||Home||Switchboard||Unix Administration||Red Hat||TCP/IP Networks||Neoliberalism||Toxic Managers|
|(slightly skeptical) Educational society promoting "Back to basics" movement against IT overcomplexity and bastardization of classic Unix|
|See Also||Recommended Books||Recommended Links||Tutorials||FAQs and References||Recommended Papers|
|Symmetric Crypto||Random Generators||Steganography||Digital signatures||Certificates management in OMU||Compression and crypto||Digital Code Signing|
Although cryptography is an ancient art, it had not been widely used until late 19th century. And outside military, real mass application started only with widespread use of personal computers. Before, say, 1990 outside of government classified systems and military the primary users of encryption have been financial institutions with their electronic fund transfer operations. The advent of the Internet in late 80th/early 90th as a cheap vehicle for transferring information electronically to all parts of the world and its inherent lack of security has inspired the use of encryption as a protection for sensitive information. As a direct result, new and rather esoteric encryption algorithms has been developed and put in widespread use to meet those challenges.
One result of the growing economic use of the Internet is the recognition by users and vendors alike that there is a need to provide a mechanism to protect the confidentiality of Internet users and the content of their transactions. Here encryption naturally comes to into play.
This page may help students by providing annotated links to the main topics in cryptography algorithms, including single-key cryptography algorithms, public-key cryptography algorithms, key negotiation algorithms, message authentication algorithms (digital signatures). Essentially basic information and it can be found also on any other similar university course pages.
Please note that many of those algorithms represent a new areas of computer science.
In Internet age cryptography is important for the same reasons that photo IDs were important before and fences were important even before that. Cryptography offers three essential services that protect internet user and his/her data from theft and fraud. These services are authentication, integrity, and confidentiality. The latter in view of latest NSA revelations is mostly illusionary unless you take special measures such as dual layer encryption and steganography. Especially vulnerable are any data stored in the cloud, especially your address books and emails that are stored in Web mail accounts such as Gmail, hotmail or Yahoo mail.
There's a saying that "on the Internet, nobody knows you're a dog." And one of the things that make Internet so attractive, I would say addictive, is the (fake) anonymity it offers. In reality this anonymity is an illusion. Moreover most of your activities are probably stored for five years or more. Some are stored probably for life. In other words you are like a bug under the microscope.
With the current capabilities of various companies (Google, Facebook, Amazon to name a few) and agencies to intercept and log your internet communications this anonymity is greatly exaggerated. Email is probably the most abused type of service. It is routinely intercepted and analyzed. And actually "could email" is a remote storage that does not belong to you so in no way we can talk seriously about anonymity of such email.
Transborder communication are the natural, by law, domain of national three letter agencies. For example all your emails to addresses outside the country are intercepted and stored as a matter of policy.
The US government intercept approximately 1.6 billion messages a day. You also can be pretty sure that all your email to foreign addresses for the last decade or so is stored somewhere and can be retrieved and analyzed in case of necessity. Capabilities of modern storage goes into petabytes(1015) with large government agencies able to store Zettabytes(1021). If we assume that there are 100 millions(108) of active Internet users in the USA (out of 300 million population), then one just one petabyte storage allows approximately 107 per individual. Ten megabytes is a lot of storage for compressed text information and corresponds probably to 100 megabytes uncompressed. If we assume that information is stored for 10 years that's 10 megabytes per year. And this is just one petabyte, the storage that even a medium income individual can assemble without much problems.
One petabyte is 1000 gigabytes which can be stored on 250 4 GB drives, $200 each. So we are taking about something like $70K ($50K for drives and, say, $20K for hardware and software for those drives, assuming 12 drives per server, such as RB-1200 ($700) ). There are a number of different 2U cases that feature 12x3.5" hot swap bays (3 vertically x 4 horizontally -- See Supermicro's SC827)
Any defense from a "fishbowl" effect of such massive storage is based on cryptography or steganography (you can hide messages and "junk" plaintext with a side effect of increasing storage requirements.
Snowden revelations also greatly increased the value of non-standard, custom crypto-algorithms. Now after Snowden revelation we can assume that newer standard crypto algorithms are compromised (it's still unclear if DEC was compromised, as at the time of its creation the priorities were different). That means that you need to use "pre-encryption" with non-standard algorithms and additional key even if your channel is encrypted to ensure privacy of transmission.
With your Web access logs situation is a little bit more fuzzy. If you use particular IP from a particular provider, it not that difficult to log all your web activity. All your Google searches and all you activity on Youtube is logged, no question about it :-). And those logs probably are stored for a very long time. But here we are talking about logs, and the data you've sent, not the data you retrieve. If you use proxies like anonimizers it's more difficult, but at the same time it automatically makes your traffic more suspicious and it comes under higher level of scrutiny. The same is true about usage of PGP for emails. Steganography is much more subtle way to ensure privacy of your emails that PGP encryption. Using "Aesop language" can be viewed as the simplest way to apply steganography to your emails.
In any case without cryptography, privacy of your Internet activities is non-existent. The right assumption is that when you access Internet you are living in a fishbowl.
If you're trying to conduct business you face different problem. Here you need to assure your customers that "you are you, not some impostor". Customers need to be sure that that they're ordering from real businesses. Not from a fake sites designed to steal their financial information. Cryptography also offers a solution to this problem. Certificates are sometimes called "digital IDs," because they can be used to verify the identity of someone you don't know. This process is called "authentication". Certificates can be used with another technique, "digital signatures", to ensure that nobody impersonate you and/or to protect the integrity of data. It's very easy to forge email (although primitive forging is easy to detect), but it's really hard to forge a digitally signed email message.
The level we discuss this subject is very basic and mainly oriented on CS students of Network Security course or similar. I would like to stress again that I not specialist in this particular area, but I hope it still useful for computer science students, especially to students of "Network Security" course that I used to teach.
Bijective compression means that for any file X, F( F'( X ) ) == X. (F is either the compressor or decompressor, and F' is its opposite). this defines lossless compression. This type of compression is important in compressing files and in crypto algorithms.
Custom compression now is often used as a standard first phase of encryption of large chunks of texts. It eliminates redundancy and thus creates significant additional difficulties for attempts to break particular cipher in many case making them simply impossible (using salt to make it unique and if a non standard algorithms with no headers is used). It destroys the notion of the dictionary and of a known plaintext. Even alphabet used became unknown.
Symmetric Crypto Algorithms
Introduction to Public-Key Cryptography
Dr. Nikolai Bezroukov
Feb 14, 2020 | sputniknews.com
Relying on a single firm's devices to ensure national security and transmit state secrets was obviously a bad idea, says Mauro Conti, full professor in computer science, commenting on the recently exposed collaboration between a Switzerland-based global encryption company and the US and German intelligence services. The US Central Intelligence Agency (CIA) and Germany's Federal Intelligence Service (BND) had covertly run Crypto AG , a Swiss company that made and sold encryption equipment to over 120 countries for decades, making it possible for American and German spies to crack other nations' top secrets, The Washington Post, German public broadcaster ZDF and Switzerland's SRF revealed this week.
