esub decrypter question
Chris
in, and have the app attempt to decrypt them? That's all I want; not JBN2 or QS
or something else that's a new(mis)reader &/or an emailer or
this-that-and-the-other.
Just a simple little app that takes a list of those 48-character-long lines and
applies a key to them and shows me what it gets.
I'd really appreciate any help.
Thanks.
--
Time flies like an arrow.
Time files when you're having fun.
Therefore, when you're having fun it's like an arrow.
Chris
>Is there some app where I can take a list of "esub"'d lines, feed them and a key
>in, and have the app attempt to decrypt them? That's all I want; not JBN2 or QS
>or something else that's a new(mis)reader &/or an emailer or
>this-that-and-the-other.
>
>Just a simple little app that takes a list of those 48-character-long lines and
>applies a key to them and shows me what it gets.
OK, I've done a little research, and have a better idea what I'm looking for.
Now, esub-ing is done by doing an MD5 hash of the subject, then using the
"Encrypt-Subject:" as a key for IDEA in CFB mode. The result is used in the
Subject: field.
So, I'm looking for an app (or two apps) to, firstly, MD5 the original subject,
and, secondly, to apply IDEA in CFB mode to the "Subject:" with the key I give
it.
I'd accept having to d/l all the posts in a.a.m with esub-like Subject:'s, then
either doing a copy on each and run the (second) app, or copy and paste to a
txt file, and running the app on them all at once.
I've tried googling, but I'm getting back more results than I can handle, and
all of them are over my head in re. programming/technical stuff.
>I'd really appreciate any help.
Make that really, *really*, REALLY appreciate any help
>Thanks.
>
>
>--
>Time flies like an arrow.
>Time files when you're having fun.
>Therefore, when you're having fun it's like an arrow.
--
Life is a short, warm moment
And death is a long cold rest.
Chris
<Use-Author-Address-Header@[127.1]> said:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>> >Is there some app where I can take a list of "esub"'d lines, feed them and a key
>> >in, and have the app attempt to decrypt them? That's all I want; not JBN2 or QS
>> >or something else that's a new(mis)reader &/or an emailer or
>> >this-that-and-the-other.
>> >
>> >Just a simple little app that takes a list of those 48-character-long lines and
>> >applies a key to them and shows me what it gets.
>
>I think you could do all that with Quicksilver News. Without using the
>Quicksilver module at all, since the news app is a separate program,
>which afaict is all you want.
Ah, is it? I thought QS did news via a plug-in.
Last I heard, I would need to d/l Mixmaster (which QS depends on), QS, the QS
PGP plugin, and the QS news plugin. Then unzip all, then install all.
>> So, I'm looking for an app (or two apps) to, firstly, MD5 the original subject,
>> and, secondly, to apply IDEA in CFB mode to the "Subject:" with the key I give
>> it.
>
>and if the tool is called Quicksilver News, that does both of the
>things you indicate above, why would you not use it, and instead choose
>to reinvent the wheel?
Well, if QS News is completely self-contained, not needing anything else (or
nothing more than PGP 6.5.8), then I could use it.
And it's not the wheel, it's the whole damned fleet of semi-trucks, that JBN/QS
should be compared to. Since all I want is the wheel, that's what I'm asking
for.
>Maybe I misunderstood your question?
No, just the background.
To be clear, I've tried JBN and found it unwieldy to defective (I changed my
keyring in PGPKeys, and JBN "lost" all my private keys, it's a pain to get to to
not look on the 'net for keyrings & stats, etc.) I never tried QS because I
didn't want to have to deal with Mixmaster and two plugins, just to do one small
job.
It simply seems to me that there ought to be a simple little app to decrypt
esubs. In fact, a simple little app to decrypt IDEA-in-CBF-mode ought to be
around somewhere.
Anyone know where I could get such?
QuickSilver
Hi Chris!
In article <3cb776a2.14914139@localhost>
Chri...@nwlink.com.com (Chris) wrote:
>
> Hey, remember back on 12 Apr 2002 13:27:15 -0000, when Lucas
> <Use-Author-Address-Header@[127.1]> said:
>
> >-----BEGIN PGP SIGNED MESSAGE-----
> >
> >> >Is there some app where I can take a list of "esub"'d lines, feed them and a key
> >> >in, and have the app attempt to decrypt them? That's all I want; not JBN2 or QS
> >> >or something else that's a new(mis)reader &/or an emailer or
> >> >this-that-and-the-other.
> >> >
> >> >Just a simple little app that takes a list of those 48-character-long lines and
> >> >applies a key to them and shows me what it gets.
> >
> >I think you could do all that with Quicksilver News. Without using the
> >Quicksilver module at all, since the news app is a separate program,
> >which afaict is all you want.
>
> Ah, is it? I thought QS did news via a plug-in.
>
> Last I heard, I would need to d/l Mixmaster (which QS depends on), QS, the QS
> PGP plugin, and the QS news plugin. Then unzip all, then install all.
>
>
> >> So, I'm looking for an app (or two apps) to, firstly, MD5 the original subject,
> >> and, secondly, to apply IDEA in CFB mode to the "Subject:" with the key I give
> >> it.
> >
> >and if the tool is called Quicksilver News, that does both of the
> >things you indicate above, why would you not use it, and instead choose
> >to reinvent the wheel?
>
> Well, if QS News is completely self-contained, not needing anything else (or
> nothing more than PGP 6.5.8), then I could use it.
Well, ya know what...QSnews is a standalone program, but it puts its
incoming mail the QS database. You would have no means of reading the
mail.
> And it's not the wheel, it's the whole damned fleet of semi-trucks, that JBN/QS
> should be compared to. Since all I want is the wheel, that's what I'm asking
> for.
The esub does not require any external pgp at all. I know you tried JBN
but QS is another beast entirely. You have a lot of misconceptions. For
example, QS is not installed in the manner you suggest. You download
the main program and then the program's update wizard handles all
future downloads/installs.
Here is something I might suggest. Download and install QS.9b20.2--no
plugins. When you run the program is run it will tell you that you
don't need mixmaster, but some features will not be available. Add the
QSnews program. Essentially QS would act as a mail reader for the news
program--I believe...I honestly don't have time right to look into this
but if you will, it might be worth the time. If you had not tested JBN
first you might be using QS right now. It's _nothing_ like JBN. If it
is like anything, it's like Eudora.
QS comes with it's own uninstall program. If you don't like it,
uninstall it, but why not give it a chance. QS is not a fleet of semis.
Please do not call it that when you know next to nothing about it.
If you should test the scenario I mention above, and it works out, you
may still be nagged at startup by the 'no mixmaster' message. If so,
let me know. I may be able to eliminate that.
Richard
- --
R.Christman
Benchmark Software
quick...@skuz.net
http://quicksilver.skuz.net
-----BEGIN PGP SIGNATURE-----
Version: N/A
iQBVAwUBPLeJXvkiDnOECmYBAQE4jwIAlrWUWnigiEjHimw0tkb7r5hny6eUNnVE
D8yezWrYDq0hgAnJJu0NM5iaQ7KbB//noiOfiGIIhVwFGQBjlw5opQ==
=iSv+
-----END PGP SIGNATURE-----
Chris
<Use-Author-Supplied-Address-Header@[127.1]> said:
>Well, ya know what...QSnews is a standalone program, but it puts its
>incoming mail the QS database. You would have no means of reading the
>mail.
What file would the "QS database" be?
>> And it's not the wheel, it's the whole damned fleet of semi-trucks, that JBN/QS
>> should be compared to. Since all I want is the wheel, that's what I'm asking
>> for.
>
>The esub does not require any external pgp at all. I know you tried JBN
>but QS is another beast entirely. You have a lot of misconceptions. For
>example, QS is not installed in the manner you suggest. You download
>the main program and then the program's update wizard handles all
>future downloads/installs.
>
>Here is something I might suggest. Download and install QS.9b20.2--no
>plugins. When you run the program is run it will tell you that you
>don't need mixmaster, but some features will not be available. Add the
>QSnews program.
Done.
Now comes a problem; I haven't (yet) made a replacement nym with the esub
directive (I had had one, but with the problems I had trying to use JBN, I gave
up and deleted it). I set QS to point at NewsProxy (aka nfilter), and told it to
download everthing from a.a.m. I got the following message:
Connecting to 127.0.0.1...
200 NNTP Filtering Proxy v1.2.0. For info type help
211 11262 459405 470667 alt.anonymous.messages /all
Scanning 11262 new headers
205 closing connection - goodbye!
Connection closed!
No mail
So, does QS simply ignore any post where it can't decrypt an esub? Or is
something else wrong?
An Metet
> > No, just the background.
> > To be clear, I've tried JBN and found it unwieldy
Lucas wrote:
> Thanks for clarifying Chris,
>
> I never was able to run JBN, sounds like a blessing now.
>
> Are you a handroller? If so, take it from an ex-handroller, QS is an
> incredibly useful tool, far easier than handrolling.
>
> It would be interesting to hear if you agree, and based on your
> experience with JBN, you might have a credible opinion when comparing
> the two programs.
Do you suppost this person might also have a credible opinion when comparing
the two programs ?
Message-ID: <0944a8d200eef7f0...@remailer.havenco.com>
:I came to anonymous remailers as I run a site that is extremely critical of
:a well known charity.
:
:I wanted to remain anonymous so tnat I did not suffer from their spite.
:
:I looked at JBN and was completely baffled by it.
:
:I looked at Quicksilver and liked what I saw but...I have not yet been able
:to create a nym using QS.
:
:Ihave followed all the suggestions, and recommendations, I have still not
:created a nym with QS.
:
:I now use JBN all the time for mail and news postings. Once I read the
:helpfiles I found it very easy to use.
:
:Sorry but JBN for me.
Notice the person said "Once I read the helpfiles I found it very easy to use."
My guess is that the majority of these JBN bashers are kids with very short
attention spans. See what watching all that MTV will do to you? :)
QuickSilver
In article <3cb7a696.27191850@localhost>
Chri...@nwlink.com.com (Chris) wrote:
>
> Hey, remember back on Fri, 12 Apr 2002 19:29:38 -0600 (MDT), when QuickSilver
> <Use-Author-Supplied-Address-Header@[127.1]> said:
>
> >Well, ya know what...QSnews is a standalone program, but it puts its
> >incoming mail the QS database. You would have no means of reading the
> >mail.
>
> What file would the "QS database" be?
That is the file QS.dbc. Even when not encrypted it is in a proprietary
binary format. It requires QS to to read it.
> >> And it's not the wheel, it's the whole damned fleet of semi-trucks, that JBN/QS
> >> should be compared to. Since all I want is the wheel, that's what I'm asking
> >> for.
