12 April 1999
Note: Carl Johnson's trial is scheduled to begin today in US District Court, Western District of Washington, Tacoma, WA. Carl Johnson and Jim Bell are incarcerated at SeaTac Federal Facility, SeaTac, WA.
See related files: Carl's at http://jya.com/cejfiles.htm, Jim's at http://jya.com/jdbfiles.htm
See the Cypherpunk archives for other recent statements on the government's targeting of cypherpunks and events leading to the Johnson and Bell arrests and subsequent debate: http://www.inet-one.com/cypherpunks/
Date: Sun, 11 Apr 1999 19:39:58 -0700 (PDT) From: Greg Broiles <firstname.lastname@example.org> To: email@example.com Subject: Re: Disclosure of law enforcement addresses On Sun, 11 Apr 1999, Tim May wrote: > I do find it peculiar that Law Enforcement would freak out that the home > addresses of agents and judges, which are discoverable in _so_ many ways, > including phone books, voting records, property tax records, etc., are > published. > > This while they publicize *my* Social Security Number!!! We seem to be developing a system where there are three privacy castes - The first, bureacrats and cops and judges, who get special privacy rights, and whose privacy is jealously guarded; (* modulo the press, who will selectively invade others' privacy in a limited fashion, but will hold back enough information to maintain their monopoly) The second, ordinary people, who get as much privacy as they can keep; The third, criminals, whose addresses are placed on CD-ROMs and the Internet along with their pictures, and distributed by the state to encourage their ostracism and torment at the hands of people whose aggression/common sense ratio is low. I think the torment of CJ and Jim Bell is intended to make examples of people who treat someone from the first caste as if they were from a lower caste. On a somewhat related note, I started reading Daniel Patrick Moynahan's "Secrecy" last night - I'd avoided it for awhile because I assumed that no congressperson was capable of generating anything worth reading - but I was too hasty. So far, it's interesting (if a little over-polished) and provides interesting insight into the political & social aspects of government secrecy policies - his argument is that the process of creating official secrets substantially dimishes the quality of executive and legislative decisionmaking. That seems like a reasonable assumption, but it's interesting to read it from the perspective of an insider. -- Greg Broiles firstname.lastname@example.org
Date: Sun, 11 Apr 1999 23:35:25 -0800 To: email@example.com From: Tim May <firstname.lastname@example.org> Subject: The Second Cypherpunks Show Trial Cc: Greg Broiles <email@example.com> Part of the chilling of political speech in fin-de-siecle America is that I'm going to wake up around 4 a.m. tomorrow morning regretting that I wrote this and then sent it out where list.narcs like Jeff Gordon will add it to my dossier. Oh well. This is a long article, pretty much as I wrote it the first time. If I agonize too much I'm likely to chicken out and not send it. The chilling effect of show trials and hearsay evidence. I pay all of my taxes. I'm not dumb. I don't _like_ paying taxes, and I think the tax system will ultimately crumble under the onslaught of the technologies we all understand, but I do still pay my taxes. They can't get me on tax evasion, because I don't evade my taxes. Nonetheless, I would not be at all surprised to find that my speaking out on this despicable IRS/Treasury show trial results in either detailed audits of my tax returns for the past N years, or, worse, a trumped-up criminal tax fraud charge. Like I said, oh well. With guys like Freeh and Reno in the service of a rapist and perjurer, anything is possible. Here it goes: At 6:39 PM -0800 4/11/99, Greg Broiles wrote: >On Sun, 11 Apr 1999, Tim May wrote: > >> I do find it peculiar that Law Enforcement would freak out that the home >> addresses of agents and judges, which are discoverable in _so_ many ways, >> including phone books, voting records, property tax records, etc., are >> published. >> >> This while they publicize *my* Social Security Number!!! > >We seem to be developing a system where there are three privacy castes - > >The first, bureacrats and cops and judges, who get special privacy rights, >and whose privacy is jealously guarded; (* modulo the press, who will >selectively invade others' privacy in a limited fashion, but will hold >back enough information to maintain their monopoly) > >The second, ordinary people, who get as much privacy as they can keep; > >The third, criminals, whose addresses are placed on CD-ROMs and the >Internet along with their pictures, and distributed by the state to >encourage their ostracism and torment at the hands of people whose >aggression/common sense ratio is low. > >I think the torment of CJ and Jim Bell is intended to make examples of >people who treat someone from the first caste as if they were from a lower >caste. And the raids on their homes, with the newspapers and televison stations alerted so they do a ride along and properly convey the images of the Evil Babykilling Thought Criminals on the nightly news. Not to mention the lack of prosecutions in the "FileGate" case...the White House has an Enemies List with 1000 or so FBI files of their political enemies. Run by a former bouncer, Craig Livingstone. So, clearly an illegal use of confidential FBI information...and yet no prosecutions. Freeh and Reno are lap dogs. Greg's point about