Switzerland's Neutrality Was Seen as 'Plus' for the Company
For the countries which used Crypto AG's services, including nations in Europe, Africa, the Middle East, Latin America and even the Vatican, Switzerland's neutrality was an important factor. Nevertheless, Washington's major Cold War rival – the USSR – was never one of the company's customers. For the countries which used Crypto AG's services, including nations in Europe, Africa, the Middle East, Latin America and even the Vatican, Switzerland's neutrality was an important factor. Nevertheless, Washington's major Cold War rival – the USSR – was never one of the company's customers."The location of the company was probably considered by some 'a plus' for the company to be trusted. For those, there will probably be a re-thinking of this bias, but maybe not enough to change the decision that they took", says Mauro Conti, full professor in computer science, and head of SPRITZ Security and Privacy Research Group.According to Conti, "rooting the security of an organisation on 'a single' company/device, might also be a bad practice that could and should have been avoided"."Keeping information, as well as operations like this, secret is always a 'battle of wits' between entities that have two opposite goals,", the professor elaborates. "If it has been uncovered for a long time, it just means that who was running it, did it quite well, and/or that those who were supposed to find this out, did not put in enough effort, including working on the wrong assumptions."According to reports, the earliest mentions of the clandestine operation in the press go back to 1992 and 1995. On 10 December 1995, The Baltimore Sun According to reports, the earliest mentions of the clandestine operation in the press go back to 1992 and 1995. On 10 December 1995, The Baltimore Sun broke the news that the US National Security Agency (NSA) "secretly rigged Crypto AG machines" so that American spies could easily decrypt their codes, citing former company employees and documents. However, the story was resolutely denied by the US and German intelligence services. Responding to the question as to why it has been found out now, Conti noted laconically that "the battle of wits and capabilities to support them just turned in favour of the other player". Responding to the question as to why it has been found out now, Conti noted laconically that "the battle of wits and capabilities to support them just turned in favour of the other player". Responding to the question as to why it has been found out now, Conti noted laconically that "the battle of wits and capabilities to support them just turned in favour of the other player".
Apr 30, 2020 | www.zerohedge.com
xxx logicalman 4/27/2020, 1:40:42 PM (Edited)
After WW2 the Brits collected as many Enigma machines as they could get their hands on and gave them to all the commonwealth countries, and a few others, saying they were un-crackable all the while knowing that wasn't the case and they could read them like the daily papers. That's why Enigma was top secret for at least 40 years - some details will likely be kept secret for ever.
My dad worked on cracking it - got a medal for his work 50 years after the end of WW2. Didn't let on to anyone until his work was declassified. I had some very interesting conversations with him towards the end of his life.
He was invited down to Bletchley for the official switch-on when the Colossus rebuild was finished.
Apr 03, 2020 | getpocket.com
They're almost invisible but contain a hidden code – and their presence on a leaked document has sparked speculation about their usefulness to FBI investigators. BBC Future |
- Chris Baraniuk
On 3 June, 2017, FBI agents arrived at the house of government contractor Reality Leigh Winner in Augusta, Georgia. They had spent the last two days investigating a top secret classified document that had allegedly been leaked to the pres s. In order to track down Winner, agents claim they had carefully studied copies of the document provided by online news site The Intercept and noticed creases suggesting that the pages had been printed and "hand-carried out of a secured space".
In an affidavit , the FBI alleges that Winner admitted printing the National Security Agency (NSA) report and sending it to The Intercept. Shortly after a story about the leak was published, charges against Winner were made public.
At that point, experts began taking a closer look at the document, now publicly available on the web. They discovered something else of interest: yellow dots in a roughly rectangular pattern repeated throughout the page. They were barely visible to the naked eye, but formed a coded design. After some quick analysis , they seemed to reveal the exact date and time that the pages in question were printed: 06:20 on 9 May, 2017 – at least, this is likely to be the time on the printer's internal clock at that moment. The dots also encode a serial number for the printer.
These "microdots" are well known to security researchers and civil liberties campaigners. Many colour printers add them to documents without people ever knowing they're there.
Dots from a HP Laserjet printer, illuminated with blue light. Credit: Florian Heise/Wikipedia .
In this case, the FBI has not said publicly that these microdots were used to help identify their suspect, and the bureau declined to comment for this article. The US Department of Justice, which published news of the charges against Winner, also declined to provide further clarification.
In a statement , The Intercept said, "Winner faces allegations that have not been proven. The same is true of the FBI's claims about how it came to arrest Winner."
But the presence of microdots on what is now a high-profile document (against the NSA's wishes) has sparked great interest.
"Zooming in on the document, they were pretty obvious," says Ted Han at cataloguing platform Document Cloud , who was one of the first to notice them. "It is interesting and notable that this stuff is out there."
Another observer was security researcher Rob Graham, who published a blog post explaining how to identify and decode the dots. Based on their positions when plotted against a grid, they denote specific hours, minutes, dates and numbers. Several security experts who decoded the dots came up with the same print time and date.
Microdots have existed for many years. The Electronic Frontier Foundation (EFF) maintains a list of colour printers known to use them . The images below, captured by the EFF, demonstrate how to decode them:
These yellow dots, magnified 60 times, were found on a Xerox printout. Credit: Electronic Frontier Foundation/CC BY 3.0 .
The dots become more easily visible when magnified and photographed under a blue LED flashlight. Credit: Electronic Frontier Foundation/CC BY 3.0 .
For further clarity, the dots here are annotated. So what does the shape mean? Credit: Electronic Frontier Foundation/CC BY 3.0 .
The position of the dots reveals the time and date of the printout, and the serial number of the device. Credit: Electronic Frontier Foundation/CC BY 3.0 .
As well as perhaps being of interest to spies, microdots have other potential uses, says Tim Bennett, a data analyst at software consultancy Vector 5 who also examined the allegedly leaked NSA document.
"People could use this to check for forgeries," he explains. "If they get a document and someone says it's from 2005, [the microdots might reveal] it's from the last several months."
If you do encounter microdots on a document at some point, the EFF has an online tool that should reveal what information the pattern encodes.Hidden Messages
Similar kinds of steganography – secret messages hidden in plain sight – have been around for much longer.
Slightly more famously, many banknotes around the world feature a peculiar five-point pattern called the Eurion constellation . In an effort to avoid counterfeiting, many photocopiers and scanners are programmed not to produce copies of the banknotes when this pattern is recognised.
The NSA itself points to a fascinating historical example of tiny dots forming messages – from World War Two. German spies in Mexico were found to have taped tiny dots inside the envelope concealing a memo for contacts in Lisbon.
At the time, these spies were operating undercover and were trying to get materials from Germany , such as radio equipment and secret ink. The Allies intercepted these messages, however, and disrupted the mission. The tiny dots used by the Germans were often simply bits of unencrypted text miniaturised to the size of a full-stop.
This sort of communication was widely used during WWII and afterwards, notably during the Cold War. There are reports of agents operating for the Soviet Union, but based undercover in West Germany and using letter drops to transmit these messages .