> >
> >The esub does not require any external pgp at all. I know you tried JBN
> >but QS is another beast entirely. You have a lot of misconceptions. For
> >example, QS is not installed in the manner you suggest. You download
> >the main program and then the program's update wizard handles all
> >future downloads/installs.
> >
> >Here is something I might suggest. Download and install QS.9b20.2--no
> >plugins. When you run the program is run it will tell you that you
> >don't need mixmaster, but some features will not be available. Add the
> >QSnews program.
>
> Done.
Hey! Thanks for taking a look!
> Now comes a problem; I haven't (yet) made a replacement nym with the esub
> directive (I had had one, but with the problems I had trying to use JBN, I gave
> up and deleted it). I set QS to point at NewsProxy (aka nfilter), and told it to
> download everthing from a.a.m. I got the following message:
>
> Connecting to 127.0.0.1...
> 200 NNTP Filtering Proxy v1.2.0. For info type help
> 211 11262 459405 470667 alt.anonymous.messages /all
> Scanning 11262 new headers
> 205 closing connection - goodbye!
> Connection closed!
> No mail
>
>
> So, does QS simply ignore any post where it can't decrypt an esub? Or is
> something else wrong?
You have it correct. QSnews is not a newsreader per se. It is a
personal NNTP mail retrieval system. Like POP3, it is only interested
in your mail.
However, there is another mode. When you are adding newsgroups in the
Newsgroup Profile Dialog there is a checkbox at the top of the dialog
labeled 'download all'. If this box is checked, QSnews will download
all new messages each time you run the program. Still, only your mail
will be kept. The rest are discarded immediately after download. If a
person has high security requirements downloading only their own mail
could be risky.
Had you had ticked downloadall with those 11000 messages, we wouldn't
have heard from you 'til next week!
Feel free to ask questions.
Richard
- --
R.Christman
Benchmark Software
quick...@skuz.net
http://quicksilver.skuz.net
-----BEGIN PGP SIGNATURE-----
Version: N/A
iQBVAwUBPLfHA/kiDnOECmYBAQGhLgH/bgU3j11WudIXoJJqE1wdi7VbheCULwiW
pSdH4vAYiSXuuweirIJ9fBPAvFwNVWvdtopnp2O2n0ufdalkczqAkg==
=EESf
-----END PGP SIGNATURE-----
Doc.Cypher
On 13 Apr 2002, Lucas <Use-Author-Supplied-Address-Header@[127.1]> wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>
>> >Maybe I misunderstood your question?
>>
>> No, just the background.
>> To be clear, I've tried JBN and found it unwieldy
>
>Thanks for clarifying Chris,
>
>I never was able to run JBN, sounds like a blessing now.
>
>Are you a handroller? If so, take it from an ex-handroller, QS is an
>incredibly useful tool, far easier than handrolling.
>
>It would be interesting to hear if you agree, and based on your
>experience with JBN, you might have a credible opinion when comparing
>the two programs.
That would not be fair. If Chris failed to get to grips with JBN he would
not be in a position to do a comparison with QS, or review of the package.
Any review or analysis should be carried out by someone who can maintain an
unbiased viewpoint and has managed to fully master both packages.
FWIW, When I first started out I attempted to get PI going, but soon read
in this group that it was outdated/dead and JBN was the better package to
pick up. QS was available, but at that time did not support nyms. From my
research I already understood the operation of cypherpunk remailers so the
lack of support for them was another -ve point against QS. I've since tried
QS, but simply didn't like the interface. I'm sure the program is perfectly
usable but it has its own learning curve which I didn't feel like going
through.
Doc.
- --
The bigger the humbug, the better people will like it.
~ Phineas Taylor Barnum. http://vmsbox.cjb.net
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQEVAwUBPLdm8sriC3SGiziTAQFeLwf/VLpcqTyWFZrcEQn//B6Mmih4tlqHPqyX
CK+701+K5DgF7lKpRCd3szhB6vFf0+kj4AyzKNIN1vHmi+bRa/Rmq9L17c2jE+4n
XieaCx6J4Th9l4gNM9Qt5+5NBTHOs5VWRMij1SCr5H9oVgWJfh9qyVAD5er3knuZ
vVAU0f2iFzGwzeBcZti3JHnKnt6sLQWyP7Zd0Gh8pXxnVpI14dx01q6Vs7s3Qg4F
yOTaYTtpFMN0lC7X8OF5hp0mMMdeWmAAplCxyG4d6s8ZAs7RMXPWN9iRMKfdU7jm
RJMjbJAvzhrXYdwQCMKFuUKA+/klv9P8pkhCYx3kZLAfT9fPFRecwg==
=Qc4L
-----END PGP SIGNATURE-----
Doc.Cypher
On 13 Apr 2002, Lucas <Use-Author-Supplied-Address-Header@[127.1]> wrote:
>Hello Doc,
>
>I did not mean to get into a QS/JBN bashing argument. I apologize.
>
>otoh, if Chris was unable to master JBN, for any reason, and he
>succeeds at mastering QS because the interface is more compatible with
>his style, then I still think it would be a valid case for comparison
>of the ease of use, or shorter learning curve, for QS. At least for
>Chris.
Yes, for Chris. However, that isn't fair to then make a sweeping
generalisation about either package being better, or easier than the other.
>Whatever tool gets the job done is a good tool. For you that is JBN,
>and that is good.
>
>btw, does JBN allow you to disable remailers in such a way that you can
>use wildcards to pull only from your selected list of remailers, or
>must you type the remailer names by hand to prevent the wildcard from
>accessing remailers you dont trust?
Yes, from the documentation...
Never choose these remailers as AUTO or RANDOM
If because of unreliability or security concerns you don't want certain
remailers to be chosen as AUTO or RANDOM remailers, list the remailers'
names or addresses here, one name or email address per line. This affects
both Cypherpunk and Mixmaster AUTO and RANDOM remailer selection.
Note: When updating this setting, for a change to take effect for RANDOM
remailers, stats must be refreshed.
This also makes reference to another feature of JBN which QS doesn't have,
the AUTO selection of remailers. RANDOM is the same as "*" in QS/mixmaster,
but AUTO has a more complex selection process that includes taking the
Uptime history into consideration.
>I think your point about QS not having NYM features in the past is no
>longer relevant.
Quite so, but it was relevant when I was initially selecting a remailer
client.
>Also, JBN is no longer the only tool that can handle
>esub. It now appears QS may have a feature JBN does not, the ability to
>use wildcards to access only enabled remailers. Is that correct?
Nope, as stated above JBN has this feature.
>I really dont want to bash either program, just checking if the feature
>set is different from one to the other, asided from user interface
>differences, which reflect personal preference and familiarity.
I must admit that I'd find it difficult to work without JBN's remailer
selection process. A chain is built by selecting remailers from a drop-down
list. This list includes the uptime stats, latency, % reliability, and
mixmaster capabilities string of the remailer.
Doc.
- --
The bigger the humbug, the better people will like it.
~ Phineas Taylor Barnum. http://vmsbox.cjb.net
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQEVAwUBPLdm8sriC3SGiziTAQHjDAgAuKrfVh1jeszm+NZtiUH7A/woaxL73j6E
O4hOlffn755lDg/DIhu7/NsMdk9LbngE6AdYU+FBtsoRBXsuQFxU/nt59Q8qQ/sL
MXAPQ9RFUMQzwFX/G7q9RHLxJH8yHFNJkEKdb/NDwN9/R8bYVSQ5JVNQZtAZ/Ktu
BSRwq5jJILw3T8A64SeyzvIiEcB6WbB84guxcquK1EzgarfrGW9SCVwEDJ9U7R32
Fhppt0GsQGP60bqkVm994072DE4xBdhvhvuYCYw2KuXaiKGLWfkQSmnEzl6BK9wX
DDbu66cKw8oWFQfx1VBFaOVRSe0i/3at6DWE8ge8WgQ3p2BTjNOtgg==
=JzlX
-----END PGP SIGNATURE-----
Secret Squirrel
>> I think you could do all that with Quicksilver News. Without using the
>> Quicksilver module at all, since the news app is a separate program,
>> which afaict is all you want.
> Well, if QS News is completely self-contained, not needing anything else (or
> nothing more than PGP 6.5.8), then I could use it.
:Well, ya know what...QSnews is a standalone program, but it puts its
:incoming mail the QS database. You would have no means of reading the mail.
BZZT! Nice try 'Lucas' but looks like ya got it wrong. Better go back to pimping QS.
Doc.Cypher
On 13 Apr 2002, Lucas <Use-Author-Supplied-Address-Header@[127.1]> wrote:
<snip>
>> I must admit that I'd find it difficult to work without JBN's remailer
>> selection process. A chain is built by selecting remailers from a drop-down
>> list. This list includes the uptime stats, latency, % reliability, and
>> mixmaster capabilities string of the remailer.
>
>QS does not have a drop down list interface, but it will allow me to
>specify remailers in a chain, if I did not choose to use wildcards. I
>have not found a reason to build chains by hand though. Is there
>something about using wildcards that does not meet your needs?
In a word, reliability. I only ever send one copy (plus automatically sent
dummy traffic), and I have about a 99% reliability rate. If I did want to
have randomly selected remailers I'd use the aforementioned AUTO feature of
JBN. This is because it also takes into account broken chains. This is
something Mixmaster, and consequently QS, do not. I attribute this to
experiencing lost mail when I played with QS.
Doc.
- --
The bigger the humbug, the better people will like it.
~ Phineas Taylor Barnum. http://vmsbox.cjb.net
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQEVAwUBPLdm8sriC3SGiziTAQEKtgf9EK2z1ocrl+NgwGrf6F1fFFcYq9ZLT6vy
ZxjBLN148v+0MgOJxGztmXnF62GBHpq9ZhkbKRV7toIqjyOvFPBWKCpDm4kpHqZD
pq3PCiMNvc0SG0f0fKVFTOF1q2hseOlHGETdyzeS0uj4q/tsE9+EP9iaeumNIs8E
vWzowAEhAMr/Hg7Dml1FErzJZ9YY7ospx6/tvhX99vOnCTcrAQXvL1GnRRIvhS+W
ELOzA933+XTDs0elVUGmwRJCQzIAc+Rp5vHt18h0kdiO7qQuwdoCvc0hVbIC0orZ
6EhucHYhrwMzRrjFeWRBZyRX4Y9BUZoSE3VtpC1yWTCsRVHR/fzX7Q==
=zI1V
-----END PGP SIGNATURE-----
QuickSilver
Hi Doc!
In article <2002041317212...@gacracker.org>
Doc.Cypher <Use-Author-Supplied-Address-Header@[127.1]> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> On 13 Apr 2002, Lucas <Use-Author-Supplied-Address-Header@[127.1]> wrote:
>
> <snip>
>
> >> I must admit that I'd find it difficult to work without JBN's remailer
> >> selection process. A chain is built by selecting remailers from a drop-down
> >> list. This list includes the uptime stats, latency, % reliability, and
> >> mixmaster capabilities string of the remailer.
