL> Dec 31, 1998
- 474 views
Flash lived up to his age and said: >So, tell me, how long have you been employed at the White House? Interesting. You feel I insulted your country, and as your been programmed, and as you have associated america with yourself, you are going to defend is. Since normal reason doesnt work, you resort to having comments on my spelling. This is *constructive* critism on your society, without at any point making any comparsiments with other societies. Now, get over you ego, and start using reason: As to your (pathic) 'argument' above: The White House has got nothing to do with it. To be a more positive person (and insult less others) I assumed, the positive motivations behind the existence of a law, which is: A law is the 'implementation' of the goal: society, preferbly democracy The second you claim that my view is wrong, is the second YOU claim to live under a fascist regime. Not me. However, no implementation is always correct. However, it is always *applied*. It are these situaties where people are suprised because ethics are compromized. Now 'Quality' said that we should obey the law, unless there is no way to change it. It is one of his values. In which my return (should have been/was):: maybe I and Alan (the person in question who wanted to offer his code) have different values. Personally, I dont believe obbeying *every* law in *every* case, helps the goal behind the laws, which is: (again) society, preferbly democracy, for me. And I know that religious people, and other people too, have values much stronger than obbey the laws of the state where they currently live in. And the amount of nationalism that floads out of your message, gives me a hint, that if you are not aware that these same 'values' / 'goals' were behind YOUR society (the society in question, in other words: no comparisment is made to other countries, what so ever, dont feel insulted: you are not your country, and you are not responsible for all it flaws. I would kill myself, if I felt responsible for all MY country(= Holland) flaws.) No, I have explained with for me 'breaking' (correctly spelled ?) a law is not always in conflict with my ethics, and I know, it is not always in conflict with the values of many. The whitehouse *makes* the laws, not the ideals behind it, and like me, can only assume the positive goal behind such a law. Their opinion is not important to me.. what the (beep) has the white house got to do with this. They are only the machine that tries to implement those goals. And I believe they really try that. Like most western goverments try that. And like America, and like Holland, and like many other countries they prove it is not easy to do so. Also because society is a dynamic thing, they are always running behind it. No, you either accept and respect this opinion, or eh.. I dont care.. shoke in your nationalism, but try to 'puke' in the direction of my mail, rather than the list-server: nieuwen at xs4all.nl Ralf
12. Re: Kryptonite v2.0 Now Available!
- Posted by Adam Weeden <SkaMan325 at AOL.COM> Dec 31, 1998
- 467 views
This battle of wits and getting the last word in needs to stop, I, as a casual observer, have to step in for the good of the server and the people on it who want pure unadulterated information on programming. I ask as a mature human being that all contributing parties who are not making Non-euphoria programming posts stop immediately. Thank you for your cooperation, Adam