Microdots taped inside the label of an envelope sent by German spies in Mexico City to Lisbon during World War Two. Credit: Wikipedia .
And today, anyone can try using microtext to protect their property – some companies, such as Alpha Dot in the UK , sell little vials of permanent adhesive full of pin-head sized dots, which are covered in microscopic text containing a unique serial number. If the police recover a stolen item, the number can in theory be used to match it with its owner.
Many examples of these miniature messages do not involve a coded pattern as with the output of many colour printers, but they remain good examples of how miniscule dispatches physically applied to documents or objects can leave an identifying trail.
Some forms of text-based steganography don't even use alphanumeric characters or symbols at all. Alan Woodward, a security expert at the University of Surrey, notes the example of 'Snow' – Steganographic Nature Of Whitespace – which places spaces and tabs at the end of lines in a piece of text. The particular number and order of these white spaces can be used to encode an invisible message.
"Locating trailing whitespace in text is like finding a polar bear in a snowstorm," the Snow website explains .
Woodward points out, though, that there are usually multiple ways of tracing documents back to whoever printed or accessed them.
"Organisations such as the NSA have logs of every time something is printed, not just methods of tracking paper once printed," he says. "They know that people know about the yellow dots and so they don't rely upon it for traceability."
There is a long-running debate over whether it is ethical for printers to be attaching this information to documents without users knowing. In fact, there has even been a suggestion that it is a violation of human rights and one MIT project has tracked more than 45,000 complaints to printer companies about the technology.
Still, many believe that the use of covert measures to ensure the secrecy of classified documents remains necessary in some cases.
"There are things that governments should be able to keep secret," says Ted Han.
However, he adds, "I hope that folks think about their operational security and also about how journalists can protect themselves – and their sources as well."
Feb 14, 2020 | www.msn.com
Stay Connected on the Go with Breaking News Alerts Get the Microsoft News App for your phone, on iOS and Android No thanks Download now msn news powered by Microsoft News
'The intelligence coup of the century': For decades, the CIA read the encrypted communications of allies and adversaries Greg Miller 1 day ago Angels pitcher goes off on cheating Astros NATO to expand Iraq training in response to Trump
- Angels pitcher goes off on cheating Astros
- NATO to expand Iraq training in response
- Shania Twain on finding love again
- How to make a big increase in retirement
- SD nixes hat over logo's resemblance to
- Parents fall asleep during newborn's
- Trista Sutter has surgery after
- US on track for first $1T budget deficit since
- Junkyard Sterling kit car to receive LS4 swap
- People are clamoring to get a tattoo from
- This hotel has a room with a $200K mattress
- Report claims Mya secretly married last
- Chevy vs. Dodge vs. Ford: Which is the
- Americans claim this dinner idea is most
- Baltimore shooting leaves 2 officers
- The 5/20 rule is the nutrition principle
- GOP senators say Trump shouldn't
- Anna Faris confirms engagement, wants
- Unranked in preseason, these 7 teams now
- Farmers slam trucking giant with $1.1 billion
- Spain's Queen Letizia and her daughters
- Volkswagen doesn't want the Honda
- Analysis: Anatomy of Biden's New
- Community spread of new coronavirus in
- Moranis returns for 'Honey, I Shrunk the
- Brady, Patriots have made no progress
- Boeing's got bigger problems than the
- People baffled by weird photo of a perfectly
- 2021 Aston Martin Vantage Roadster will
- Klobuchar's dark-horse campaign gets
- Attorney General Barr to testify before
- Lauren Graham to star in Mighty Ducks
- Which NFL team will be next to end title
- How your ex can ruin your financial plans
- Kate handles snake, feeds baby lamb, pets
- Why truck fans should care about electric
- Dems plan to begin recanvass of caucus
- Democrats ask Secret Service about
- Jameela Jamil refutes claims from critics
- Roenick leaving NBC Sports: 'Very
- Lloyd Blankfein says Bernie Sanders would
- Dear Therapist: I'm considering leaving
- How to prepare your car for engine swap
- Deval Patrick, last black candidate in race
- National security adviser: Vindman
- Review: Colum McCann's 'Apeirogon'
- A's complained about Astros to MLB before
- Why claiming Social Security is really just a
- How many African lions can you spot in this
- The 2021 Genesis GV80's interior is
For more than half a century, governments all over the world trusted a single company to keep the communications of their spies, soldiers and diplomats secret.
The company, Crypto AG, got its first break with a contract to build code-making machines for U.S. troops during World War II. Flush with cash, it became a dominant maker of encryption devices for decades, navigating waves of technology from mechanical gears to electronic circuits and, finally, silicon chips and software.
But what none of its customers ever knew was that Crypto AG was secretly owned by the CIA in a highly classified partnership with West German intelligence. These spy agencies rigged the company's devices so they could easily break the codes that countries used to send encrypted messages.
© Fotosearch/Getty Images The U.S. Army's Signals Intelligence Service was headed by William Friedman, center, in the mid-1930s. Other members, from left: Herrick F. Bearce, Solomon Kullback, U.S. Army Capt. Harold G. Miller, Louise Newkirk Nelson, seated, Abraham Sinkov, U.S. Coast Guard Lt. L.T. Jones and Frank B. Rowlett. The decades-long arrangement, among the most closely guarded secrets of the Cold War, is laid bare in a classified, comprehensive CIA history of the operation obtained by The Washington Post and ZDF, a German public broadcaster, in a joint reporting project.
The account identifies the CIA officers who ran the program and the company executives entrusted to execute it. It traces the origin of the venture as well as the internal conflicts that nearly derailed it. It describes how the United States and its allies exploited other nations' gullibility for years, taking their money and stealing their secrets.
The operation, known first by the code name "Thesaurus" and later "Rubicon," ranks among the most audacious in CIA history.
"It was the intelligence coup of the century," the CIA report concludes. "Foreign governments were paying good money to the U.S. and West Germany for the privilege of having their most secret communications read by at least two (and possibly as many as five or six) foreign countries."
From 1970 on, the CIA and its code-breaking sibling, the National Security Agency, controlled nearly every aspect of Crypto's operations -- presiding with their German partners over hiring decisions, designing its technology, sabotaging its algorithms and directing its sales targets.
Then, the U.S. and West German spies sat back and listened.
They monitored Iran's mullahs during the 1979 hostage crisis , fed intelligence about Argentina's military to Britain during the Falklands War , tracked the assassination campaigns of South American dictators and caught Libyan officials congratulating themselves on the 1986 bombing of a Berlin disco .© Provided by The Washington Post
The program had limits. America's main adversaries, including the Soviet Union and China, were never Crypto customers. Their well-founded suspicions of the company's ties to the West shielded them from exposure, although the CIA history suggests that U.S. spies learned a great deal by monitoring other countries' interactions with Moscow and Beijing.
There were also security breaches that put Crypto under clouds of suspicion. Documents released in the 1970s showed extensive -- and incriminating -- correspondence between an NSA pioneer and Crypto's founder. Foreign targets were tipped off by the careless statements of public officials including President Ronald Reagan. And the 1992 arrest of a Crypto salesman in Iran, who did not realize he was selling rigged equipment, triggered a devastating "storm of publicity," according to the CIA history.