> >
> >QS does not have a drop down list interface, but it will allow me to
> >specify remailers in a chain, if I did not choose to use wildcards. I
> >have not found a reason to build chains by hand though. Is there
> >something about using wildcards that does not meet your needs?
>
> In a word, reliability. I only ever send one copy (plus automatically sent
> dummy traffic), and I have about a 99% reliability rate. If I did want to
> have randomly selected remailers I'd use the aforementioned AUTO feature of
> JBN. This is because it also takes into account broken chains. This is
> something Mixmaster, and consequently QS, do not. I attribute this to
> experiencing lost mail when I played with QS.
NOTE: QuickSilver does check and report broken chains.
From what you've stated, it looks as though you are suggesting the
cpunk is more reliable than mixmaster. Are broken chains your sole
basis for this?
Also, do you consider cpunk to be a superior system compared to
mixmaster?
Richard
- --
R.Christman
Benchmark Software
quick...@skuz.net
http://quicksilver.skuz.net
-----BEGIN PGP SIGNATURE-----
Version: N/A
iQBVAwUBPLjY0fkiDnOECmYBAQFcDwIAqo4cK7++pv/boX/8CuqQBDlF4gVYmLUZ
vywa6B8GYDyGl0OSlNfO46CgA8fvxrxQPKnWaCN7PutLhb1qIkZTHQ==
=yEoB
-----END PGP SIGNATURE-----
Chris
<anm...@freedom.gmsociety.org> said:
>My guess is that the majority of these JBN bashers are kids with very short
>attention spans. See what watching all that MTV will do to you? :)
I suggest you go to Google Groups' Advanced Search --
http://groups.google.com/advanced_group_search?hl=en
and put in the following message-ID:
<u3ug41p...@corp.supernews.com>
You'll find a thread in which I asked for, and received, help on a number of
matters that are not in JBN's help files.
Matters, futhermore, that once I resolved them and saw how to get a working nym
lead me to put JBN to the side, and not use it as I found hand-rolling to be a
simple process.
So I'd suggest you not insist on painting everyone who tells of difficulty with
JBN as a "basher" and an idiot.
Chris
<Use-Author-Address-Header@[127.1]> said:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>In article <3cb7a696.27191850@localhost>
>Chri...@nwlink.com.com (Chris) wrote:
>>
>> Hey, remember back on Fri, 12 Apr 2002 19:29:38 -0600 (MDT), when QuickSilver
>> <Use-Author-Supplied-Address-Header@[127.1]> said:
<snip>
>> Now comes a problem; I haven't (yet) made a replacement nym with the esub
>> directive (I had had one, but with the problems I had trying to use JBN, I gave
>> up and deleted it). I set QS to point at NewsProxy (aka nfilter), and told it to
>> download everthing from a.a.m. I got the following message:
>>
>> Connecting to 127.0.0.1...
>> 200 NNTP Filtering Proxy v1.2.0. For info type help
>> 211 11262 459405 470667 alt.anonymous.messages /all
>> Scanning 11262 new headers
>> 205 closing connection - goodbye!
>> Connection closed!
>> No mail
>>
>>
>> So, does QS simply ignore any post where it can't decrypt an esub? Or is
>> something else wrong?
>
>You have it correct. QSnews is not a newsreader per se. It is a
>personal NNTP mail retrieval system. Like POP3, it is only interested
>in your mail.
OK, got it.
>However, there is another mode. When you are adding newsgroups in the
>Newsgroup Profile Dialog there is a checkbox at the top of the dialog
>labeled 'download all'.
Already had done that. I was expecting all the posts, or at least all the
Preview Headers, to be saved to disk. Just out of vague interest, is there any
way to do that? I don't see any real need for that yet, but it might prove a
useful feature at some future point.
>If this box is checked, QSnews will download
>all new messages each time you run the program. Still, only your mail
>will be kept. The rest are discarded immediately after download. If a
>person has high security requirements downloading only their own mail
>could be risky.
>
>Had you had ticked downloadall with those 11000 messages, we wouldn't
>have heard from you 'til next week!
Hardly. For one thing, less than half the posts "get through" NewsProxy, thanks
to the following lines in the filter:
alt.anonymous.messages drop subject:[A-Z;\. ]+
alt.anonymous.messages score:+10 subject:.*
alt.anonymous.messages score:-10 subject:[a-f0-9]{48}
alt.anonymous.messages drop score:10
The first line is optional, but seems to speed things a little.
Also, Supernews's newservers are decently fast. ~11,000 messages took about 20
minutes to d/l.
Chris
<Use-Author-Supplied-Address-Header@[127.1]> said:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>
>> >Maybe I misunderstood your question?
>>
>> No, just the background.
>> To be clear, I've tried JBN and found it unwieldy
>
>Thanks for clarifying Chris,
>
>I never was able to run JBN, sounds like a blessing now.
Oh, I found it invaluable when I couldn't get a hand-rolled nym to work. After
'fighting' with JBN over its desire to sign onto the 'net and replace my
carefully gathered remailer keys with some keyring from where-the-hell-ever, and
its attempts to get stats from ditto, I had it make a couple of nym config
submissions, and found out what I'd been doing wrong.
I've been handrolling since, though. Thing is, handrolled nyms config
submissions pointing at aam have to either have a non-changing Subject: (even
making is a 48-digit hexadecimal number has the problem), or use
Encrypt-Subject: and then have to download all 48-hexadecimal-digit-subject
posts and then try to decrypt *each and every one of them* via PGP; with 60-100
such posts a day, the time, effort, and PTIA would be staggering.
Hence my interest in a little bitty app that takes a list of IDEA-in-CFB-mode
lines and decrypts them using a specific key, and something to MD5 a Subject:,
and does a comparison. Or, in fact, one app to do the MD5, another to decrypt
IDEA-inCFB-mode; the comparison I can do in any word-processing app.
>Are you a handroller? If so, take it from an ex-handroller, QS is an
>incredibly useful tool, far easier than handrolling.
Might be, but there's
A) learning a new program
B) the "Swiss-Army-knife app" problem, aka "Jack of all tasks and master of
none"
which combined comes to first learning how to keep the app from doing what you
don't want it to.
>It would be interesting to hear if you agree, and based on your
>experience with JBN, you might have a credible opinion when comparing
>the two programs.
When I've had more experience with QS I might have something to say.
Chris
<Use-Author-Supplied-Address-Header@[127.1]> said:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>On 13 Apr 2002, Lucas <Use-Author-Supplied-Address-Header@[127.1]> wrote:
>>-----BEGIN PGP SIGNED MESSAGE-----
>>
>>
>>> >Maybe I misunderstood your question?
>>>
>>> No, just the background.
>>> To be clear, I've tried JBN and found it unwieldy
>>
>>Thanks for clarifying Chris,
>>
>>I never was able to run JBN, sounds like a blessing now.
>>
>>Are you a handroller? If so, take it from an ex-handroller, QS is an
>>incredibly useful tool, far easier than handrolling.
>>
>>It would be interesting to hear if you agree, and based on your
>>experience with JBN, you might have a credible opinion when comparing
>>the two programs.
>
>That would not be fair. If Chris failed to get to grips with JBN he would
>not be in a position to do a comparison with QS, or review of the package.
Oh the contrary, I *did* get to grips with it (see my other post for message-ID
for first post in a thread). I found it was a pain to get it to do only what I
wanted to, and not a great deal else that other programs I had/have, and prefer,
did.
Though it did show me what I was doing wrong in hand-rolling nyms, for which I'm
grateful.
>I've since tried
>QS, but simply didn't like the interface. I'm sure the program is perfectly
>usable but it has its own learning curve which I didn't feel like going
>through.
As I, for both QS and JBN.
But, until someone can point me to a program(s) that does MD5 and IDEA-in-CFB,
I'm going to have to use one or the other, or point nyms at my email address, or
continue with pseudo-esub'ed Subject:'s.
QuickSilver
Hi Chris!
In article <3cb8f9b2.14484603@localhost>
AH HA! Yesterday, you had only one simple request. Please decrypt your
esub mail--nothing more. Today, your appetite for features has grown
some. Is that really what you want, more features or just your esub
mail? Programs become unwieldy by the addition of good idea upon good
idea upon good idea...
Sometimes a good idea isn't really good because it isn't necessary. For
example, alt.anonymous.messages is available in your regular
newsreader. It's best there. Read to your hearts content ;)
> >If this box is checked, QSnews will download
> >all new messages each time you run the program. Still, only your mail
> >will be kept. The rest are discarded immediately after download. If a
> >person has high security requirements downloading only their own mail
> >could be risky.
> >
> >Had you had ticked downloadall with those 11000 messages, we wouldn't
> >have heard from you 'til next week!
>
> Hardly. For one thing, less than half the posts "get through" NewsProxy, thanks
> to the following lines in the filter:
> alt.anonymous.messages drop subject:[A-Z;\. ]+
> alt.anonymous.messages score:+10 subject:.*
> alt.anonymous.messages score:-10 subject:[a-f0-9]{48}
> alt.anonymous.messages drop score:10
>
> The first line is optional, but seems to speed things a little.
>
> Also, Supernews's newservers are decently fast. ~11,000 messages took about 20
> minutes to d/l.
Not bad!
Well, anyway, I hope you don't mind me poking a little fun at you. Your
experience was pretty much normal.
Hope you'll continue with QS, if only for esub mail.
Thanks,
Richard
- --
R.Christman
Benchmark Software
quick...@skuz.net
http://quicksilver.skuz.net
-----BEGIN PGP SIGNATURE-----
Version: N/A
iQBVAwUBPLkYg/kiDnOECmYBAQGUNwIAxjUiuV9+YPCIA+0bTX2rglq6wzjcOCNb
SAEtcNpSzBaV42XaBAp1Zs36zKJFTHxP9jqyBLO0htO2x+oiRztJ2A==
=bHOh
-----END PGP SIGNATURE-----
Doc.Cypher
On Sat, 13 Apr 2002, QuickSilver
<Use-Author-Supplied-Address-Header@[127.1]> wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>Hi Doc!
>
>In article <2002041317212...@gacracker.org>
>Doc.Cypher <Use-Author-Supplied-Address-Header@[127.1]> wrote:
>>
>> -----BEGIN PGP SIGNED MESSAGE-----
>>
>> On 13 Apr 2002, Lucas <Use-Author-Supplied-Address-Header@[127.1]> wrote:
>>
>> <snip>
>>
>> >> I must admit that I'd find it difficult to work without JBN's remailer
>> >> selection process. A chain is built by selecting remailers from a
>> >> drop-down
>> >> list. This list includes the uptime stats, latency, % reliability, and
>> >> mixmaster capabilities string of the remailer.