their being different castes is clearly shown. Of course, what should one expect from a country run by a rapist? And a liar, perjurer, subborner of perjury, tamperer with evidence, and seller of defense secrets to China and who knows what other countries? One of my neighbors is a Christian fundamentalist--he says we're clearly living in the "End Times." Sometimes I think he has a point. (He's the one who told me a chopper had been hovering over my house a while back; maybe an innocent explanation, maybe some nervous Feebies checking out my place.) So the Rapist in Chief announces one day he is "reading up on this here place Kosovo." Good for him. Except that was Wednesday, and he launched the Wag the Dog war the next day. "Yesterday I couldn't even spell the word Kosovo, now I'm kicking their ass.") But, nothing is surprising in this Alice in Wonderland/Matrix reality, where a double murderer like O.J. Simpson got off and a harmless crank like Jim Bell has been in jail for most of the past 2 years. Yeah, justice American-style. Two years in jail for futzing around with stinkbombs and using phony Social Security numbers, while murderers, rapists, and subborners of perjury go free. Meanwhile, the Government uses its powers to try to intimidate and silence. Court documents show the U.S. Marshals Service spreading *hearsay* about me, referring to bogus claims that "TIM MAY announced he would be murdering Jim Bell's judge (known to be U.S. District Judge Franklin BURGESS or Magistrate J. Kelly ARNOLD) on Friday at 4:00 p.m." (this from the 11/25/97 report of Lisa Stephenson, Deputy U.S. Marshal. This report was helpfully sent to other law enforcment agencies and the judges, from marks made on the report...perhaps explaining some of the weird things seen at that time, Thanksgiving of 1997.) "Inspector GORDAN [sic] described MAY as being an anarchist/survivalist who seems to spend much of his time communicating his beliefs via the Internet." Fair enough...I can't complain about that characterization of me. The IRS then helpfully provided my Social Security Number, now blasted around the world in public record court documents. (So much for my SS number only being used for Social Security and tax purposes and "NOT FOR IDENTIFICATION." And so much for information I am compelled to give the IRS on my tax returns being broadcast into court records. ) Gordon goes on to say: "...and has repeatedly stated he would shoot any law enforcement officers who attempted to arrest him." This tissue of rumors and hearsay, combined with comments taken out of context (the context generally being about self-defense in a midnight raider situation, with black-clad ninjas bursting into one's home without proper presentation of a search warrant). (Side note: This is an interesting legal/cyberspace issue. We are now in a world where the equivalent of "living room conversations" amongst friends are archived, searchable, essentially permanent, and browsable/searchable by various parties. Including by law enforcement trying to stitch together case mosaics. I average something like 5 posts per day. Less to the Cypherpunks list in the last half year, for various reasons, and a lot more in the first several years. So, roughly, about 1500-2000 articles of varying lengths per year. Or about 10,000 or so in the six and a half years of the Cypherpunks list. (Gulp!) Anyone who wants to search on any topic--Sarin, guns, Abu Nidal, ATX-34 suitcase nukes, etc.--can find a lot of stuff which looks "dangerous" when lifted out of context. List.narcs must be in heaven.) So, reports sent to various agencies--FBI, Marshals Service, IRS--have me planning to kill a judge, stockpiling guns, and being opposed to the U.S. Government. Well, only one of these is illegal. And that's the one that was a fabrication, a rumor, an invented fantasy. Where are the statements absolving me of this bogus claim that I planned to whack a Federal judge? Where are the clarification of these rumors and hearsay about what I and others plan to do, want to do, or expect to do? Sure looks to me like they're setting the stage for a "Cypherpunks RICO trial." Maybe with attention-grabbing raids on houses of the "gun nut survivalist militia whackos." That will play well on t.v., especially in time for the vote to ban crypto (which will probably sail through Congress now that our fighting boys are about to start dying to keep Yugoslavia safe for the Albania drug-running Muslim-Marxist KLA terrorists). Show trials needs show criminals. There's a lot more stuff that is in these documents, and in other places. It appears that much more than just a trial of an eccentric minstrel poet/satirist is going on. It looks like a innuendo, political speech, hearsay, and "interviews" with some "helpful" folks, where they are asked to speculate on the motivations and plans of others, is all being put together by government agencies who have turned a blind eye to the FBI files at the White House, to evidence of high treason by Clinton and Gore, and of course to the travesties in Waco and Ruby Ridge and other places. Oh, and it's just beginning. According to the judgment of William Geiger, another show trial is being planned. This time for those who dared to examine the "signature" evidence used to allegedly implicate Carl Johnson. I have not closely followed the math of Adam Back's "signature collision" work, reported on this list, included in the court documents, and recently posted again (maybe with newer info--like I said, I haven't