But the true extent of the company's relationship with the CIA and its German counterpart was until now never revealed.
© Provided by The Washington Post The German spy agency, the BND, came to believe the risk of exposure was too great and left the operation in the early 1990s. But the CIA bought the Germans' stake and simply kept going, wringing Crypto for all its espionage worth until 2018, when the agency sold off the company's assets, according to current and former officials.
The company's importance to the global security market had fallen by then, squeezed by the spread of online encryption technology. Once the province of governments and major corporations, strong encryption is now as ubiquitous as apps on cellphones.
Even so, the Crypto operation is relevant to modern espionage. Its reach and duration helps to explain how the United States developed an insatiable appetite for global surveillance that was exposed in 2013 by Edward Snowden . There are also echoes of Crypto in the suspicions swirling around modern companies with alleged links to foreign governments, including the Russian anti-virus firm Kaspersky , a texting app tied to the United Arab Emirates and the Chinese telecommunications giant Huawei .
This story is based on the CIA history and a parallel BND account, also obtained by The Post and ZDF, interviews with current and former Western intelligence officials as well as Crypto employees. Many spoke on the condition of anonymity, citing the sensitivity of the subject.
It is hard to overstate how extraordinary the CIA and BND histories are. Sensitive intelligence files are periodically declassified and released to the public. But it is exceedingly rare, if not unprecedented, to glimpse authoritative internal histories of an entire covert operation. The Post was able to read all of the documents, but the source of the material insisted that only excerpts be published.
The CIA and the BND declined to comment, though U.S. and German officials did not dispute the authenticity of the documents. The first is a 96-page account of the operation completed in 2004 by the CIA's Center for the Study of Intelligence, an internal historical branch. The second is an oral history compiled by German intelligence officials in 2008.
The overlapping accounts expose frictions between the two partners over money, control and ethical limits, with the West Germans frequently aghast at the enthusiasm with which U.S. spies often targeted allies.
But both sides describe the operation as successful beyond their wildest projections. At times, including in the 1980s, Crypto accounted for roughly 40 percent of the diplomatic cables and other transmissions by foreign governments that cryptanalysts at the NSA decoded and mined for intelligence, according to the documents.
All the while, Crypto generated millions of dollars in profits that the CIA and BND split and plowed into other operations.© Jahi Chikwendiu/The Washington Post Crypto's sign is still visible atop its longtime headquarters near Zug, Switzerland, though the company was liquidated in 2018.
Crypto's products are still in use in more than a dozen countries around the world, and its orange-and-white sign still looms atop the company's longtime headquarters building near Zug, Switzerland. But the company was dismembered in 2018, liquidated by shareholders whose identities have been permanently shielded by the byzantine laws of Liechtenstein, a tiny European nation with a Cayman Islands-like reputation for financial secrecy.
Two companies purchased most of Crypto's assets. The first, CyOne Security, was created as part of a management buyout and now sells security systems exclusively to the Swiss government. The other, Crypto International, took over the former company's brand and international business.
Each insisted that it has no ongoing connection to any intelligence service, but only one claimed to be unaware of CIA ownership.
CyOne has more substantial links to the now-dissolved Crypto, including that the the new company's chief executive held the same position at Crypto for nearly two decades of CIA ownership.
A CyOne spokesman declined to address any aspect of Crypto AG's history, but said the new firm has "no ties to any foreign intelligence services."
Andreas Linde, the chairman of the company that now holds the rights to Crypto's international products and business, said he had no knowledge of the company's relationship to the CIA and BND before being confronted with the facts in this story.
"We at Crypto International have never had any relationship with the CIA or BND -- and please quote me," he said in an interview. "If what you are saying is true, then absolutely I feel betrayed, and my family feels betrayed, and I feel there will be a lot of employees who will feel betrayed as well as customers."
The Swiss government this month revoked Crypto International's export license. The timing of the decision by Swiss authorities was curious. The CIA and BND documents indicate that Swiss officials must have known for decades about Crypto's ties to the U.S. and German spy services, but intervened only after learning that news organizations were about to expose the arrangement.
The histories, which do not address when or whether the CIA ended its involvement, carry the inevitable biases of documents written from the perspectives of the operation's architects. They depict Rubicon as a triumph of espionage, one that helped the United States prevail in the Cold War, keep tabs on dozens of authoritarian regimes and protect the interests of the United States and its allies.
The papers largely avoid more unsettling questions, including what the United States knew -- and what it did or didn't do -- about countries that used Crypto machines while engaged in assassination plots, ethnic cleansing campaigns and human rights abuses.
The revelations in the documents may provide reason to revisit whether the United States was in position to intervene in, or at least expose, international atrocities, and whether it opted against doing so at times to preserve its access to valuable streams of intelligence.
Nor do the files deal with obvious ethical dilemmas at the core of the operation: the deception and exploitation of adversaries, allies and hundreds of unwitting Crypto employees. Many traveled the world selling or servicing rigged systems with no clue that they were doing so at risk to their own safety.© Jahi Chikwendiu/The Washington Post Juerg Spoerndli is an electrical engineer who spent 16 years working at Crypto. Deceived employees said the revelations about the company have deepened a sense of betrayal, of themselves and customers.
In recent interviews, deceived employees -- even ones who came to suspect during their time at Crypto that the company was cooperating with Western intelligence -- said the revelations in the documents have deepened a sense of betrayal, of themselves and customers.
"You think you do good work and you make something secure," said Juerg Spoerndli, an electrical engineer who spent 16 years at Crypto. "And then you realize that you cheated these clients."
Those who ran the clandestine program remain unapologetic.
"Do I have any qualms? Zero," said Bobby Ray Inman , who served as director of the NSA and deputy director of the CIA in the late 1970s and early 1980s. "It was a very valuable source of communications on significantly large parts of the world important to U.S. policymakers."© Bettmann/Bettmann Archive Boris Hagelin, the founder of Crypto, and his wife arrive in New York in 1949. Hagelin fled to the United States when the Nazis occupied Norway in 1940. A denial operation
This sprawling, sophisticated operation grew out of the U.S. military's need for a crude but compact encryption device.
Boris Hagelin, Crypto's founder, was an entrepreneur and inventor who was born in Russia but fled to Sweden as the Bolsheviks took power. He fled again to the United States when the Nazis occupied Norway in 1940.
He brought with him an encryption machine that looked like a fortified music box, with a sturdy crank on the side and an assembly of metal gears and pinwheels under a hard metal case.
It wasn't nearly as elaborate, or secure, as the Enigma machines being used by the Nazis. But Hagelin's M-209, as it became known, was portable, hand-powered and perfect for troops on the move. Photos show soldiers with the eight-pound boxes -- about the size of a thick book -- strapped to their knees. Many of Hagelin's devices have been preserved at a private museum in Eindhoven, the Netherlands.© Provided by The Washington Post
Sending a secure message with the device was tedious. The user would rotate a dial, letter by letter, and thrust down the crank. The hidden gears would turn and spit out an enciphered message on a strip of paper. A signals officer then had to transmit that scrambled message by Morse code to a recipient who would reverse the sequence.