>> >
>> >QS does not have a drop down list interface, but it will allow me to
>> >specify remailers in a chain, if I did not choose to use wildcards. I
>> >have not found a reason to build chains by hand though. Is there something
>> >about using wildcards that does not meet your needs?
>>
>> In a word, reliability. I only ever send one copy (plus automatically sent
>> dummy traffic), and I have about a 99% reliability rate. If I did want to
>> have randomly selected remailers I'd use the aforementioned AUTO feature of
>> JBN. This is because it also takes into account broken chains. This is
>> something Mixmaster, and consequently QS, do not. I attribute this to
>> experiencing lost mail when I played with QS.
>
>NOTE: QuickSilver does check and report broken chains.
I see, and stand corrected. I don't know enough about the operation of QS
to comment further. Does QS call mixmaster to get a chain selected then
report if a broken chain has been selected?
>From what you've stated, it looks as though you are suggesting the
>cpunk is more reliable than mixmaster. Are broken chains your sole
>basis for this?
I've done a little experimentation with sending binaries through the system
and found cypherpunk more reliable for this. However, with text-only
messages that fit into one or two mixmaster packets I do use mixmaster.
>Also, do you consider cpunk to be a superior system compared to
>mixmaster?
Both have their merits, I'd not say one was superior to the other. I know
there are claims that mixmaster is more secure because of the fixed packet
size, but as I understand it most remailers now accept cypherpunk traffic
and turn it into mixmaster packets to send to the next remailer. I like the
fact that this means the message is doubly encrypted while in transit.
Foiling traffic analysis isn't the only issue to take into account when
using remailers, if mixmaster were modified to increase the key size I'd
have no hesitation in saying it was the more secure transport.
FWIW, the key advantage I see to cypherpunk is actually when learning. You
can't make a mixmaster remailer message without mixmaster, but you can use
PGP and a text editor to create a cypherpunk message. Doing so should make
the whole operation of the remailer network a lot clearer and I'd recommend
everyone try it at least once.
Doc.
- --
The bigger the humbug, the better people will like it.
~ Phineas Taylor Barnum. http://vmsbox.cjb.net
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQEVAwUBPLi4csriC3SGiziTAQF2Kwf/ZA1V/nQ1jVZzbzKmjDMb45GX/eBFnpGV
Dac+urWyXd0Hr4DXzF15VRtORRqUbXTeLtAzGbEMSmOJXwxy30PHb6AC1tTjn2dn
4vBmD16gTFMC8jQIHwVciLqKANK9x8ttR1t9h0fRfqc9O2jfpexwRhX6iIKH7lNh
nLULoIbzKmPa3sSCLPv5kLura4tHfA0LEPZHyvtO4idSO6ciDEQB7evZZJTQHf6+
6F7D0bx8JVcIPfgPXImbdSfu8yP0pbW5P3fpnGLfmJYH4h2EcloSHoeNbsNJSV4I
NLj8UsWuFE7j3TCjXtt+sUPn+pbo687FHAto1vV6rNCYH8LWumCO5A==
=s/HO
-----END PGP SIGNATURE-----
Doc.Cypher
On Sun, 14 Apr 2002, Chri...@nwlink.com.com (Chris) wrote:
>Hey, remember back on 13 Apr 2002 02:17:02 -0000, when Lucas
><Use-Author-Supplied-Address-Header@[127.1]> said:
<snip>
>>I never was able to run JBN, sounds like a blessing now.
>
>Oh, I found it invaluable when I couldn't get a hand-rolled nym to work. After
>'fighting' with JBN over its desire to sign onto the 'net and replace my
>carefully gathered remailer keys with some keyring from
>where-the-hell-ever, and
>its attempts to get stats from ditto, I had it make a couple of nym config
>submissions, and found out what I'd been doing wrong.
I don't know if you'll avoid this problem with QS, remailer clients by
their very nature want to have up-to-date statistics. You'll probably find
that you can avoid the keyring issues with it though.
You do point out one of the really nice features in JBN though, the ability
to preview the creation of any message or nym config request. I can well
believe that you found this invaluable in debugging your attempts to do it
manually.
Anyway, the one thing I didn't think was clear when you were trying to
avoid JBN connecting to the net for keys and stats was why you couldn't
bring yourself to trust a stats source. Could you perhaps enlighten me as
to what your trust model is that you cannot pick a stats source? (I can
understand the desire to get keys manually).
>I've been handrolling since, though. Thing is, handrolled nyms config
>submissions pointing at aam have to either have a non-changing Subject: (even
>making is a 48-digit hexadecimal number has the problem), or use
>Encrypt-Subject: and then have to download all 48-hexadecimal-digit-subject
>posts and then try to decrypt *each and every one of them* via PGP; with 60-100
>such posts a day, the time, effort, and PTIA would be staggering.
It would indeed be a pain in the ass.
>Hence my interest in a little bitty app that takes a list of IDEA-in-CFB-mode
>lines and decrypts them using a specific key, and something to MD5 a Subject:,
>and does a comparison. Or, in fact, one app to do the MD5, another to decrypt
>IDEA-inCFB-mode; the comparison I can do in any word-processing app.
I thought that JBN's esub functionality was available as a separate
component, but a check of the potato software site doesn't show it. :-(
Doc.
- --
The bigger the humbug, the better people will like it.
~ Phineas Taylor Barnum. http://vmsbox.cjb.net
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQEVAwUBPLi4csriC3SGiziTAQFn7gf/fQNjGUAHFQghT7W/HaIyIrv7cu0oBytI
mLOktrmwUX2Wq3gEtRdSMeGJjqdJpHd1PjZgUaCiYd7ykU+LYi35HwQU02U1U94j
cdot8J8xsjmEoZK4RO2Ilbf8v5UwDGSjTQHcLTKcak/m0dpnSDPtDSIujc0vO2tD
gYE45r8MZMTWFhbudgRFD6T7pZR9s8hjFK6qwwsFNWSPm4/vWUpu5wfENQ8gelMF
sjcvOAwN1zmEJZ33jUocq5dCS8v9pvpN4sQvrbcHjtnbsn9Wq46PR/w8S1MWcbHT
rDWOm8WkSOzkunqTF6dNUENMiq9eJgA11oonv7vD61CqtOkdxb3T/A==
=uYsY
-----END PGP SIGNATURE-----
QuickSilver
In article <2002041407565...@gacracker.org>
Yes, I was wondering, myself, why you chose to comment considering your
level of experience with QS ;) However, it would seem to me that Chris,
for example, could relate initial experiences with both programs since
they are both new to him. On the other hand, because of your mastery of
JBN, your opinion after 'playing' with QS cannot be considered unbiased.
> Does QS call mixmaster to get a chain selected then
> report if a broken chain has been selected?
Yes, that's it exactly.
> >From what you've stated, it looks as though you are suggesting the
> >cpunk is more reliable than mixmaster. Are broken chains your sole
> >basis for this?
>
> I've done a little experimentation with sending binaries through the system
> and found cypherpunk more reliable for this. However, with text-only
> messages that fit into one or two mixmaster packets I do use mixmaster.
I agree, very large messages are not good candidates for the mixmaster
system. You said you attributed the lost mail you experienced with QS
to broken chains. QS reports the chains at the time of sending, and
stores the info in a couple different logs. Did you compare these
chains with the broken type2 chain list?
Last year I downloaded/installed JBN214 and gave it a test drive. I
also didn't like the interface and I also had lost mail. I just
chaulked it up to my own ineptitude with the program.
I think new users of both programs may have a few failures before
getting things running smoothly. Still, I know from feedback that many
QS users are successful from the very first message. I'm sure this is
true of JBN also.
> >Also, do you consider cpunk to be a superior system compared to
> >mixmaster?
>
> Both have their merits, I'd not say one was superior to the other. I know
> there are claims that mixmaster is more secure because of the fixed packet
> size, but as I understand it most remailers now accept cypherpunk traffic
> and turn it into mixmaster packets to send to the next remailer. I like the
> fact that this means the message is doubly encrypted while in transit.
> Foiling traffic analysis isn't the only issue to take into account when
> using remailers, if mixmaster were modified to increase the key size I'd
> have no hesitation in saying it was the more secure transport.
Mix3 is in development currently and there is a lot of discussion
regarding v3 keys. Since you mention it, though, do you have some real
world evidence that mixmaster encryption has been broken? Are my
mixmaster messages being broken?
You say one is not better than the other. Consensus by experts
contradict this and in 2001 the US government patented an idea for a
remailer system (onion skin routers) specifically citing mixmaster as
the current state of the art.
Also, Mixmaster has proven it is, in fact, a more reliably system than
cpunk. Here is some real world evidence.
Broken type-I remailer chains:
(cripto dismix)
(cmeclax shinn)
(cthulu hedonist)
(randseed cmeclax)
(segfault *)
(xganon *)
(xganon2 *)
(* freaky)
(* xganon)
Broken type-II remailer chains:
(cmeclax shinn)
(cthulu hedonist)
(dismix cthulu)
(* xganon)
At any given time, you'll find there are generally 2 to 1 broken chains
between cpunk and mix.
> FWIW, the key advantage I see to cypherpunk is actually when learning. You
> can't make a mixmaster remailer message without mixmaster, but you can use
> PGP and a text editor to create a cypherpunk message. Doing so should make
> the whole operation of the remailer network a lot clearer and I'd recommend
> everyone try it at least once.
You prefer the kludged cpunk system to the system that was designed,
from the ground up, (with knowledge of cpunk shortcomings) to be a
dedicated and superior remailer system?
Richard
- --
R.Christman
Benchmark Software
quick...@skuz.net
http://quicksilver.skuz.net
-----BEGIN PGP SIGNATURE-----
Version: N/A
iQBVAwUBPLnmIfkiDnOECmYBAQFDgAIAw698ROoukkRE3A16Qe+N4c/rMuXtmbjh
dkn0YLiTRyftJdg1g6b+J3nDow7R5prHC13K4pNEGf/lDMkfMk5q/A==
=7Ohg
-----END PGP SIGNATURE-----
Chris
<Use-Author-Address-Header@[127.1]> said:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>On Sun, 14 Apr 2002, Chri...@nwlink.com.com (Chris) wrote:
<snip>
>>Oh, I found it invaluable when I couldn't get a hand-rolled nym to work. After
>>'fighting' with JBN over its desire to sign onto the 'net and replace my
>>carefully gathered remailer keys with some keyring from
>>where-the-hell-ever, and
>>its attempts to get stats from ditto, I had it make a couple of nym config
>>submissions, and found out what I'd been doing wrong.