followed the reasoning closely). If a lawyer examines evidence, a la Dershowitz in the O.J. trial, it's beyond reproach. But if Adam Back or William Geiger show that the alleged digital signatures can arise in other ways than C.J. Parker/Johnson being Toto/Truthmonger/DaveNull/etc., then this is called "obstruction." Here's Geiger's assessment of why he was testifying before _another_ grand jury: At 1:55 PM -0800 4/8/99, William H. Geiger III wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >Well, you all have been eagerly awaiting my report on my testimony before >the Grand Jury in Seattle. > >What is the Grand Jury Looking into: >==================================== > >This is a new Grand Jury looking into the activities of CP List >subscribers *after* CJ was arrested. It seems the MIB consider the >following to be obstruction of their investigation/prosecution of CJ: > >- -- Series of posts concerning Toto's PGP Private Keys and passphrases. > >- -- Series of posts concerning Toto's ISP/E-Mail Accounts & passwords. > >- -- Posts made after CJ's arrest using using e-mail addresses & aliases >allegedly used by CJ (TOTO, TRUTHMONGER, BUBA ROM DOS). > This is the equvalent of "looking into the activities of" O.J.'s chief lawyer, Johnny Cochrane for his "if it does not fit, you must acquit" work on the glove. Except, of course, Cochrane is a lawyer. But let an expert witness examine the evidence and come up with alternative explanations...ah, then it becomes "obstruction." (And make no mistake about it, folks on this list are every bit as much world class experts on PGP and signature-spoofing as any glove or medical experts called in the O.J. trial were. For which they should be compensated as expert witnesses at their negotiated professional rate if they are asked to give professional opinions, as opposed to testimony about their direct observations.) If Adam Back didn't have to fear his being arrested (see Adam's comments about what Geiger told him), he would make a good witness for C.J.'s lawyer(s) to call to impeach the testimony of the government's expert witnesses. He could presumably demonstrate directly the methods. Odd that all of the Cypherpunks are being called by the Feds. Does CJ have no lawyer? Even odder that so many Cypherpunks have freely given interviews with various investigators, even offering their opinions as to the motivations of others. A show trial. With too many Cypherpunks helping to hang the accused...and perhaps ultimately many others. Did CJ do what he is accused of doing? I don't know. I am not even familiar with what all the precise charges are...something about death threats to judges, to Bill Gates, and something about some shotgun shells and a book of matches with the word "Bomb" scrawled on the outside of a bag of some kind. Sounds bizarre, if true. But it has to be proved based on evidence beyond a reasonable doubt, not based on hearsay about what "Tim May" was alleged to have promised, about the gun collections of list members, and all this other hearsay and innuendo. I am not making any claims about whether C.J is Toto is Human Gus-Peter is Dave Null is Bubba Rom Dos, etc. I never met the guy. I don't recall even replying to him, though I may have replied tersely to some of his rants, before I started deleting them all. I deleted nearly all of his "Circle of Eunuchs" (and later series, like "Space Aliens Ate My Drugs") stuff unread, especially after it got so repetitive. Most of what I now know about his alleged activities and his associates, his travels, his medications, etc., I know from reading recent items on the list. Oh, and the court documents, which I just spent a couple of hours reading in more detail than the initial glance I took a few weeks ago. The court documents are eye opening. But Adam and William and probably others have much to fear. A second show trial, this one on "conspiracy to obstruct," or somesuch. No wonder Jeff Gordon was asking William Geiger if Adam Back is ever in the U.S. Customs could nab him at the port of entry. (I guess Marsha Clark and Chris Darden wish they could have gotten Cochrane, Dershowitz, Bailey, and that Santa Clara law professor on this kind of conspiracy charge. Hey, bring in the RICO laws! "By challenging our evidence, even though there is no gag order on the trial, you have obstructed justice. Bailiff, take them away.") And if I wasn't already on their list to be called, for whatever reason, then probably speaking out here, on the eve of their first show trial, will probably get me added to the list of conspirators. Meanwhile, the Rapist in Chief has his stacks of FBI dossiers on his political opponents, he has his slush fund from selling ICBM guidance secrets to the Red Chinese, and he's got himself a Merrye Little War in the Balkans so he can rebuild his legacy on the burned-out villages and scorched bodies of Yugoslavia. So they go after a weird guy who may or may not have exhibited a form of "literary Tourette's" but who basically did no damage to anyone. Some system, eh? Time to reformat America's hard drive and start over, I say. --Tim May (I'd PGP sign my post, except my Eudora-PGP plug-in stopped working a while back, and, besides, they'd probably cite the use of PGP as part of the conspiracy charge) Y2K: Hope for the best, prepare for the worst, enjoy the ride. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 831-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Licensed Ontologist | black markets, collapse of governments.