Security was so weak that it was assumed that nearly any adversary could break the code with enough time. But doing so took hours. And since these were used mainly for tactical messages about troop movements, by the time the Nazis decoded a signal its value had likely perished.
Over the course of the war, about 140,000 M-209s were built at the Smith Corona typewriter factory in Syracuse, N.Y., under a U.S. Army contract worth $8.6 million to Crypto. After the war, Hagelin returned to Sweden to reopen his factory, bringing with him a personal fortune and a lifelong sense of loyalty to the United States.
Even so, American spies kept a wary eye on his postwar operations. In the early 1950s, he developed a more advanced version of his war-era machine with a new, "irregular" mechanical sequence that briefly stumped American code-breakers.
Alarmed by the capabilities of the new CX-52 and other devices Crypto envisioned, U.S. officials began to discuss what they called the "Hagelin problem."
These were "the Dark Ages of American cryptology," according to the CIA history. The Soviets, Chinese and North Koreans were using code-making systems that were all but impenetrable. U.S. spy agencies worried that the rest of the world would also go dark if countries could buy secure machines from Hagelin.
The Americans had several points of leverage with Hagelin: his ideological affinity for the country, his hope that the United States would remain a major customer and the veiled threat that they could damage his prospects by flooding the market with surplus M-209s from the war.© Fotosearch/Getty Images The U.S. Army's Signals Intelligence Service was headed by William Friedman, center, in the mid-1930s. Other members, from left: Herrick F. Bearce, Solomon Kullback, U.S. Army Capt. Harold G. Miller, Louise Newkirk Nelson, seated, Abraham Sinkov, U.S. Coast Guard Lt. L.T. Jones and Frank B. Rowlett.
The United States also had a more crucial asset: William Friedman. Widely regarded as the father of American cryptology, Friedman had known Hagelin since the 1930s. They had forged a lifelong friendship over their shared backgrounds and interests, including their Russian heritage and fascination with the complexities of encryption.
There might never have been an Operation Rubicon if the two men had not shaken hands on the very first secret agreement between Hagelin and U.S. intelligence over dinner at the Cosmos Club in Washington in 1951.
The deal called for Hagelin, who had moved his company to Switzerland, to restrict sales of his most sophisticated models to countries approved by the United States. Nations not on that list would get older, weaker systems. Hagelin would be compensated for his lost sales, as much as $700,000 up front.
It took years for the United States to live up to its end of the deal, as top officials at the CIA and the predecessor to the NSA bickered over the terms and wisdom of the scheme. But Hagelin abided by the agreement from the outset, and over the next two decades, his secret relationship with U.S. intelligence agencies deepened.
In 1960, the CIA and Hagelin entered into a "licensing agreement" that paid him $855,000 to renew his commitment to the handshake deal. The agency paid him $70,000 a year in retainer and started giving his company cash infusions of $10,000 for "marketing" expenses to ensure that Crypto -- and not other upstarts in the encryption business -- locked down contracts with most of the world's governments.
It was a classic "denial operation" in the parlance of intelligence, a scheme designed to prevent adversaries from acquiring weapons or technology that would give them an advantage. But it was only the beginning of Crypto's collaboration with U.S. intelligence. Within a decade, the whole operation belonged to the CIA and BND.© Jahi Chikwendiu/The Washington Post In 1967, Crypto released the H-460, an all-electronic machine whose inner workings were designed by the NSA. A brave new world
U.S. officials had toyed since the outset with the idea of asking Hagelin whether he would be willing to let U.S. cryptologists doctor his machines. But Friedman overruled them, convinced that Hagelin would see that as a step too far.
The CIA and NSA saw a new opening in the mid-1960s, as the spread of electronic circuits forced Hagelin to accept outside help adapting to the new technology, or face extinction clinging to the manufacturing of mechanical machines.
NSA cryptologists were equally concerned about the potential impact of integrated circuits, which seemed poised to enable a new era of unbreakable encryption. But one of the agency's senior analysts, Peter Jenks, identified a potential vulnerability.
If "carefully designed by a clever crypto-mathematician," he said, a circuit-based system could be made to appear that it was producing endless streams of randomly-generated characters, while in reality it would repeat itself at short enough intervals for NSA experts -- and their powerful computers -- to crack the pattern.
Two years later, in 1967, Crypto rolled out a new, all-electronic model, the H-460, whose inner workings were completely designed by the NSA.
The CIA history all but gloats about crossing this threshold. "Imagine the idea of the American government convincing a foreign manufacturer to jimmy equipment in its favor," the history says. "Talk about a brave new world."
The NSA didn't install crude "back doors" or secretly program the devices to cough up their encryption keys. And the agency still faced the difficult task of intercepting other government's communications, whether plucking signals out of the air or, in later years, tapping into fiber optic cables.
But the manipulation of Crypto's algorithms streamlined the code-breaking process, at times reducing to seconds a task that might otherwise have taken months. The company always made at least two versions of its products -- secure models that would be sold to friendly governments, and rigged systems for the rest of the world.
In so doing, the U.S.-Hagelin partnership had evolved from denial to "active measures." No longer was Crypto merely restricting sales of its best equipment, but actively selling devices that were engineered to betray their buyers.
The payoff went beyond the penetration of the devices. Crypto's shift to electronic products buoyed business so much that it became addicted to its dependence on the NSA. Foreign governments clamored for systems that seemed clearly superior to the old clunky mechanical devices, but in fact were easier for U.S. spies to read.German and American partners
By the end of the 1960s, Hagelin was nearing 80 and anxious to secure the future for his company, which had grown to more than 180 employees. CIA officials were similarly anxious about what would happen to the operation if Hagelin were to suddenly sell or die.
Hagelin had once hoped to turn control over to his son, Bo. But U.S. intelligence officials regarded him as a "wild card" and worked to conceal the partnership from him. Bo Hagelin was killed in a car crash on Washington's Beltway in 1970. There were no indications of foul play.
U.S. intelligence officials discussed the idea of buying Crypto for years, but squabbling between the CIA and NSA prevented them from acting until two other spy agencies entered the fray.
The French, West German and other European intelligence services had either been told about the United States' arrangement with Crypto or figured it out on their own. Some were understandably jealous and probed for ways to secure a similar deal for themselves.
In 1967, Hagelin was approached by the French intelligence service with an offer to buy the company in partnership with German intelligence. Hagelin rebuffed the offer and reported it to his CIA handlers. But two years later, the Germans came back seeking to make a follow-up bid with the blessing of the United States.
In a meeting in early 1969 at the West German Embassy in Washington, the head of that country's cipher service, Wilhelm Goeing, outlined the proposal and asked whether the Americans "were interested in becoming partners too."
Months later, CIA Director Richard Helms approved the idea of buying Crypto and dispatched a subordinate to Bonn, the West German capital, to negotiate terms with one major caveat: the French, CIA officials told Goeing, would have to be "shut out."