>
>I don't know if you'll avoid this problem with QS, remailer clients by
>their very nature want to have up-to-date statistics. You'll probably find
>that you can avoid the keyring issues with it though.
With JBN it turned out to be a matter of pointing it to an on-disk file when it
wanted stats.
<snip>
>Anyway, the one thing I didn't think was clear when you were trying to
>avoid JBN connecting to the net for keys and stats was why you couldn't
>bring yourself to trust a stats source. Could you perhaps enlighten me as
>to what your trust model is that you cannot pick a stats source? (I can
>understand the desire to get keys manually).
Not a matter of threat model, but of useful of the program.
1) I don't like programs trying to access the 'net unless *I* send them looking.
2) The only thing JBN (and I assume QS) want stats for it to tell me when I've
picked a remailer w/less than sterling uptime, or long latency, or with
this,that&theother capability. Since I keep a closeish eye on how remailers are
doing re. uptime, almost always use a "Latent-time:" directive, and check
capabilities, I found JBN to be, bluntly, a nag about this stuff.
Thus, I prefered to alter the on-disk stat 'source' to show good uptime and
latency, so JBN wouldn't nag me so much.
<snip>
>>Hence my interest in a little bitty app that takes a list of IDEA-in-CFB-mode
>>lines and decrypts them using a specific key, and something to MD5 a Subject:,
>>and does a comparison. Or, in fact, one app to do the MD5, another to decrypt
>>IDEA-inCFB-mode; the comparison I can do in any word-processing app.
>
>I thought that JBN's esub functionality was available as a separate
>component, but a check of the potato software site doesn't show it. :-(
Damn! You don't suppose it used to be available, but isn't any longer, do you?
Doc.Cypher
On Sun, 14 Apr 2002, QuickSilver
<Use-Author-Supplied-Address-Header@[127.1]> wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>In article <2002041407565...@gacracker.org>
>Doc.Cypher <Use-Author-Supplied-Address-Header@[127.1]> wrote:
<snip>
>> I see, and stand corrected. I don't know enough about the operation of QS to
>> comment further.
>
>Yes, I was wondering, myself, why you chose to comment considering your
>level of experience with QS ;) However, it would seem to me that Chris,
>for example, could relate initial experiences with both programs since
>they are both new to him. On the other hand, because of your mastery of
>JBN, your opinion after 'playing' with QS cannot be considered unbiased.
Quite correct. I'm sorry I got into this JBN vs QS thing (again), but Lucas
did sort-of start it by commenting on JBN which he never got to work.
>> Does QS call mixmaster to get a chain selected then report if a broken
>> chain has been selected?
>
>Yes, that's it exactly.
I actually think you might have one over JBN there, at least for what JBN
refers to as RANDOM remailers (equivalent to * in Mixmaster/QS). This would
be why JBN has the AUTO option where it does the random selection instead
of Mixmaster. Of course, this is probably due to the version of Mixmaster
that JBN works with. Again, as you support a much more recent version of
Mixmaster this is where you get another point over JBN.
>> >From what you've stated, it looks as though you are suggesting the
>> >cpunk is more reliable than mixmaster. Are broken chains your sole basis
>> >for this?
>>
>> I've done a little experimentation with sending binaries through the system
>> and found cypherpunk more reliable for this. However, with text-only
>> messages that fit into one or two mixmaster packets I do use mixmaster.
>
>I agree, very large messages are not good candidates for the mixmaster
>system. You said you attributed the lost mail you experienced with QS
>to broken chains. QS reports the chains at the time of sending, and
>stores the info in a couple different logs. Did you compare these
>chains with the broken type2 chain list?
I didn't see what chains were selected, my tests involved specifying only
two remailers, an exit one and a randomly selected entry one. If you've got
the attachment function working in QS then it's probably better able to get
large messages through the Mixmaster network. My attachment testing was
prompted by someone querying here how to send binaries, I used JBN for
that.
>Last year I downloaded/installed JBN214 and gave it a test drive. I
>also didn't like the interface and I also had lost mail. I just
>chaulked it up to my own ineptitude with the program.
>
>I think new users of both programs may have a few failures before
>getting things running smoothly. Still, I know from feedback that many
>QS users are successful from the very first message. I'm sure this is
>true of JBN also.
I'll admit that when I was getting started I lost a few messages. I just
chalked that up to experience too. Of course it would seem that the way
I've learned to use the network isn't going to be much use with QS and I'd
not only have a new interface to learn, but have to change the way I work
with the remailer network. Anyway, I don't really need to use the network,
and my IP address is available in every post I make.
>> >Also, do you consider cpunk to be a superior system compared to mixmaster?
>>
>> Both have their merits, I'd not say one was superior to the other. I know
>> there are claims that mixmaster is more secure because of the fixed packet
>> size, but as I understand it most remailers now accept cypherpunk traffic
>> and turn it into mixmaster packets to send to the next remailer. I like the
>> fact that this means the message is doubly encrypted while in transit.
>> Foiling traffic analysis isn't the only issue to take into account when
>> using remailers, if mixmaster were modified to increase the key size I'd
>> have no hesitation in saying it was the more secure transport.
>
>Mix3 is in development currently and there is a lot of discussion
>regarding v3 keys. Since you mention it, though, do you have some real
>world evidence that mixmaster encryption has been broken? Are my
>mixmaster messages being broken?
I have no real-world evidence to back up my opinions, but I certainly hope
that a longer key is chosen for Mix3. Problem is, that would break clients
like JBN.
>You say one is not better than the other. Consensus by experts
>contradict this and in 2001 the US government patented an idea for a
>remailer system (onion skin routers) specifically citing mixmaster as
>the current state of the art.
As I understood it, the criteria by which they judged this was the
traceability, not the breakability. There's been some stuff floating around
recently about new brute-force methods to break PGP. It made me wonder if
the key length of Mixmaster was still secure against TLAs.
>Also, Mixmaster has proven it is, in fact, a more reliably system than
>cpunk. Here is some real world evidence.
>
>Broken type-I remailer chains:
>(cripto dismix)
>(cmeclax shinn)
>(cthulu hedonist)
>(randseed cmeclax)
>(segfault *)
>(xganon *)
>(xganon2 *)
>(* freaky)
>(* xganon)
>
>Broken type-II remailer chains:
>(cmeclax shinn)
>(cthulu hedonist)
>(dismix cthulu)
>(* xganon)
>
>At any given time, you'll find there are generally 2 to 1 broken chains
>between cpunk and mix.
I'll accept that. Probably due to remailers having stale mix keys and using
mixmaster to send to the next remailer. That just doesn't happen when you
use mixmaster only. The broken Type II are probably due to remix-to being
in force at the remailer, and again stale keys.
>> FWIW, the key advantage I see to cypherpunk is actually when learning. You
>> can't make a mixmaster remailer message without mixmaster, but you can use
>> PGP and a text editor to create a cypherpunk message. Doing so should make
>> the whole operation of the remailer network a lot clearer and I'd recommend
>> everyone try it at least once.
>
>You prefer the kludged cpunk system to the system that was designed,
>from the ground up, (with knowledge of cpunk shortcomings) to be a
>dedicated and superior remailer system?
I like some of those "kludged" features. :-) I also understand that
mixmaster takes a great deal of the control away from the user to prevent
them doing things that could endanger their security. What I was trying to
emphasize was that you can't beat cypherpunk as a learning tool. I'm
certainly not trying to get into some sort of contest of one client is
better than the other. There are features in each that cannot be compared
with the other. I simply don't think a proper comparison can actually be
done.
Doc.
- --
The bigger the humbug, the better people will like it.
~ Phineas Taylor Barnum. http://vmsbox.cjb.net
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQEVAwUBPLoJ8sriC3SGiziTAQGmfwf+OTIGxHxHtO9Kffwa7NDzMIzLE4/OLIKd
tR8HBzbhVNeY+TyESgDBtyc7IJDe8HRAqUYzkTFZlTyJkAXRdDMsXs4cFOHBrkM1
F+wKnmEJLBOOY/GwZEYsgWbNBGp5Nkyrw4p9zkAWxSQZERxLA68UkviihMcARcmI
DDS+2TUl5BPbtH7Z1rTrdaO7VoP1NelVhqEMrHto/Mc8Hq3577SX4HtV4wZMyRdv
sOB2ZWDNHIbgWqWanNNsaftg1nKRpcgrhZlrL6+BXsCLyno8raYTMXLtE/TE7X2S
hv8uZ9mnRdEt9OYV2iDLLeRCfubhMLKqA3m/If5ejxH70Z8hzr3e7w==
=PSEq
-----END PGP SIGNATURE-----
Doc.Cypher
On Mon, 15 Apr 2002, Chri...@nwlink.com.com (Chris) wrote:
>Hey, remember back on 14 Apr 2002 08:13:30 -0000, when Doc.Cypher
><Use-Author-Address-Header@[127.1]> said:
>
>>-----BEGIN PGP SIGNED MESSAGE-----
>>
>>On Sun, 14 Apr 2002, Chri...@nwlink.com.com (Chris) wrote:
>
><snip>
>
>>>Oh, I found it invaluable when I couldn't get a hand-rolled nym to work.
>>>After
>>>'fighting' with JBN over its desire to sign onto the 'net and replace my
>>>carefully gathered remailer keys with some keyring from
>>>where-the-hell-ever, and
>>>its attempts to get stats from ditto, I had it make a couple of nym config
>>>submissions, and found out what I'd been doing wrong.
>>
>>I don't know if you'll avoid this problem with QS, remailer clients by
>>their very nature want to have up-to-date statistics. You'll probably
>>find that
>>you can avoid the keyring issues with it though.
>
>With JBN it turned out to be a matter of pointing it to an on-disk file when it
>wanted stats.
That's probably possible with QS as well, although I have a suspicion that
you'll be able to turn off stats retrieval.
><snip>
>>Anyway, the one thing I didn't think was clear when you were trying to
>>avoid JBN connecting to the net for keys and stats was why you couldn't
>>bring yourself to trust a stats source. Could you perhaps enlighten me as
>>to what your trust model is that you cannot pick a stats source? (I can
>>understand the desire to get keys manually).
>
>Not a matter of threat model, but of useful of the program.
>
>1) I don't like programs trying to access the 'net unless *I* send them
>looking.
>2) The only thing JBN (and I assume QS) want stats for it to tell me when I've
>picked a remailer w/less than sterling uptime, or long latency, or with
>this,that&theother capability. Since I keep a closeish eye on how remailers are
>doing re. uptime, almost always use a "Latent-time:" directive, and check
>capabilities, I found JBN to be, bluntly, a nag about this stuff.