From: "William H. Geiger III" <firstname.lastname@example.org> Date: Mon, 12 Apr 1999 04:42:21 -0500 To: Tim May <email@example.com> Cc: firstname.lastname@example.org, Greg Broiles <email@example.com> Subject: Re: The Second Cypherpunks Show Trial -----BEGIN PGP SIGNED MESSAGE----- In <firstname.lastname@example.org>, on 04/12/99 at 02:35 AM, Tim May <email@example.com> said: First let me say nice post. >But Adam and William and probably others have much to fear. A second show >trial, this one on "conspiracy to obstruct," or somesuch. No wonder Jeff >Gordon was asking William Geiger if Adam Back is ever in the U.S. Customs >could nab him at the port of entry. Well fear was my first reaction. I am not accustom to being awakened by process servers 1st thing in the morning let alone being given less than 48hr to travel cross-country to appear before a Federal Grand Jury that, at the time, I could not understand why it was still going on (until I was actually before them I thought it was still investigating CJ) much less why I was being called. This turned to shock when I found out it was *me* and my activities (along with other CP list subscribers) that they were interested in. After finishing with my testimony the fear returned, the fear of the unknown. How far had things been compromised? I know that my dial-up ISP was monitoring my activities, but how far had things gone? Were they tapping my phones? Bugs placed in my office? Was my openpgp.net server compromised? Would my equipment & files even be there when I got back or would there just be a note from the MIB's?? Hell would I even make it back or would they decide to keep me (the prosecutor did not look happy at the end of my testimony). It is one thing to theoretically know that the NSA or some other TLA may be watching because of the field that I work in, it is quite another thing to be presented with proof that they are!! Now it has turned to anger. I am hopping mad over this whole thing. AFAIKT my involvement started with the "Dead Lucky" post in which the author(s) mention me by name as a contributor to the Dead Lucky AP Bot. Now this post was made last year (June 23, 1997 according to Jeff's report). So for close to a year now they have been monitoring my on-line activities. In this time I have not had any communications with CJ or anyone else with regards to the post or any alleged AP Bot yet as of 3-9-99 they were still monitoring my account!! An alternative theory is that they have not been monitoring my account but after the Web World posts were made they contacted my dialup ISP and requested logs on the basis that they were published through the openpgp.net node. This brings up implications as troubling or more than if they have been monitoring me for the past year. IMHO I do not think this is the case. Those posts were made ~8:30pm CDT on the 9th and my subpoenas were issued on the 10th. Turn around time was just too quick for anything other than active monitoring of my account. Now what really gets me is this: I have strong suspicions that there was no warrant issued to monitor my account! As I mentioned in my earlier post the prosecutor was very carefull not to admit that a warrant was issued when directly asked by a member of the Grand Jury: "you may *assume* that a warrant or warrants were obtained." Remember now were are talking about lawyers here, they are trained on how to craft their words. IMHO if no warrant was obtained the monitoring of my account and subsequent releasing of data was *illegal* and in violation of my civil rights. My dial-up ISP, by following the requests of the government, was acting as an agent of the state and thereby bound by the same constitutional restrictions. - -- - --------------------------------------------------------------- William H. Geiger III http://www.openpgp.net Geiger Consulting Cooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html Talk About PGP on IRC EFNet Channel: #pgp Nick: whgiii Hi Jeff!! :) - --------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i OS/2 for non-commercial use Comment: Registered_User_E-Secure_v1.1b1_ES000000 Charset: cp850 wm0DBQE3EcH0OgSW65d+5GUBAbEOAsCFUMs8W1Et7QtTml0Ai+JLIcBA4zoZfo2T sQk0fZpIsyTLLN8sBM+5QhKxBBoNyQ1Rs88AoKVhedBh77HK3ZBWODq90aqtbAjw pJErX4aDQck2j5/S4Xmj =in4o -----END PGP SIGNATURE-----