West Germany acquiesced to this American power play, and a deal between the two spy agencies was recorded in a June 1970 memo carrying the shaky signature of a CIA case officer in Munich who was in the early stages of Parkinson's disease and the illegible scrawl of his BND counterpart.
The two agencies agreed to chip in equally to buy out Hagelin for approximately $5.75 million, but the CIA left it largely to the Germans to figure out how to prevent any trace of this transaction from ever becoming public.
A Liechtenstein law firm, Marxer and Goop, helped hide the identities of the new owners of Crypto through a series of shells and "bearer" shares that required no names in registration documents. The firm was paid an annual salary "less for the extensive work but more for their silence and acceptance," the BND history says. The firm, now named Marxer and Partner, did not respond to a request for comment.
A new board of directors was set up to oversee the company. Only one member of the board, Sture Nyberg, to whom Hagelin had turned over day-to-day management, knew of CIA involvement. "It was through this mechanism," the CIA history notes, "that BND and CIA controlled the activities" of Crypto. Nyberg left the company in 1976. The Post and ZDF could not locate him or determine if he is still alive.
The two spy agencies held their own regular meetings to discuss what to do with their acquisition. The CIA used a secret base in Munich, initially on a military installation used by American troops and later in the attic of a building adjacent to the U.S. Consulate, as the headquarters for its involvement in the operation.
The CIA and BND agreed on a series of code names for the program and its various components. Crypto was called "Minerva," which is also the title of the CIA history. The operation was at first code-named "Thesaurus," though in the 1980s it was changed to "Rubicon."
Each year, the CIA and BND split any profits Crypto had made, according to the German history, which says the BND handled the accounting and delivered the cash owed to the CIA in an underground parking garage.
From the outset, the partnership was beset by petty disagreements and tensions. To CIA operatives, the BND often seemed preoccupied with turning a profit, and the Americans "constantly reminded the Germans that this was an intelligence operation, not a money-making enterprise." The Germans were taken aback by the Americans' willingness to spy on all but its closest allies, with targets including NATO members Spain, Greece, Turkey and Italy.
Mindful of the limitations to their abilities to run a high-tech company, the two agencies brought in corporate outsiders. The Germans enlisted Siemens, a Munich-based conglomerate, to advise Crypto on business and technical issues in exchange for five percent of the company's sales. The United States later brought in Motorola to fix balky products, making it clear to the company's CEO this was being done for U.S. intelligence. Siemens declined to comment. Motorola officials did not respond to a request for comment.
To its frustration, Germany was never admitted to the vaunted "Five Eyes," a long-standing intelligence pact involving the United States, Britain, Australia, New Zealand and Canada. But with the Crypto partnership, Germany moved closer into the American espionage fold than might have seemed possible in World War II's aftermath. With the secret backing of two of the world's premiere intelligence agencies and the support of two of the world's largest corporations, Crypto's business flourished.
A table in the CIA history shows that sales surged from 15 million Swiss francs in 1970 to more than 51 million in 1975, or $19 million. The company's payroll expanded to more than 250 employees.
"The Minerva purchase had yielded a bonanza," the CIA history says of this period. The operation entered a two-decade stretch of unprecedented access to foreign governments' communications.© White House/CNP/Getty Images Egyptian President Anwar Sadat and President Jimmy Carter meet during the Egyptian-Israeli peace negotiations at Camp David in Sept. 1978. During the negotiations, the NSA was secretly monitoring Sadat's communications back to Cairo. Iranian suspicions
The NSA's eavesdropping empire was for many years organized around three main geographic targets, each with its own alphabetic code: A for the Soviets, B for Asia and G for virtually everywhere else.
By the early 1980s, more than half of the intelligence gathered by G group was flowing through Crypto machines, a capability that U.S. officials relied on in crisis after crisis.
In 1978, as the leaders of Egypt, Israel and the United States gathered at Camp David for negotiations on a peace accord, the NSA was secretly monitoring the communications of Egyptian President Anwar Sadat back to Cairo.
A year later, after Iranian militants stormed the U.S. Embassy and took 52 American hostages, the Carter administration sought their release in back channel communications through Algeria. Inman, who served as NSA director at the time, said he routinely got calls from President Carter asking how the Ayatollah Khomeinei regime was reacting to the latest messages.
"We were able to respond to his questions about 85 percent of the time," Inman said. That was because the Iranians and Algerians were using Crypto devices.
Inman said the operation also put him in one of the trickiest binds he'd encountered in government service. At one point, the NSA intercepted Libyan communications indicating that the president's brother, Billy Carter , was advancing Libya's interests in Washington and was on leader Moammar Gaddafi 's payroll.
Inman referred the matter to the Justice Department. The FBI launched an investigation of Carter, who falsely denied taking payments. In the end, he was not prosecuted but agreed to register as a foreign agent.
Throughout the 1980s, the list of Crypto's leading clients read like a catalogue of global trouble spots. In 1981, Saudi Arabia was Crypto's biggest customer, followed by Iran, Italy, Indonesia, Iraq, Libya, Jordan and South Korea.
To protect its market position, Crypto and its secret owners engaged in subtle smear campaigns against rival companies, according to the documents, and plied government officials with bribes. Crypto sent an executive to Riyadh, Saudi Arabia, with 10 Rolex watches in his luggage, the BND history says, and later arranged a training program for the Saudis in Switzerland where the participants' "favorite pastime was to visit the brothels, which the company also financed."
At times, the incentives led to sales to countries ill-equipped to use the complicated systems. Nigeria bought a large shipment of Crypto machines, but two years later, when there was still no corresponding payoff in intelligence, a company representative was sent to investigate. "He found the equipment in a warehouse still in its original packaging," according to the German document.
In 1982, the Reagan administration took advantage of Argentina's reliance on Crypto equipment, funneling intelligence to Britain during the two countries brief war over the Falkland Islands, according to the CIA history, which doesn't provide any detail on what kind of information was passed to London. The documents generally discuss intelligence gleaned from the operation in broad terms and provide few insights into how it was used.© Andreas Schoelzel/Associated Press Plainclothes U.S. military officers walk around the scene of the bombing at the La Belle disco in West Berlin, which killed two U.S. soldiers and a Turkish woman in 1986. In an address, Reagan appears to have jeopardized the Crypto operation by citing evidence of Libya's complicity in the attack.
Reagan appears to have jeopardized the Crypto operation after Libya was implicated in the 1986 bombing of a West Berlin disco popular with American troops stationed in West Germany. Two U.S. soldiers and a Turkish woman were killed as a result of the attack.
Reagan ordered retaliatory strikes against Libya ten days later. Among the reported victims was one of Gaddafi's daughters. In an address to the country announcing the strikes, Reagan said the United States had evidence of Libya's complicity that "is direct, it is precise, it is irrefutable."
The evidence, Reagan said, showed that Libya's embassy in East Berlin received orders to carry out the attack a week before it happened. Then, the day after the bombing, "they reported back to Tripoli on the great success of their mission."