That makes you the exception rather than the rule when it comes to remailer
users. :-)
>Thus, I prefered to alter the on-disk stat 'source' to show good uptime and
>latency, so JBN wouldn't nag me so much.
OK, as long as you managed to get good reliability.
<snip>
>>I thought that JBN's esub functionality was available as a separate component,
>>but a check of the potato software site doesn't show it. :-(
>
>Damn! You don't suppose it used to be available, but isn't any longer, do you?
Dunno. Might be, but I have no idea who would update the Potato site now
that RProcess is gone.
FWIW, (and I know it has nothing to do with the rest of this message) I
wish someone would recompile JBN with up-to-date stats sources. I'd be
delighted to host something like that. I simply don't have the spare disk
space and time to do it myself. I'm hoping to get a new PC later in the
year, I might just do that then.
Doc.
- --
The bigger the humbug, the better people will like it.
~ Phineas Taylor Barnum. http://vmsbox.cjb.net
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQEVAwUBPLoJ8sriC3SGiziTAQEcEgf/fWSeXSZKpFJ1TotwKnArXkwD8SyhHZ+j
2t4zU6SrVukjUMvI7EA0eeNyHNu0rKVFyHM4xaBaS4dj+rZlZIXH7JX2/qgvonZc
l1eCrc8F3daDSCmdeWH7Fqk4sEhNTg8Numqeu6ENgHppzbt62ZYESR6c1qfw7a32
K2Eh8Klp1GWpylGw450Kdh33Cve55kdjibp1aVChFcv71PcWp8eXfLtdJBhmjnoD
x4MhKQ/xm/LqddUXNxRrHG6pCVmMw5ekk2hTSuEjPVwyHheaPvQxAlgFATivsJhO
qvqDwB7M1RMSW1yA/e/AFaoi29/OWZMVnPgwCNhVQle2TtGB0UyXFg==
=N9wH
-----END PGP SIGNATURE-----
Nomen Nescio
>Hey, remember back on 14 Apr 2002 08:13:30 -0000, when Doc.Cypher
>>I don't know if you'll avoid this problem with QS, remailer clients by
>>their very nature want to have up-to-date statistics. You'll probably find
>>that you can avoid the keyring issues with it though.
>
>With JBN it turned out to be a matter of pointing it to an on-disk file when it
>wanted stats.
It looks to me that you are some kind of Boscloo, desesperatly trying
to find a complicated way to fail doing things while the easy solution
is at hand.
If you don't want yout stats to be updated automatically
JBN2|Window|StatConfig|Options|RetrieveStatsEvery__Hours UNTICKED
Same kind of trivial solution aplies to most your problems, so please
RTFM or at least take a glance at the configuration panes.
QuickSilver
In article <3cba77fe.8666091@localhost>
Chri...@nwlink.com.com (Chris) wrote:
>
[snip]
>
> >I thought that JBN's esub functionality was available as a separate
> >component, but a check of the potato software site doesn't show it. :-(
>
> Damn! You don't suppose it used to be available, but isn't any longer, do you?
I have that esub component myself. It may not be useful to you because
it is a plugin dll rather than an exe program. It provides esub for my
QSnews module. I'll put it on my web site in the misc directory. But,
as I said, you may not find it useful.
Richard
- --
R.Christman
Benchmark Software
quick...@skuz.net
http://quicksilver.skuz.net
-----BEGIN PGP SIGNATURE-----
Version: N/A
iQBVAwUBPLqZJvkiDnOECmYBAQFmOgIA70s9PapW4O1zrj7KMzBFbSuoibZa1LM9
qDZBSqrmFEzOAw60f+shOc0YdySs5x//koZHhaZW61a6Hj8GSOYMgQ==
=4dlK
-----END PGP SIGNATURE-----
QuickSilver
Hi Doc!
In article <2002041506491...@gacracker.org>
Doc.Cypher <Use-Author-Supplied-Address-Header@[127.1]> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> On Sun, 14 Apr 2002, QuickSilver
> <Use-Author-Supplied-Address-Header@[127.1]> wrote:
> >-----BEGIN PGP SIGNED MESSAGE-----
> >
> >In article <2002041407565...@gacracker.org>
> >Doc.Cypher <Use-Author-Supplied-Address-Header@[127.1]> wrote:
>
> <snip>
>
> >> I see, and stand corrected. I don't know enough about the operation of QS to
> >> comment further.
> >
> >Yes, I was wondering, myself, why you chose to comment considering your
> >level of experience with QS ;) However, it would seem to me that Chris,
> >for example, could relate initial experiences with both programs since
> >they are both new to him. On the other hand, because of your mastery of
> >JBN, your opinion after 'playing' with QS cannot be considered unbiased.
>
> Quite correct. I'm sorry I got into this JBN vs QS thing (again), but Lucas
> did sort-of start it by commenting on JBN which he never got to work.
Yes, I'm not sure we need more qs/jbn comparisons either, but this
thread has progressed past those issues. Pay attention ;)
> >> Does QS call mixmaster to get a chain selected then report if a broken
> >> chain has been selected?
> >
> >Yes, that's it exactly.
>
> I actually think you might have one over JBN there, at least for what JBN
> refers to as RANDOM remailers (equivalent to * in Mixmaster/QS). This would
> be why JBN has the AUTO option where it does the random selection instead
> of Mixmaster. Of course, this is probably due to the version of Mixmaster
> that JBN works with. Again, as you support a much more recent version of
> Mixmaster this is where you get another point over JBN.
>
> >> >From what you've stated, it looks as though you are suggesting the
> >> >cpunk is more reliable than mixmaster. Are broken chains your sole basis
> >> >for this?
> >>
> >> I've done a little experimentation with sending binaries through the system
> >> and found cypherpunk more reliable for this. However, with text-only
> >> messages that fit into one or two mixmaster packets I do use mixmaster.
> >
> >I agree, very large messages are not good candidates for the mixmaster
> >system. You said you attributed the lost mail you experienced with QS
> >to broken chains. QS reports the chains at the time of sending, and
> >stores the info in a couple different logs. Did you compare these
> >chains with the broken type2 chain list?
>
> I didn't see what chains were selected, my tests involved specifying only
> two remailers, an exit one and a randomly selected entry one. If you've got
> the attachment function working in QS then it's probably better able to get
Mix messages and pgp signed/encrypted process attachments correctly.
Nym messages currently don't support attachments. Not really important
here though.
> large messages through the Mixmaster network. My attachment testing was
> prompted by someone querying here how to send binaries, I used JBN for
> that.
>
> >Last year I downloaded/installed JBN214 and gave it a test drive. I
> >also didn't like the interface and I also had lost mail. I just
> >chaulked it up to my own ineptitude with the program.
> >
> >I think new users of both programs may have a few failures before
> >getting things running smoothly. Still, I know from feedback that many
> >QS users are successful from the very first message. I'm sure this is
> >true of JBN also.
>
> I'll admit that when I was getting started I lost a few messages. I just
> chalked that up to experience too. Of course it would seem that the way
No, sorry, in this thread you chaulked it up to broken mixmaster
chains. Is it fair to now say you cannot support that statement with
any real facts what-so-ever?
> I've learned to use the network isn't going to be much use with QS and I'd
> not only have a new interface to learn, but have to change the way I work
> with the remailer network. Anyway, I don't really need to use the network,
> and my IP address is available in every post I make.
I don't think QS or JBN are the real issue here.
> >> >Also, do you consider cpunk to be a superior system compared to mixmaster?
> >>
> >> Both have their merits, I'd not say one was superior to the other. I know
> >> there are claims that mixmaster is more secure because of the fixed packet
> >> size, but as I understand it most remailers now accept cypherpunk traffic
> >> and turn it into mixmaster packets to send to the next remailer. I like the
> >> fact that this means the message is doubly encrypted while in transit.
> >> Foiling traffic analysis isn't the only issue to take into account when
> >> using remailers, if mixmaster were modified to increase the key size I'd
> >> have no hesitation in saying it was the more secure transport.
> >
> >Mix3 is in development currently and there is a lot of discussion
> >regarding v3 keys. Since you mention it, though, do you have some real
> >world evidence that mixmaster encryption has been broken? Are my
> >mixmaster messages being broken?
>
> I have no real-world evidence to back up my opinions, but I certainly hope
> that a longer key is chosen for Mix3. Problem is, that would break clients
> like JBN.
>
> >You say one is not better than the other. Consensus by experts
> >contradict this and in 2001 the US government patented an idea for a
> >remailer system (onion skin routers) specifically citing mixmaster as
> >the current state of the art.
>
> As I understood it, the criteria by which they judged this was the
> traceability, not the breakability. There's been some stuff floating around
> recently about new brute-force methods to break PGP. It made me wonder if
> the key length of Mixmaster was still secure against TLAs.
Wondering about mixmaster key length, based on 'stuff floating around'
is one thing. Giving readers the impression mixmaster is not to be
trusted is another thing entirely. Is it safe to say that you actually
have no factual evidence supporting your concern for mix key length?
> >Also, Mixmaster has proven it is, in fact, a more reliably system than
> >cpunk. Here is some real world evidence.
> >
> >Broken type-I remailer chains:
> >(cripto dismix)
> >(cmeclax shinn)
> >(cthulu hedonist)
> >(randseed cmeclax)
> >(segfault *)
> >(xganon *)
> >(xganon2 *)
> >(* freaky)
> >(* xganon)
> >
> >Broken type-II remailer chains:
> >(cmeclax shinn)
> >(cthulu hedonist)
> >(dismix cthulu)
> >(* xganon)
> >
> >At any given time, you'll find there are generally 2 to 1 broken chains
> >between cpunk and mix.
>
> I'll accept that. Probably due to remailers having stale mix keys and using
> mixmaster to send to the next remailer. That just doesn't happen when you
> use mixmaster only. The broken Type II are probably due to remix-to being
> in force at the remailer, and again stale keys.
I see, so the broken cpunk chains are mixmaster's fault. And broken mix
chains are mixmaster fault. You're quite the card Doc! Do you have
evidence? Show me evidence.
> >> FWIW, the key advantage I see to cypherpunk is actually when learning. You
> >> can't make a mixmaster remailer message without mixmaster, but you can use
> >> PGP and a text editor to create a cypherpunk message. Doing so should make
> >> the whole operation of the remailer network a lot clearer and I'd recommend
> >> everyone try it at least once.
> >
> >You prefer the kludged cpunk system to the system that was designed,
> >from the ground up, (with knowledge of cpunk shortcomings) to be a
> >dedicated and superior remailer system?
>
> I like some of those "kludged" features. :-) I also understand that
I'm sure you do like those kludges, and that is your perogative.