Date: Sat, 10 Apr 1999 23:42:11 +0100 Message-Id: <199904102242.XAA12688@server.eternity.org> From: Adam Back <firstname.lastname@example.org> To: email@example.com Subject: CDR: oh goody, more key games The message that was posted by anonymous just now, as you can see from the armor header lines, is a secret key block: > -----BEGIN PGP SECRET KEY BLOCK----- > Version: 2.6.3a > Comment: Hi Jeff!!! > Comment: plausible deniability > Comment: PASS: TOTOCUS Note the comment fields refer to William Geigers recent post, where he said that he created this key, and that he was asked during his testimony as to why, he said that it was (amongst other things) for plausible deniability. The key block contains the following two keys: Type Bits/KeyID Date User ID sec 704/977EE465 1997/06/08 Adam Back <spoofed fingerprint DO NOT USE> sec 768/21999D35 1998/09/10 TOTOCUS The first one is a key I generated back in 1997 to demonstrate the fingerprint spoofing attack which results from the design mistake that the key component lengths are not included in the md5 hash whch forms the fingerprint in pgp2.x. The fingerprint attack details below  (btw. DO NOT USE THE KEY, the fingerprint attack makes it readable by anyone because of the small factors of the replacement N used). The second key, seems to be a repost of the TOTOCUS key which William (?) posted anonymously some months ago. What the purpose of anonymous's post is, I don't know. Perhaps to encourage use of the TOTOCUS key? (My spoofed fingerprint private key does not function with PGP because the weird key parameters cause the CRT algorithm implementation PGP uses for signing to fail). (btw. if anyone is interested in tinkering with and examining keys and messages, pgpacket by Mark Shoulson is really handy. It is a perl program and can be obtained from: http://ftp.ox.ac.uk/pub/crypto/pgp/utils/ ) Adam  ====================================================================== PGP fingerprints are computed: fingerprint = md5( n || e ). Say we have a 1024 bit key, say e is small ( < 256). That means n || e is 129 bytes long. The e value must be represented by a whole byte. n can't be smaller than 384 bits (or PGP will reject it as too small to hold the required idea message key and padding), so that will give us 80 possible values for e and n. Lets use my 1024 bit key for an example. n = 0x99d61071378ee2c0c8c9c4b7786b203dedf2d6e526f24f7e83f3e0f960fb66b9 cb81c04e89d70689a4866f21ad1bb5ba6aee51469e5b59b121ba6f3f8d776b62 7253ba5dc9fca8155a565b9893f695d83a0496eb977ee4659ee20e0f2eb49b25 93c11487b377cc5d767c79fb985b464d4ae94a5f45e42e3b29c8b89d556a4a67 e = 0x13 So we could try: e = 0x6713 e = 0x4a6713 e = 0x6a4a6713 ... n = 0x99d61071378ee2c0c8c9c4b7786b203dedf2d6e526f24f7e83f3e0f960fb66b9 cb81c04e89d70689a4866f21ad1bb5ba e = 0x6aee51469e5b59b121ba6f3f8d776b627253ba5dc9fca8155a565b9893f695d8 3a0496eb977ee4659ee20e0f2eb49b2593c11487b377cc5d767c79fb985b464d 4ae94a5f45e42e3b29c8b89d556a4a6713 Here's the first candidate I found with only two factors starting from the smallest n value (384 bit n) so that it would be quicker to factorize (anything that took a long time to factor I moved on to next value). n = 0x99D61071378EE2C0C8C9C4B7786B203DEDF2D6E526F24F7E83F3E0F960FB66B9 CB81C04E89D70689A4866F21AD1BB5BA6AEE51469E5B59B121BA6F3F8D776B62 7253BA5DC9FCA8155A565B9893F695D83A0496EB977EE465 e = 0x9EE20E0F2EB49B2593C11487B377CC5D767C79FB985B464D4AE94A5F45E42E3B 29C8B89D556A4A6713 p = 0x6D q = 0x1694DA7CA7DC9B69CD9ECAAC8BCDF6A41988A31132573CFD6EF72CC44FFF5330 69074D8CB3F0974586892A25D2F3A08C19173D406266A82CCA3C3F4D705CAF78 23922972C20D99D8DBF07E2DE20CB5B3B3F747797B3A8D9 n = 0x99D61071378EE2C0C8C9C4B7786B203DEDF2D6E526F24F7E83F3E0F960FB66B9 CB81C04E89D70689A4866F21AD1BB5BA6AEE51469E5B59B121BA6F3F8D776B62 7253BA5DC9FCA8155A565B9893F695D83A0496EB977EE465 d = 0x0455419C3B8CCE54710EC04F9FA61F83A5E2363BE0D2E361886080716E7B8886 EA62B748F20B9E9E7F93F768616D3AF5F8785D514A82EE41CB1FF251FFB053FA 173D0B239D7BD1995B4F7DE3B2B112F911BE1304453EAC53 u = 0x0162AC862E1D88F2ACC3230A4AED13AEC3EA4A978387684ADA099644FF9FAA3D D51F6BA831347C5D12AD1CDC72F5FE40F66228E54573373C4A0F255A091879BC F2EA9509D46B673CB7C4EB8EDA0D6754DC373EA911653504 (Factorization courtesy of pollard rho / trial division code in the factorization code which comes in ssh-1.2.20, which includes a modified gmp-2.0.2 which has the code in the demos directory.) I checked RSA operation (with my .sig rsa program which works with hex numbers rather than formatted pgp keys) -- it works!! % echo hello world | rsa -k=9EE20E0F2EB49B2593C11487B377CC5D767C79FB985B464D4AE94A5F45E42E3B29C8B89D556A4A6713 -n=99D61071378EE2C0C8C9C4B7786B203DEDF2D6E526F24F7E83F3E0F960FB66B9CB81C04E89D70689A4866F21AD1BB5BA6AEE51469E5B59B121BA6F3F8D776B627253BA5DC9FCA8155A565B9893F695D83A0496EB977EE465 > out % % rsa -k=0455419C3B8CCE54710EC04F9FA61F83A5E2363BE0D2E361886080716E7B8886EA62B748F20B9E9E7F93F768616D3AF5F8785D514A82EE41CB1FF251FFB053FA173D0B239D7BD1995B4F7DE3B2B112F911BE1304453EAC53 -n=99D61071378EE2C0C8C9C4B7786B203DEDF2D6E526F24F7E83F3E0F960FB66B9CB81C04E89D70689A4866F21AD1BB5BA6AEE51469E5B59B121BA6F3F8D776B627253BA5DC9FCA8155A565B9893F695D83A0496EB977EE465 < out hello world % I'm off to pack this up as a PGP key, to see if PGP likes it! Well here's that key as a pgp key. Under no circumstances use it to encrypt a message you care about. Here's the public key. Type Bits/KeyID Date User ID pub 704/977EE465 1997/06/08 Adam Back <spoofed fingerprint DO NOT USE> -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.3i