Reagan's words made clear that Tripoli's communications with its station in East Berlin had been intercepted and decrypted. But Libya wasn't the only government that took note of the clues Reagan had provided.
Iran, which knew that Libya also used Crypto machines, became increasingly concerned about the security of its equipment. Tehran didn't act on those suspicions until six years later.The irreplaceable man
After the CIA and BND acquisition, one of the most vexing problems for the secret partners was ensuring that Crypto's workforce remained compliant and unsuspecting.
Even while hidden from view, the agencies went to significant lengths to maintain Hagelin's benevolent approach to ownership. Employees were well-paid and had abundant perks including access to a small sailboat in Lake Zug near company headquarters.
And yet, those who worked most closely with the encryption designs seemed constantly to be getting closer to uncovering the operation's core secret. The engineers and designers responsible for developing prototype models often questioned the algorithms being foisted on them by a mysterious external entity.
Crypto executives often led employees to believe that the designs were being provided as part of the consulting arrangement with Siemens. But even if that were so, why were encryption flaws so easy to spot, and why were Crypto's engineers so routinely blocked from fixing them?
In 1977, Heinz Wagner, the chief executive at Crypto who knew the true role of the CIA and BND, abruptly fired a wayward engineer after the NSA complained that diplomatic traffic coming out of Syria had suddenly became unreadable. The engineer, Peter Frutiger, had long suspected Crypto was collaborating with German intelligence. He had made multiple trips to Damascus to address complaints about their Crypto products and apparently, without authority from headquarters, had fixed their vulnerabilities.
Frutiger "had figured out the Minerva secret and it was not safe with him," according to the CIA history. Even so, the agency was livid with Wagner for firing Frutiger rather than finding a way to keep him quiet on the company payroll. Frutiger declined to comment for this story.© Obtained by The Washington Post Mengia Caflisch, circa 1990s. After she was hired by Crypto, Caflisch, a gifted electrical engineer, began probing the vulnerabilities of the company's products.
U.S. officials were even more alarmed when Wagner hired a gifted electrical engineer in 1978 named Mengia Caflisch. She had spent several years in the United States working as a radio-astronomy researcher for the University of Maryland before returning to her native Switzerland and applying for a job at Crypto. Wagner jumped at the chance to hire her. But NSA officials immediately raised concerns that she was "too bright to remain unwitting."
The warning proved prescient as Caflisch soon began probing the vulnerabilities of the company's products. She and Spoerndli, a colleague in the research department, ran various tests and "plaintext attacks" on devices including a teletype model, the HC-570, that was built using Motorola technology, Spoerndli said in an interview.
"We looked at the internal operations, and the dependencies with each step," Spoerndli said, and became convinced they could crack the code by comparing only 100 characters of enciphered text to an underlying, unencrypted message. It was an astonishingly low level of security, Spoerndli said in an interview last month, but far from unusual.
"The algorithms," he said, "always looked fishy."
In the ensuing years, Caflisch continued to pose problems. At one point, she designed an algorithm so strong that NSA officials worried it would be unreadable. The design made its way into 50 HC-740 machines rolling off the factory floor before company executives discovered the development and stopped it.
"I just had an idea that something might be strange," Caflisch said in an interview last month, about the origin of her suspicions. But it became clear that her probing wasn't appreciated, she said. "Not all questions appeared to be welcome."
The company restored the rigged algorithm to the rest of the production run and sold the 50 secure models to banks to keep them out of the hands of foreign governments. Because these and other developments were so hard to defend, Wagner at one point told a select group of members of the research and development unit that Crypto "was not entirely free to do what it wanted."
The acknowledgment seemed to subdue the engineers, who interpreted it as confirmation that the company's technology faced constraints imposed by the German government. But the CIA and BND became increasingly convinced that their routine, disembodied interference was unsustainable.
Crypto had become an Oz-like operation with employees probing to see what was behind the curtain. As the 1970s came to a close, the secret partners decided to find a wizard figure who could help devise more advanced -- and less detectable -- weaknesses in the algorithms, someone with enough cryptological clout to tame the research department.
The two agencies turned to other spy services for potential candidates before settling on an individual put forward by Sweden's intelligence service. Because of Hagelin's ties to the country, Sweden had been kept apprised of the operation since its outset.
Kjell-Ove Widman, a mathematics professor in Stockholm, had made a name for himself in European academic circles with his research on cryptology. Widman was also a military reservist who had worked closely with Swedish intelligence officials.
To the CIA, Widman had an even more important attribute: an affinity for the United States that he had formed while spending a year in Washington state as an exchange student.
His host family had such trouble pronouncing his Swedish name that they called him "Henry," a moniker he later used with his CIA handlers.
Officials involved in Widman's recruitment described it as almost effortless. After being groomed by Swedish intelligence officials, he was brought to Munich in 1979 for what was purported to be a round of interviews with executives from Crypto and Siemens.
The fiction was maintained as Widman faced questions from a half-dozen men seated around a table in a hotel conference room. As the group broke for lunch, two men asked Widman to stay behind for a private conversation.
"Do you know what ZfCh is?" asked Jelto Burmeister, a BND case officer, using the acronym for the German cipher service. When Widman replied that he did, Burmeister said, "Now, do you understand who really owns Crypto AG?"
At that point, Widman was introduced to Richard Schroeder, a CIA officer stationed in Munich to manage the agency's involvement in Crypto. Widman would later claim to agency historians that his "world fell apart completely" in that moment.
If so, he did not hesitate to enlist in the operation.
Without even leaving the room, Widman sealed his recruitment with a handshake. As the three men joined the rest of the group at lunch, a "thumbs up" signal transformed the gathering into a celebration.
Crypto installed Widman as a "scientific advisor" reporting directly to Wagner. He became the spies' hidden inside agent, departing Zug every six weeks for clandestine meetings with representatives of NSA and ZfCh. Schroeder, the CIA officer, would attend but tune out their technical babble.
They would agree on modifications and work up new encryption schemes. Then Widman would deliver the blueprints to Crypto engineers. The CIA history calls him the "irreplaceable man," and the "most important recruitment in the history of the Minerva program."
His stature cowed subordinates, investing him "with a technical prominence that no one in CAG could challenge." It also helped deflect the inquiries of foreign governments. As Widman settled in, the secret partners adopted a set of principles for rigged algorithms, according to the BND history. They had to be "undetectable by usual statistical tests" and, if discovered, be "easily masked as implementation or human errors."
In other words, when cornered, Crypto executives would blame sloppy employees or clueless users.
In 1982, when Argentina became convinced that its Crypto equipment had betrayed secret messages and helped British forces in the Falklands War, Widman was dispatched to Buenos Aires. Widman told them the NSA had probably cracked an outdated speech-scrambling device that Argentina was using, but that the main product they bought from Crypto, the CAG 500, remained "unbreakable."
"The bluff worked," the CIA history says. "The Argentines swallowed hard, but kept buying CAG equipment."
Widman is long-retired now and living in Stockholm. He declined to comment. Years after his recruitment, he told U.S. officials that he saw himself as "engaged in a critical struggle for the benefit of Western intelligence," according to the CIA document. "It was, he said, the moment in which he felt at home. This was his mission in life."