> mixmaster takes a great deal of the control away from the user to prevent
> them doing things that could endanger their security. What I was trying to
Mixmaster is beautiful in it's utter simplicity. It is the hallmark of
elegance. It allows users to focus on their message--not picking
reliable remailers, adjusting latency, insuring remailer caps support
the message's usage, etc. And Hey, the simplicity does not compromise
either security or reliability.
> emphasize was that you can't beat cypherpunk as a learning tool. I'm
It's a great learning tool for cpunk, which is a real chore. On the
other hand, you can take a person who knows nothing of mixmaster, or
even remailers, and in 10 minutes give them an understanding of the
principles that make mix such an elegant, powerful, and reliable system.
> certainly not trying to get into some sort of contest of one client is
> better than the other. There are features in each that cannot be compared
With the exception of a point or 2, I don't think clients are what we
are discussing here.
Richard
- --
R.Christman
Benchmark Software
quick...@skuz.net
http://quicksilver.skuz.net
-----BEGIN PGP SIGNATURE-----
Version: N/A
iQBVAwUBPLtLNvkiDnOECmYBAQETowH9Hx2D/ZpPDFE2uDhxxS1AlJ1qRi7ISbQK
ZgnN08OAYEZ1L8B/3Ye0NUt62Wj+dQAohn74i/a1JtiyN9dWRGEDSw==
=T6mw
-----END PGP SIGNATURE-----
Chris
<nob...@dizum.com> said:
<snip>
>
>It looks to me that you are some kind of Boscloo, desesperatly trying
>to find a complicated way to fail doing things while the easy solution
>is at hand.
>
>If you don't want yout stats to be updated automatically
> JBN2|Window|StatConfig|Options|RetrieveStatsEvery__Hours UNTICKED
That only applies to refreshes *while the program is running*. It has nothing to
do with what happens when you first start up the program.
>Same kind of trivial solution aplies to most your problems, so please
>RTFM or at least take a glance at the configuration panes.
You can go actually *use* the program. And learn to think, wipe your butt, and
get your dick out of your mother, you pus drinking whoreson bastard.
Doc.Cypher
On Mon, 15 Apr 2002, QuickSilver
<Use-Author-Supplied-Address-Header@[127.1]> wrote:
>Hi Doc!
>In article <2002041506491...@gacracker.org>
>Doc.Cypher <Use-Author-Supplied-Address-Header@[127.1]> wrote:
>> On Sun, 14 Apr 2002, QuickSilver
>> <Use-Author-Supplied-Address-Header@[127.1]> wrote:
>> >In article <2002041407565...@gacracker.org>
>> >Doc.Cypher <Use-Author-Supplied-Address-Header@[127.1]> wrote:
<snip>
>> Quite correct. I'm sorry I got into this JBN vs QS thing (again), but
>> Lucas did
>> sort-of start it by commenting on JBN which he never got to work.
>
>Yes, I'm not sure we need more qs/jbn comparisons either, but this
>thread has progressed past those issues. Pay attention ;)
Okay :)
<snip>
>> I'll admit that when I was getting started I lost a few messages. I just
>> chalked that up to experience too. Of course it would seem that the way
>
>No, sorry, in this thread you chaulked it up to broken mixmaster
>chains. Is it fair to now say you cannot support that statement with
>any real facts what-so-ever?
Yup, as we seem to be referring to my attempt to using QS. That was my
*guess* based on incomplete knowledge of the package's operation. My
reference to chalking up lost messages to experience referred to when I was
getting started with JBN, perhaps there was insufficient context in my post
to make that clear.
<snip>
>> As I understood it, the criteria by which they judged this was the
>> traceability, not the breakability. There's been some stuff floating around
>> recently about new brute-force methods to break PGP. It made me wonder if the
>> key length of Mixmaster was still secure against TLAs.
>
>Wondering about mixmaster key length, based on 'stuff floating around'
>is one thing. Giving readers the impression mixmaster is not to be
>trusted is another thing entirely. Is it safe to say that you actually
>have no factual evidence supporting your concern for mix key length?
I certainly did not set out to give the impression that mixmaster is not to
be trusted, as you might have noticed I stated that I use it.
I hardly think my statement, "wonder if the key length of Mixmaster was
still secure against TLAs." qualifies as a concern, perhaps a little
paranoia, but nothing more than that.
<snip>
>> >At any given time, you'll find there are generally 2 to 1 broken chains
>> >between cpunk and mix.
>>
>> I'll accept that. Probably due to remailers having stale mix keys and using
>> mixmaster to send to the next remailer. That just doesn't happen when you
>> use mixmaster only. The broken Type II are probably due to remix-to being
>> in force at the remailer, and again stale keys.
>
>I see, so the broken cpunk chains are mixmaster's fault. And broken mix
>chains are mixmaster fault. You're quite the card Doc! Do you have
>evidence? Show me evidence.
I didn't say that, it is disingenuous to infer that from my statement. The
fault is generally that of the remailer operator who has stale keys on
their keyring. That has nothing to do with the Mixmaster protocol.
<snip>
>> >You prefer the kludged cpunk system to the system that was designed,
>> >from the
>> >ground up, (with knowledge of cpunk shortcomings) to be a dedicated and
>> >superior remailer system?
>>
>> I like some of those "kludged" features. :-) I also understand that
>
>I'm sure you do like those kludges, and that is your perogative.
>
>> mixmaster takes a great deal of the control away from the user to prevent
>> them doing things that could endanger their security. What I was trying to
>
>Mixmaster is beautiful in it's utter simplicity. It is the hallmark of
>elegance. It allows users to focus on their message--not picking
>reliable remailers, adjusting latency, insuring remailer caps support
>the message's usage, etc. And Hey, the simplicity does not compromise
>either security or reliability.
>
>> emphasize was that you can't beat cypherpunk as a learning tool. I'm
>
>It's a great learning tool for cpunk, which is a real chore. On the
>other hand, you can take a person who knows nothing of mixmaster, or
>even remailers, and in 10 minutes give them an understanding of the
>principles that make mix such an elegant, powerful, and reliable system.
No, I'd assert that it is a great learning tool for how remailers actually
work. The principle of multiple encryption of the message applies to
cypherpunk and mixmaster. When the message is sent, each remailer in the
chain has to remove a layer of encryption to get at the address of the next
remailer in the chain, irrespective of which type of message you've sent.
Doc.
- --
The bigger the humbug, the better people will like it.
~ Phineas Taylor Barnum. http://vmsbox.cjb.net
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQEVAwUBPLtbcsriC3SGiziTAQF3TAf5AU5ViaymT37aE3qFLf+ROotq1D3xD2zX
cZdVkyfzhSwAQgJNdRfdl6SlRLbgtOovo0ciUKxbS2Istrcg+vEvutXDWYZ6CQTE
9ywPpmNtj03BvsqqG0ksIv2K3Pi6SdsnswlX8uLmEQiROJHzqipJj5FlZqfiWKzF
jFeQ9fke+GPZzXu87iWxf7+YEXfNISRYB8lK1P26Td6rQ0dE/C3cnffGCbGHNRpy
2sMaHIF6csodUPJ46O3wFeBh2U34ifWO77odYjK8737K7UdI/GndNGnpYL1WnmC0
jDVazB8Mt7Yz3lrgVEnkcHEYxM9OAtWNHDu5IMd0KGY/N/46Q7n9vQ==
=zg5n
-----END PGP SIGNATURE-----
Doc.Cypher
On 15 Apr 2002, Lucas <Use-Author-Supplied-Address-Header@[127.1]> wrote:
>> Quite correct. I'm sorry I got into this JBN vs QS thing (again), but Lucas
>> did sort-of start it by commenting on JBN which he never got to work.
>
>that is true, but I think it led to an interesting dialogue
Indeed.
>> There's been some stuff floating around recently about new brute-force
>> methods to break PGP.
>
>what sort of stuff?
>PGP can be broken now?
D. J. Bernstein. Circuits for integer factorization
http://cr.yp.to/papers/nfscircuit.ps
http://cr.yp.to/papers.html
Info about RSA crack found on google:
512-bit integer factored 1999 by Herman te Riele
http://www.cwi.nl/~walter/papers/CDL00.pdf
http://www.rsasecurity.com/rsalabs/faq/2-3-6.html
Bernstein has proposed a machine that can factor large integers very
quickly. This is part of the puzzle of breaking PGP. Here's a post that
appeared on this group about it...
http://groups.google.com/groups?selm=ik_n8.323%247L2.529836%40newsr2.u-net.net
and I quote...
>---snip---
>Bernstein's machine, once built, will have power requirements in the MW
>to operate, but in return will be able to break a 1024-bit RSA or DH key
>in seconds to minutes.
>---snip---
>> I'm
>> certainly not trying to get into some sort of contest of one client is
>> better than the other.
>
>me neither
>
>> There are features in each that cannot be compared
>> with the other. I simply don't think a proper comparison can actually be
>> done.
>
>Actually Doc, I thought we learned a number of things about the
>features and implementation in both programs.
>So far both JBN and QS do esub
>both can define latency and history limits for wildcard selection
>both can disable certain remailers from being chosen altogether
>both can create and maintain NYM's
>both can post
>
>> That's probably possible with QS as well, although I have a suspicion that
>> you'll be able to turn off stats retrieval.
>
>correct Doc, QS has a check box and allows one to choose whether and
>when to update stats.
>
>I dont know why JBN wont run on some computers, including mine. QS does
>run.
That's good for you, QS has a smaller footprint than JBN.
>So far it seems then that QS has a slight edge over JBN in its feature
>set, in regards to stats.
How so? You can disable stats retrieval with JBN too. Its just that nobody
except Chris ever seemed to want to do that.
>I hope this discussion helps others interested in tools that manage
>NYMs and remailer activities to learn that both programs can get the
>job done.
>
>Which one someone chooses to use is a matter of personal preference at
>this point, not a lack of features in either, afaict.
>
>imho Both JBN and QS are excellent tools.
Glad to hear you say that.
Doc.
- --
The bigger the humbug, the better people will like it.
~ Phineas Taylor Barnum. http://vmsbox.cjb.net
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQEVAwUBPLtbcsriC3SGiziTAQH1dQf+MrrtndEv4BiVt7tEpptCCPp/zprVGvrJ
St5/QmdXy+Yt6SMfC50TLsesS8wraVOfel9xREQ/w6B3HTVX26mNNI7Ua5clZa9R
oOWOGLZKN6Gb1wYl9ALU2KYSp1nXaO8K9RSkNILYlY26PoIyMMmWhBo1IuX0bxIe
yVMmU/et+E6wC+rpOK+uMbmhDrxYFzWBbtPSeNlcSMQ3TR8zPx62DQQ2OCwVAfK9
XK+tdAOSoo/S6wsELdAlUZYZSaT6Ti30ohML9/ZV9B6hbCK8BAUeJvFww5IHiqdq
T636mdtObiKLFiRBq5uQ7GsU7Q5ebC+moQoP1VW/wSa5clIWbHKnwg==
=UyHf
-----END PGP SIGNATURE-----
QuickSilver
Hi Doc,
My whole point is...you influence people. That's all. I just picked on
the fact that you made a statement that probably couldn't be supported.