mQCNAzObE60AAAECwJnWEHE3juLAyMnEt3hrID3t8tblJvJPfoPz4Plg+2a5y4HA TonXBomkhm8hrRu1umruUUaeW1mxIbpvP413a2JyU7pdyfyoFVpWW5iT9pXYOgSW 65d+5GUBSJ7iDg8utJslk8EUh7N3zF12fHn7mFtGTUrpSl9F5C47Kci4nVVqSmcT tCpBZGFtIEJhY2sgPHNwb29mZWQgZmluZ2VycHJpbnQgRE8gTk9UIFVTRT6JAG0D BRAzmxOtOgSW65d+5GUBAQ27ArwOTveQTs0kjzBEMa09yWFs5+jNjv5tzSCngzXO bRzvwhTwWz4voR3ov2o0bGTYZF1biKRKeKqZzHb4Oq4XhD4TADdlmsxA5gQgbYFN 5K+tbgWEDQD53KFv =rlth -----END PGP PUBLIC KEY BLOCK----- Here's the secret half: -----BEGIN PGP SECRET KEY BLOCK----- Version: 2.6.3i lQGhAzObE60AAAECwJnWEHE3juLAyMnEt3hrID3t8tblJvJPfoPz4Plg+2a5y4HA TonXBomkhm8hrRu1umruUUaeW1mxIbpvP413a2JyU7pdyfyoFVpWW5iT9pXYOgSW 65d+5GUBSJ7iDg8utJslk8EUh7N3zF12fHn7mFtGTUrpSl9F5C47Kci4nVVqSmcT AAK7BFVBnDuMzlRxDsBPn6Yfg6XiNjvg0uNhiGCAcW57iIbqYrdI8guenn+T92hh bTr1+HhdUUqC7kHLH/JR/7BT+hc9CyOde9GZW09947KxEvkRvhMERT6sUwAHbQK5 AWlNp8p9ybac2eyqyLzfakGYijETJXPP1u9yzET/9TMGkHTYyz8JdFhokqJdLzoI wZFz1AYmaoLMo8P01wXK94I5IpcsINmdjb8H4t4gy1s7P3R3l7Oo2QK5AWKshi4d iPKswyMKSu0TrsPqSpeDh2hK2gmWRP+fqj3VH2uoMTR8XRKtHNxy9f5A9mIo5UVz NzxKDyVaCRh5vPLqlQnUa2c8t8TrjtoNZ1TcNz6pEWU1BIRbtCpBZGFtIEJhY2sg PHNwb29mZWQgZmluZ2VycHJpbnQgRE8gTk9UIFVTRT4= =lE9S -----END PGP SECRET KEY BLOCK----- Here are the fingerprints of spoofed key as compared to real key. Type Bits/KeyID Date User ID pub 704/977EE465 1997/06/08 Adam Back <spoofed fingerprint DO NOT USE> Key fingerprint = 18 B8 A0 65 9D 38 14 83 61 5A E6 AC 91 8B 9E 57 pub 1024/556A4A67 1993/06/08 Adam Back <firstname.lastname@example.org> Key fingerprint = 18 B8 A0 65 9D 38 14 83 61 5A E6 AC 91 8B 9E 57 Note the identical fingerprints! (Awesome). Key id of course is different. Also note that you can't decrypt directly with PGP, as I suspected, because the chinese remainder theorem used in decrypt to speed up the works barfs on small p. You can hack around that if you're bothered. It might be possible to find a spoofed fingerprint key with large p and q, so that this was not a problem. Below this post is my real key. This is a major security flaw, and I take my hat off to the guy who discovered it. As others noted (who were aware of this flaw) the solution is to consider the keyid as part of the fingerprint. That reduces by a factor of 2^25 the likelihood of the attack succeeding. I suspect that rules out the attack working for most keys. Also be suspicous of odd sized keys. Now if someones 2048 bit key has a 1024 bit spoof, you're in trouble. I think this should be possible for most/many keys, if you allow composite p & q. You could construct a key where the keyid matched, and the fingerprint matched for two different keys, using a combination of dead beef attack, and brute force to find a key with the keyid appearing two places in the key, and then trying to factor the n value at that point. Shouldn't take long. As far as PGP format goes, adding the length field into the digest would go along way towards fixing it. (Length fields for pgp big int representation is big endian 16 bit word representing length of following big int in bits). Peter Gutmann suggested using the ASN.1 representation for an RSA key, as a more portable way of doing it (compatible with x509). (btw for people playing with this stuff, a useful program is pgpacket.pl by Mark Shoulsen, which displays pgp packets as hex numbers, see ftp.ox.ac.uk/pgp somewhere under utils). Adam My real key, so you can compare fingerprints. Type Bits/KeyID Date User ID pub 1024/556A4A67 1993/06/08 Adam Back <email@example.com> -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.3i mQCNAiwUXUEAAAEEAJnWEHE3juLAyMnEt3hrID3t8tblJvJPfoPz4Plg+2a5y4HA TonXBomkhm8hrRu1umruUUaeW1mxIbpvP413a2JyU7pdyfyoFVpWW5iT9pXYOgSW 65d+5GWe4g4PLrSbJZPBFIezd8xddnx5+5hbRk1K6UpfReQuOynIuJ1VakpnAAUT tBxBZGFtIEJhY2sgPGFiYUBkY3MuZXguYWMudWs+iQCVAwUQMiDfwUZRiTErSPb1 AQF/yAP8D1X2eAhXSc0P/X7lCHyBhWCl3pxa6oyGxFBOmUeOGfYna8CpJeMiTmZm akRWDYmJUiXscQUfd9qRv8eAeOtbvM87olSjm56Dlh4gYJFZRxZ6IhHlFJx3mPmp q9PnL+pSC41IIheRBJFzpKGD3LW9+VQwRAx9bXFJYyOFpx7vGJqJAJUCBRAwLhaV fjuD7tLfgD0BAYnfA/0XByiiqDX/cxgWt9syiobJ0TrTKloJcEgzxnKmqHH7rhqn wWGQA2pbWPGW1AwLtkeE+JYyk21YQZZxYWerK3JUi8a/ye4EaaJSs8mcw9YCwdPC Xa0nlalh09/FBEt83l5auNbw+zl9AcrOIGsTQcAr0Vy5nnV9IEfi6WZ3/aQ734kB FQMFEC/gRoaxVzBJFqEkZQEBEXcIAI6z9nUinIomouzB/3v1Fu9+kLOLiva+7Mp1 8UT40FXvHSabXe/cSV1//lnlYHJnfpJCPFSEjGox1pVBp9pLmiJBmubLfUrojIAn FDB081n6kB0B4BKb2rUiNghvT4CzpBZ149g/2NGscRIeQOCYkA2cBxT44v2luuqN 3Ahg9bWu+kjnxUKIK9Da/8D0ur5HiinBDevPiVf3/uoOdZ8F7alxqitBcC5ctIYR tr8fgdQq8is6dbeNxDMraV5vEpEN27AU4xOetymdFUufbU1K6Riw5TVZni9qXAgU ZS3zyFw7wqJ/SWILMWp+99ss921b+GpL+/m6S4j7LTXvFvcfy9aJAJUDBRAv2A0p Kci4nVVqSmcBAcfoA/9Pt3BeJ3TdTtQzb9DNT7LoXiQesYG68lzIl7BZsRvXoi2Q yeCPNc/juTGBnKBHgxZezJCW8TaKdJjNEncv7p+1o+9fwmy9UKWXskh6N+Y0ZlhJ bD0T+8+L+Wxpr6k3dao/GfOnCvw8vpvzDV9lnjtqe2B1mU5eAY76FFtZXvM9xw== =xN9o -----END PGP PUBLIC KEY BLOCK-----
