Category Archives: Cryptography

NYT Does AACS Code

Posted on May 3, 2007 by Michael Froomkin

Was the previous post too cryptic? The NYT explains everything at In Web Uproar, Antipiracy Code Spreads Wildly.

Posted in Cryptography | Comments Off on NYT Does AACS Code

Verio/NTT Sends Shutdown Notice to Cryptome — But Gives No Reason

Posted on April 28, 2007 by Michael Froomkin

John Young runs a very useful, important, but edgy (some would say over the edge) service at Cryptome.org, which I wrote about in Cryptome: Often Heroic, but Sometimes Creepy.

Over the years he's had some DMCA notices, and takedown requests passed on from foreign intelligence services, all of which his ISP Verio/NTT has dealt with in what seemed from his account to be a reasonable manner.

Now, all of a sudden and apparently without giving any reason, John Young reports that he's gotten a letter telling him that Cryptome is to be Shutdown by Verio/NTT.

This notice of termination is surprising for Verio has been consistently supportive of freedom of information against those who wish to suppress it. Since 1999 Cryptome has received a number of e-mailed notices from Verio's legal department in response to complaints from a variety of parties, ranging from British intelligence to alleged copyright holders to persons angry that their vices have been exposed (see below). In every case Verio has heretofore accepted Cryptome's explanation for publishing material, and in some cases removal of the material, and service has continued.

In this latest instance there was no notice received from Verio describing the violation of acceptable use to justify termination of service prior to receipt of the certified letter, thus no opportunity to understand or respond to the basis for termination.

It may be wondered if Verio was threatened by an undisclosable means, say by an National Security Letter or by a confidential legal document or by a novel attack not yet aired.

Every few months our Verio service rep, Warren Gleicher, Senior Account Manager, (wgleicher[at]verio.net) writes to see if service is satifactory.

Danna and Warren: Cryptome would appreciate your telling what has led to the termination for publication. Send the information anonymously if necessary to keep your jobs.

At least they gave him two weeks notice, but still — pretty low not even to give a reason.

Posted in Civil Liberties, Cryptography | Comments Off on Verio/NTT Sends Shutdown Notice to Cryptome — But Gives No Reason

Bruce Schneier Tribute Site

Posted on April 6, 2007 by Michael Froomkin

I know Bruce Schneier, but this Bruce Schneier Facts website is full of amazing facts about him that I never even suspected.

Posted in Cryptography | Comments Off on Bruce Schneier Tribute Site

Adam Shostack Joins Microsoft

Posted on June 26, 2006 by Michael Froomkin

If hell hasn’t frozen over, then at least the temperature must have dropped a little on the news that cyber-security guru Adam Shostack is Joining Microsoft.

Most of the people in the circles he and I overlap in tend to speak derisively of Microsoft, but the reasons Shostack gives for signing on make Microsoft look pretty good,

Over the last few years, I’ve watched Microsoft embrace security. I’ve watched them make very large investments in security, including hiring my friends and colleagues. And really, I’ve watched them produce results.

In making this decision, I’ve had conversations with many people and organizations. The one theme that stands out was the difference in the conversations I had with Microsoft versus other software producers. Some of things that Microsoft does and are looking to improve haven’t even made it in rudimentary form anywhere else. I found myself having to shift gears and explain Microsoft’s Security Development Lifecycle. I noticed no one else with a Blue Hat conference. No one else stopping feature development to hunt for bugs. I (re-)discovered how few organizations have even basic formal security processes in place, and how few of those have audit to make sure that their processes are followed.

I realized just how many smart people are thinking about these questions at Microsoft, and I’m glad to be joining them

I just hope it won’t affect his blogging too much.

Posted in Cryptography | 3 Comments

Win for Sanity

Posted on May 31, 2006 by Michael Froomkin

The US Dept. of Commerce just killed, or at least referred to a committee, a set of dumb and restrictive proposals for changes to our rules on the export of technology and ideas. You can read about it at Secrecy News, “Deemed Exports”: Commerce Department Retreats.

Not only did we have a proposed restatement of the current (not-enforced) rule that an “export” occurs when I teach a class here in Miami that has a foreign student in it, but also an attempt to stop giving full faith and credit to foreign naturalizations (which isn’t unconstitutional but seems dubious under international law and treaty obligations) .

Commerce proposed that “access restrictions should be based on an individual’s country of birth rather than on his current citizenship.” This wasn’t a proposal to discriminate among naturalized US citizens (which would be thoroughly unconstitutional) but rather to discriminate among, say, naturalized Canadians depending on where they came from. A record-keeping nightmare for US universities, and probably a foreign-relations nightmare too. Good riddance.

Posted in Cryptography | Comments Off on Win for Sanity

Geekster Rap

Posted on May 6, 2006 by Michael Froomkin

Now this is joy: a rap song about cryptography! And of course it is called Alice and Bob. It’s by MC Plus+, and I found it via Bruce Shneier who’s mentioned in the song. Lyrics here, and an article at Wired.

Posted in Cryptography, Kultcha | Comments Off on Geekster Rap