And in each explanation you stepped into it again! I didn't expect
that, really!
Sometimes I feel like the Lone Mixmaster! There is so much emphasis on
cypherpunk. I do feel the need to speak up. Of course QS is a mixmaster
and testimony to my belief. I love all things simple. If only people
would listen, simple is better.
And you did dis my program a tiny bit. But I'll forgive ya :)
Hi!Ho! QuickSilver! And the Lone Mixmaster rides into the sunset. Who
was that masked programmer?
Please forgive me :)
Richard
BTW I did miss that you had said you use mixmaster, but I see it now. I
guess what you were saying is you don't need to use remailers often but
when you do it is usually mixmaster -- That's good enough for me!
In article <2002041606524...@gacracker.org>
Richard
- --
R.Christman
Benchmark Software
quick...@skuz.net
http://quicksilver.skuz.net
-----BEGIN PGP SIGNATURE-----
Version: N/A
iQBVAwUBPLv2aPkiDnOECmYBAQETjgH/fdml5zRGzeOU9af7/SbvoDjv0YTl3LGK
iEZnNmBkqjrIhXMe+12C0ZPBVs3RWBMoHPLl3XjlQgzz7RfJNwc+IQ==
=Vo+g
-----END PGP SIGNATURE-----
Doc.Cypher
On Tue, 16 Apr 2002, QuickSilver <Use-Author-Address-Header@[127.1]> wrote:
>Hi Doc,
>
>My whole point is...you influence people. That's all. I just picked on
>the fact that you made a statement that probably couldn't be supported.
>And in each explanation you stepped into it again! I didn't expect
>that, really!
Well sometimes I feel I'm not very good at making things clear, I suspect
this was one of those times. As to influencing people, that would be mildly
surprising, unless people actually follow Usenet etiquette and lurk a while
to learn who the regulars in the group are. The impression I get around
here is that people just dive in and leave their manners somewhere else.
>Sometimes I feel like the Lone Mixmaster! There is so much emphasis on
>cypherpunk. I do feel the need to speak up. Of course QS is a mixmaster
>and testimony to my belief. I love all things simple. If only people
>would listen, simple is better.
The "Lone Mixmaster" I like that one, sounds like a name for a DJ. ;-)
>And you did dis my program a tiny bit. But I'll forgive ya :)
I think I got drawn into something I perhaps should've avoided. Perhaps one
of these days I'll actually sit down and properly learn QS. Problem is, I'd
need to spend a *long* time using it before I could do what I'd consider a
fair review. That would be because of my current JBN bias.
>Hi!Ho! QuickSilver! And the Lone Mixmaster rides into the sunset. Who
>was that masked programmer?
>
>Please forgive me :)
Not a problem. Judging by one of your other posts from about the same time
you were having a bad Usenet day.
>BTW I did miss that you had said you use mixmaster, but I see it now. I
>guess what you were saying is you don't need to use remailers often but
>when you do it is usually mixmaster -- That's good enough for me!
Best thing is I think we demonstrated it is possible to debate with quite
different views and not sink to ad hominem attacks against each other. I
wish that the anon. posters for and against the two packages would be a
little more orderly in their conduct.
Doc.
- --
The bigger the humbug, the better people will like it.
~ Phineas Taylor Barnum. http://vmsbox.cjb.net
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQEVAwUBPLtbcsriC3SGiziTAQHlPAf/VyMMGUtq5ZhqbfREyzQ0troMOJJehAzB
foNOxYJPPwGLhJz6njY5GazMsln2BhOYIQ8bw241gDhrwZ3Cq7uT83gEpuDe/Qqc
TL8JLhMT1AvoQJwnpPYlDggAF44PignDHZt+oBE3WCfVRfo6N3rMs58XDz0YjKRM
9mxhS2mvQaQQfYmELYlcJgUPPEOGy9GxHij9/JY8eeohEnHfnxXWLfAuJYqNTExz
r36e+wYpNI+KXbUvN1Dac4sEcPT9oT+44BuqhioUeBD7GaecauDlik7JjcpsfqwF
n6jaJ/0Hb1WDUXAelXTQlLnDeJdbsqZapgh17pj6a3vm65YugI8Mig==
=nj8V
-----END PGP SIGNATURE-----
QuickSilver
In article <200204161333...@gacracker.org>
Doc.Cypher <Use-Author-Supplied-Address-Header@[127.1]> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
>
> On Tue, 16 Apr 2002, QuickSilver <Use-Author-Address-Header@[127.1]> wrote:
>
> >Hi Doc,
> >
> >My whole point is...you influence people. That's all. I just picked on
> >the fact that you made a statement that probably couldn't be supported.
> >And in each explanation you stepped into it again! I didn't expect
> >that, really!
>
> Well sometimes I feel I'm not very good at making things clear, I suspect
> this was one of those times. As to influencing people, that would be mildly
> surprising, unless people actually follow Usenet etiquette and lurk a while
> to learn who the regulars in the group are. The impression I get around
> here is that people just dive in and leave their manners somewhere else.
Yes, that is the direction our newsgroup has been heading for quite a
while. But there are so few contributers in recent times. If they
aren't lurking, we're in big trouble!
> >Sometimes I feel like the Lone Mixmaster! There is so much emphasis on
> >cypherpunk. I do feel the need to speak up. Of course QS is a mixmaster
> >and testimony to my belief. I love all things simple. If only people
> >would listen, simple is better.
>
> The "Lone Mixmaster" I like that one, sounds like a name for a DJ. ;-)
>
> >And you did dis my program a tiny bit. But I'll forgive ya :)
>
> I think I got drawn into something I perhaps should've avoided. Perhaps one
> of these days I'll actually sit down and properly learn QS. Problem is, I'd
> need to spend a *long* time using it before I could do what I'd consider a
> fair review. That would be because of my current JBN bias.
I think you are quite correct about learning QS. Since the 2 programs
are so completely different, having mastered one would make it doubly
difficult to learn the other.
Also, I don't think it neccessary for you to learn QS. You have the
tool you like, it does what you want and your use of it is second
nature. You also provide excellent support for it.
> >Hi!Ho! QuickSilver! And the Lone Mixmaster rides into the sunset. Who
> >was that masked programmer?
> >
> >Please forgive me :)
>
> Not a problem. Judging by one of your other posts from about the same time
> you were having a bad Usenet day.
I'm not proud of that one!
> >BTW I did miss that you had said you use mixmaster, but I see it now. I
> >guess what you were saying is you don't need to use remailers often but
> >when you do it is usually mixmaster -- That's good enough for me!
>
> Best thing is I think we demonstrated it is possible to debate with quite
> different views and not sink to ad hominem attacks against each other. I
> wish that the anon. posters for and against the two packages would be a
> little more orderly in their conduct.
Our group manners have sure taken a nose dive. I remember a couple
years ago saying to my wife, 'with all the nastiness in other
newsgroups, we are very fortunate in a.p.a-s. that we have a really
pleasant group.' Sadly, I think it is a very small number of
individuals that have drawn others into such conduct.
I've been trying to get back to where I was a couple years ago
(handling support with a smile) and it's not easy, but I'm not giving
up!
Richard
- --
R.Christman
Benchmark Software
quick...@skuz.net
http://quicksilver.skuz.net
-----BEGIN PGP SIGNATURE-----
Version: N/A
iQBVAwUBPLx5OvkiDnOECmYBAQHSmwIA0moiAsEgVo4D++HmrjT6Z6lVool/T1sQ
EHc91Ndfzm530+RWNZSjMldUlxcSMY3m23n0ohhaPNZD4r5QnK0NlQ==
=7JTd
-----END PGP SIGNATURE-----
Frog-...@helferlein.net
On 15 Apr 2002, Doc.Cypher <Use-Author-Supplied-Address-Header@[127.1]> wrote:
>FWIW, (and I know it has nothing to do with the rest of this message) I
>wish someone would recompile JBN with up-to-date stats sources. I'd be
>delighted to host something like that. I simply don't have the spare disk
>space and time to do it myself. I'm hoping to get a new PC later in the
>year, I might just do that then.
Stats sources are not compiled into JBN2 (with a VB compiler).
Stats sources are in one of JBN configuration files: JBNConf.NEW / JBNConf.DAT
while the up to date list of active remailers is in JBNData.NEW / JBNData.DAT
Solutions are:
- -create a new installation package
including modified configuration files
instead of the old ones
>>>> that would remove RProcess's PGP signature from the .exe
>>>> that is heavy job for a never-ending chore
- -offer the modified configuration files as a
post-installation, before-first-run patch
to be copied into \JBN directory
>>>> I did not like it
- -offer a list of working URLS, with Dummy-oriented instructions on a website
>>>> that is what I chose to do
Client Configurations for Dummies
http://www.privacyresources.org/frogadmin/Configs/
-----BEGIN PGP SIGNATURE-----
Version: N/A
iQEVAwUBPL5vpoDgT488d3zFAQFs5gf9GccMhA2add03+IZcqN0rns2raqoIIgNi
pYYaqQ12C+iIXB8K1GFgq8KxBSczAXPxqQH/zxF++qQsEeuPCZA2wxiu3cSvBvKD
Lz02IxF+VkCyMRB6IbX0krMZZfF8gLe3LjdfenUM5VOtz4w8diyjalyFX73vOoS8
KA31oAPXzpgqIa3LQoe9S9MoqRW463U8O2zt0U+m88qgMQ2PrS8+EDD2098MwPNN
eduauqqNlkD1d3zI610O3FuM0gJ3ISiIcEiUKnoyWgJBBDPIVy+BDxEIwSttLRK4
sI0EuprHG0nqWpWRsttnuLY4SUFS63jdFSNsUVcAP1H6hQ9Jd2j01w==
=gX4J
-----END PGP SIGNATURE-----
Nomen Nescio
>Hey, remember back on Mon, 15 Apr 2002 11:00:05 +0200 (CEST), when Nomen Nescio
><nob...@dizum.com> said:
>>It looks to me that you are some kind of Boscloo, desesperatly trying
>>to find a complicated way to fail doing things while the easy solution
>>is at hand.
>>
>>If you don't want yout stats to be updated automatically
>> JBN2|Window|StatConfig|Options|RetrieveStatsEvery__Hours UNTICKED
>
>That only applies to refreshes *while the program is running*. It has
>nothing to
>do with what happens when you first start up the program.
While, by your own words, you are still at that stage:
_ "first start up the program" _
I will let you at your other games.