Date: Sat, 10 Apr 1999 23:14:38 +0100 From: Adam Back <firstname.lastname@example.org> To: email@example.com CC: firstname.lastname@example.org Subject: CDR: Re: Carl Johnson Jim Choate wrote: > Scoops wrote: > > innoncent. Many perons who get ground up are "more or less" innocent. If > > What do you believe he's guilty of? > > [completely non-functioning AP bot, etc] Well said Jim. > The fact that the IRS has continued this witch hunt because of the > discovery of a weakness in PGP based digital signatures as > obstruction is also laughable. The class of signature attacks that anonymous demonstrated a method for after my challenge was not a new discovery. I think this class of attack, or something very much like it, has been previously discovered. Perhaps I can find a reference to the literature. > CJ and any and every other citizen has a constitutional right to try > to demonstrate the case as presented by the IRS is faulty and > therefore should be dropped. The discussion and demonstrations that > took place on this mailing list fall under the 1st Amendment > protections of speech and press. I am not sure I understand what the obstruction business is about. People discussed their views of the merits of the IRS case, and I and a few others, and a few anonymous contributors had our own stab at analysing the collection of nyms and keys which have been posted to the list in the last couple of years by various nyms. If the result of this is that some of the IRS's arguments about keys being on CJ's laptop proving authorship evaporate, well that's tough luck. If the facts aren't convenient, who's fault is that. If they lack proof that CJ in fact did anything, doesn't this suggest that they ought to let him go, rather than that they should be annoyed about the inconvenience of the facts. > In this country one is innocent until proven guilty. You don't deny > innocent people their medication, contact with their associates > (whomever they might be), contact with the lawyer, access to the > evidence being presented against him, strap them to tables, etc. Crap like this is a travesty of justice. That the `system' knowingly tolerates it is despicable. The kinds of bullying and violence that is reputedly allowed in prisons, and used in an underhand indirect fashion by the system to `punish' people the prison officers, or the system has it in for is also dispicable. This kind of crap belongs in the dark ages. > No, those are signs of governments which are anything but democratic. Right. Adam
Date: Sun, 11 Apr 1999 17:33:59 +0100 From: Adam Back <email@example.com> To: firstname.lastname@example.org Subject: more Scoops on CJ [Scoops accidentally hit reply rather than reply all and sent this to me rather than to the list. Forwarded with permisssion -- Adam]. That's my read on the posted plea bargain: sentence = time served and superceding indictiments dropped. That cuts the funding on this whole mess instantly. There is no way that his federal public defender (which are usually better than a private attorney if you're paying less than $250,000 for a private one) hasn't gone over the plea bargain with CJ. But here's the problem with an innocent man. If the defendant does not freely admit to the defense attorney that he is guilty, then the defense attorney MUST take the matter to trial. That's the unwritten and ethical rule. You do not plea bargain anyone who says he's innocent. That's where the greening process starts with CJ. He's got to tell the defense lawyer that he admits he guilty and will take the plea bargain. Some friend has to get to him to tell him that's a reasonable move. He's not letting the cause down. In fact, at the rate you boys are getting subpoenaed, duces tecum (with all the evidence you have), he'd do the cause a whole lot more good he he pleaded out. Christ, at the very least he should be able to admit that he's guilty of poor judgment. I don't care how constitutional his behavior was. He was doing just fine with SPACE ALIENS HIDE MY DRUGS. The Preakness betting pool apparently is what pushed the feds over the edge. CJ may not be in a mental place to listen carefully to his defense lawyer. The lawyer has to speak very codedly that if CJ says he's innocent, there can be no guilty plea, no matter how lenient it is. It's CJ that has to tell the lawyer, yeah, I've read the indictment carefully, and I'm guilty of "x". I have known many a defendant who was looking at a 10 month plea bargain versus a 20 year sentence at trial who was innocent as hell and cut his losses and swore under oath that he was guilty as sin, took the 10 months at a camp and lived to fight another day. I've also met many an "innocent" man serving 5 to 10 years who was offered a "by" at plea bargain. Taking on the big boys is an expensive proposition and, in my professional judgment, only should be taken on if you don't have a choice -- such as a life sentence for money laundering and you're 50 years old and the prosecution is offering you twenty years if you