Stephen D. Williams
Mon, 03 Dec 2001 20:42:02 -0500
I was on Cypherpunks for YEARS! I dropped off several years ago, but
always contemplated going back.
And now, I'm suddenly back into security, crypto, PKI, etc....
R. A. Hettinga wrote:
>...and long live cypherpunks, of course, which, for years now, has existed
>on a distributed network of un-killable lists, like some feral form of
>Usenet, complete with obscene body piercings, matted hair, bad breath and
>sharp, pointy teeth...
>Send "info cypherpunks" in the body of a message to email@example.com for
>details on how the cypherpunks distributed remailer system works now...
>Once the online haunt of top cryptographers, the Cypherpunks list was
>characterized by its mix of revolutionary politics and advanced
>mathematics. This week, a founder pronounced it dead and buried
>By Will Rodger
>Nov 29 2001 10:15AM PT
>The Cypherpunks list, an online forum that in many ways defined Internet
>activism, was booted unceremoniously from its original home, toad.com,
>earlier this week.
>In an open posting to several mailing lists, Cypherpunks veteran John
>Gilmore all but dismissed the computer-security and privacy forum he
>co-founded in the early 1990s. It had, he wrote, "degenerated a long time
>ago to the point where I have no idea why more than 500 people are still
>receiving it every day."
>Yet, for all the irrelevant comments, vicious infighting and radical
>libertarian politics that flourish on the list, Cypherpunks has chronicled
>every important event in the short history of modern cryptography, as well
>as the cyber-rights movement that grew out of it.
>The mailing list spawned not just commerce but an entire philosophy.
>Members vanquished U.S. controls on cryptography exports, and opened up a
>wider dialogue about the use and misuse of technology.
>"Cypherpunks has really advanced the state of the art," said Peter Wayner,
>a cryptographer who vetted every one of his eight books on programming and
>technology on the list. "One of the greatest advantages is so many people
>are not constrained by non-disclosure agreements or the need to keep their
>Seemingly every major figure in cryptography and computer security has
>passed through the list from time to time. Past participants include noted
>cryptographers such as Matt Blaze and Adam Shostack, computer firewall
>inventor Steven Bellovin, and the first developer of a commercial firewall,
>Some say it was the Clipper Chip that made it all possible.
>In 1992 the Clinton Administration revived an earlier Bush Administration
>proposal to, in effect, regulate all data-scrambling technology used in the
>U.S. The so-called Clipper Chip would have "escrowed" encryption keys that
>ordinary citizens used. If police ever encountered encrypted email or other
>data they could not decipher, they could monitor those communications under
>A storm of controversy followed. Businesses said the proposal undermined
>U.S. products in a world market that required no such "key escrow." Civil
>libertarians predicted massive email snooping once the Internet took hold.
>Hundreds of smart but worried programmers flocked to Cypherpunks. They
>learned about not just encryption, but digital cash, anonymous remailers
>capable of sending messages without a discernible return address, even
>"black nets" that would use all three together to form a perfect black
>market with worldwide reach.
>Some reveled in the idea of "crypto-anarchy." Others went to work.
>Lance Cottrell, then a graduate student at the University of California at
>San Diego, joined the list because he wanted to fight the Clipper Chip.
>Energized and excited by a field that was new to him, he soon went to work
>on what became the Mixmaster remailer, which solved many security
>vulnerabilities in traditional remailers.
>"It earned me a reputation," Cottrell says today. "I was one of the people
>who had gone out and done something about it, instead of just talking about
>Publicists now hawk his Anonymizer.com as one of the rare Internet-only
>companies that actually turns a profit.
>Adam Shostack, a top cryptographers at Zero-Knowledge Systems in Montreal,
>earned his chops at Cypherpunks, too.
>"Smart People with Cool Ideas"
>Back in 1992, Shostack was a lowly systems administrator at Boston's
>Brigham and Women's Hospital just beginning to learn about computer
>security. His interest in firewalls led him to the list, and from there to
>contacts throughout the computer-security community. Soon he had learned
>enough to publish an early critique of secure log-in technology sold by
>Security Dynamics. Along the way, Shostack met Matt Blaze an early debunker
>of the Clipper Chip's flawed security, as well as Adam Back and Ian
>Goldberg, each of whom had discovered serious problems with credit-card
>security in early versions of the Netscape browser.
>The work helped Shostack land the job at ZKS.
>"It was involving," he says today. "There were lots of really smart people
>playing with these really cool ideas. As a young guy who was just getting
>into this stuff, it was a great way to really jump in. I'm not saying it
>was polite or easy we all did our share of roasting one another, but the
>ideas really overcame that."
>Architect John Young found a new outlet for his political leanings through
>Cypherpunks, and in the process started one of the most closely followed
>archives on the Net.
>Young was fascinated by the interplay of the civil and governmental on the
>list. The dynamic of intellectuals pitted against federal watchmen reminded
>him of his days as a 60s radical at Columbia University. Cypherpunks and
>the Internet gave him a new chance to follow in the footsteps of the time.
>Soon, he was publishing classified and formerly classified documents about
>encryption and surveillance at www.cryptome.org.
>Over the years, documents from the FBI, NSA, CIA, British intelligence and
>a multitude of other sources have landed at his Web site. Major newspapers
>and television networks have picked up and run with the documents.
>His archives also feature a long list of legal documents revolving around
>the fight to unseat copyright laws, like the Digital Millennium Copyright
>Act, that limit what consumers can do with materials they buy. Research
>itself, Young says, is threatened in fights over copying technologies like
>Napster, and tools designed to crack copy-protection schemes.
>Like John Gilmore, Young concedes the Cypherpunks list has lost something
>it once had. But unlike Gilmore, he thinks it is still valuable.
>Other, moderated fora like the popular Cryptography mailing list cannot
>equal the spontaneity of thought found on Cypherpunks, even today, he says.
>"These lists have more or less withered under moderation, but things
>continue to happen under Cypherpunks. These other ones get so serious and
>important sounding people walk away. They forget the Net is supposed to be
>entertaining as well as educational."
>The Cypherpunks list will continue to be hosted on other sites, but many
>participants agree that the ejection from its birthplace is a moribund
>Wayner, for his part, says many, more conventional lists sprang from
>Cypherpunks because one list simply could not do it all. That, he said, is
>a tribute in itself.
>"The main reason the list doesn't seem to have the center of gravity
>anymore is the topic has gotten so big and gone in so many directions,"
>Wayner says. "It used to be you could read maybe (the newsgroup) comp.risks
>and Cypherpunks and you had read all there was. Now there are so many
>things going on it can't be the center of gravity, it can't be the center
>of all things."