plead. In that instance, there's no downside. If you've got the funds or the balls, you go for it. But, hell, they're offering CJ a walk if he pleads. Yeah, life with a felony conviction is nasty. But CJ wasn't going to be getting any white collar jobs anyway. (The feds aren't entirely stupid. If they let CJ go, with a felony conviction, they know he won't be able to have a gun for a least five years nor by certain chemicals.) Even if he was a white collar career man, the indictiment alone has doomed a "straight" career. He's fucked. The only question is whether he'll do time. And to save valuable bandwidth, I concede Jim Choate's point that all it takes is one juror to dead lock it. And then the feds get to retry it if they want and CJ'll do more time even if he's found not guilty the second time than if he took the plea bargain and went home tomorrow. At 12:02 AM 4/11/99 +0100, Adam Back wrote: > >Scoops wrote: >> Jim -- there is every possibility that everything you say is correct and CJ >> is innocent. Actually, that is what I believe. I nonetheless maintain >> that CJ's best course of action is to take the plea bargain since the plea >> carries no time in prison. It also stops all the superceding indictments. > >Oh, I didn't catch that aspect of the plea -- if he took it they would >let him out right now, plus I presume some onerous stipulations >restricting his rights and activities for a few years. > >CJ has more guts than most to see through what he feels is right on >principle, and deserves respect for that. Pity he hasn't got any real >defense -- I presume it is pretty much accepted that a public defender >isn't going to do a very good job. Presume you, scoops, wouldn't be >interested? > >I am curious about the Frisselian take on this -- wonder if the >Dancing Elephant Troupe would be suggested to be called in? Or if the >Scoops play it safe tatic would be recommened there also? > >Adam
Re: CDR: Carl Johnson (fwd)
----- Forwarded message from scoops ----- Date: Sat, 10 Apr 1999 11:13:06 -0700 From: scoops <email@example.com> Subject: Re: CDR: Carl Johnson Dear Mr. Young -- as you know, I am a "supporter" of CJ. He may well be innoncent. Many perons who get ground up are "more or less" innocent. If ----- End of forwarded message from scoops ----- What do you believe he's guilty of? A political webpage that discussed and demonstrated AP in a theoretical sense? When the LEA's tried the page, or anyone else for that matter, was any money required? When the 'bet' was placed was a CC or other form of EFT asked for? Has it been demonstrated that CJ's account or an account traceable to him was increased by some percentage of that bet (assuming he deducted operating costs)? If not it's hardly reasonable to call it a threat in and of itself. If CJ did put a bomb in a Canadian courthouse, from the perspective of US criminal law, so what? It's a crime in Canada and not here. The fact that the IRS offered to let him go for 'assault' and time served would indicate they feel their case is very weak, as well as the Canadians claim that he was the creator of the bomb. If there were credible proof that a bomb was placed in a Canadian courthouse why are the IRS wasting our money and time when they should ship him off to Canada per the extradition treaties we have with them? It would solve everyones problem and be the most cost effective for the US citizen. Now if CJ was taken into custody simply because the IRS didn't like the tone of the webpage and his politics then he was fully justified in self-defence. In fact the IRS, and by extension every tax payer, is at fault and owes CJ restitution for the abuses he suffered. The fact that the IRS has continued this witch hunt because of the discovery of a weakness in PGP based digital signatures as obstruction is also laughable. CJ and any and every other citizen has a constitutional right to try to demonstrate the case as presented by the IRS is faulty and therefore should be dropped. The discussion and demonstrations that took place on this mailing list fall under the 1st Amendment protections of speech and press. The approach and attitude of the IRS strikes me as akin to the neighborhood bully who had their noses bloodied for a change. In this country one is innocent until proven guilty. You don't deny innocent people their medication, contact with their associates (whomever they might be), contact with the lawyer, access to the evidence being presented against him, strap them to tables, etc. No, those are signs of governments which are anything but democratic. ____________________________________________________________________ Vice is nurtured by secrecy. Virgilius The Armadillo Group ,::////;::-. James Choate Austin, Tx /:'///// ``::>/|/ firstname.lastname@example.org www.ssz.com .', |||| `/( e\ 512-451-7087 -====~~mm-'`-```-mm --'- --------------------------------------------------------------------