That same year, Hagelin, then 90 years old, became ill on a trip to Sweden and was hospitalized. He recovered well enough to return to Switzerland, but CIA officials became worried about Hagelin's extensive collection of business records and personal papers at his office in Zug.
Schroeder, with Hagelin's permission, arrived with a briefcase and spent several days going through the files. To visitors, he was introduced as a historian interested in tracing Hagelin's life. Schroeder pulled out the documents "that were incriminating," according to the history, and shipped them back to CIA headquarters "where they reside to this day."
Hagelin remained an invalid until he died in 1983. The Post could not locate Wagner or determine whether he is still alive. Schroeder retired from the CIA more than a decade ago and teaches part-time at Georgetown University. When contacted by a reporter from The Post, he declined to comment.The Hydra crisis
Crypto endured several money-losing years in the 1980s, but the intelligence flowed in torrents. U.S. spy agencies intercepted more than 19,000 Iranian communications sent via Crypto machines during that nation's decade-long war with Iraq, mining them for reports on subjects such as Tehran's terrorist links and attempts to target dissidents.
Iran's communications were "80 to 90 percent readable" to U.S. spies, according to the CIA document, a figure that would likely have plunged into the single digits had Tehran not used Crypto's compromised devices.
In 1989, the Vatican's use of Crypto devices proved crucial in the U.S. manhunt for Panamanian leader Manuel Antonio Noriega . When the dictator sought refuge in the Apostolic Nunciature -- the equivalent of a papal embassy -- his whereabouts were exposed by the mission's messages back to Vatican City.
In 1992, however, the Crypto operation faced its first major crisis: Iran, belatedly acting on its long-standing suspicions, detained a company salesman.
Hans Buehler, then 51, was considered one of the company's best salesman. Iran was one of the company's largest contracts, and Buehler had traveled in and out of Tehran for years. There were tense moments, including when he was questioned extensively in 1986 by Iranian officials after the disco bombing and U.S. missile strikes on Libya.
Six years later, he boarded a Swissair flight to Tehran but failed to return on schedule. When he didn't show, Crypto turned for help to Swiss authorities and were told he had been arrested by the Iranians. Swiss consular officials allowed to visit Buehler reported that he was in "bad shape mentally," according to the CIA history.
Buehler was finally released nine months later after Crypto agreed to pay the Iranians $1 million, a sum that was secretly provided by the BND, according to the documents. The CIA refused to chip in, citing the U.S. policy against succumbing to ransom demands for hostages.
Buehler knew nothing about Crypto's relationship to the CIA and BND or the vulnerabilities in its devices. But he returned traumatized and suspicious that Iran knew more about the company he worked for than he did. Buehler began speaking to Swiss news organizations about his ordeal and mounting suspicions.© Provided by The Washington Post © Provided by The Washington Post
The publicity brought new attention to long forgotten clues, including references to a "Boris project" in Friedman's massive collection of personal papers, which were donated to the Virginia Military Institute when he died in 1969. Among the 72 boxes delivered to Lexington, Va., were copies of his lifelong correspondence with Hagelin.
In 1994, the crisis deepened when Buehler appeared on Swiss television in a report that also featured Frutiger, whose identity was concealed to viewers. Buehler died in 2018. Frutiger, the engineer who had been fired for fixing Syria's encryption systems years earlier, did not respond to requests for comment.
Michael Grupe, who had succeeded Wagner as chief executive, agreed to appear on Swiss television and disputed what he knew to be factual charges. "Grupe's performance was credible, and may have saved the program," the CIA history says. Grupe did not respond to requests for comment.
Even so, it took several years for the controversy to die down. In 1995, the Baltimore Sun ran a series of investigative stories about the NSA, including one called " Rigging the Game ," that exposed aspects of the agency's relationship with Crypto.
The article reported NSA officials had traveled to Zug in the mid-1970s for secret meetings with Crypto executives. The officials were posing as consultants for a front company called "Intercomm Associates," but then proceeded to introduce themselves by their real names -- which were recorded on notes of the meeting kept by a company employee.
Amid the publicity onslaught, some employees began to look elsewhere for work. And at least a half-dozen countries -- including Argentina, Italy, Saudi Arabia, Egypt and Indonesia -- either canceled or suspended their Crypto contracts.
Astonishingly, Iran was not among them, according to the CIA file, and "resumed its purchase of CAG equipment almost immediately."
The main casualty of the "Hydra" crisis, the code name given to the Buehler case, was the CIA-BND partnership.
For years, BND officials had recoiled at their American counterpart's refusal to distinguish adversaries from allies. The two partners often fought over which countries deserved to receive the secure versions of Crypto's products, with U.S. officials frequently insisting that the rigged equipment be sent to almost anyone -- ally or not -- who could be deceived into buying it.
In the German history, Wolbert Smidt, the former director of the BND, complained that the United States "wanted to deal with the allies just like they dealt with the countries of the Third World." Another BND official echoed that comment, saying that to Americans "in the world of intelligence there were no friends."
The Cold War had ended, the Berlin Wall was down, and the reunified Germany had different sensitivities and priorities. They saw themselves as far more directly exposed to the risks of the Crypto operation. Hydra had rattled the Germans, who feared the disclosure of their involvement would trigger European outrage and lead to enormous political and economic fallout.
In 1993, Konrad Porzner, the chief of the BND, made clear to CIA Director James Woolsey that support in the upper ranks of the German government was waning, and that the Germans might want out of the Crypto partnership. On Sept. 9, the CIA station chief in Germany, Milton Bearden, reached an agreement with BND officials for the CIA to purchase Germany's shares for $17 million, according to the CIA history.
German intelligence officials rued the departure from an operation they had largely conceived. In the German history, senior intelligence officials blame political leaders for ending one of the most successful espionage programs the BND had ever been a part of.
With their departure, the Germans were soon cut off from the intelligence that the United States continued to gather. Burmeister is quoted in the German history wondering whether Germany still belonged "to this small number of nations who are not read by the Americans."
The Snowden documents provided what must have been an unsettling answer, showing that U.S. intelligence agencies not only regarded Germany as a target, but monitored German Chancellor Angela Merkel's cellphone.Alive and well
The CIA history essentially concludes with Germany's departure from the program, though it was finished in 2004 and contains clear indications that the operation was still underway.
It notes, for example, that the Buehler case was "the most serious security breach in the history of the program," but wasn't fatal. "It did not cause its demise," the history says, "and at the turn of the century Minerva was still alive and well."
In reality, the operation appears to have entered a protracted period of decline. By the mid-1990s, "the days of profit were long past," and Crypto "would have gone out of business but for infusions from the U.S. government."
As a result, the CIA appears to have spent years propping up an operation that was more viable as an intelligence platform than a business enterprise. Its product line dwindled and its revenue and customer base shrank.
But the intelligence kept coming, current and former officials said, in part because of bureaucratic inertia. Many governments just never got around to switching to newer encryption systems proliferating in the 1990s and beyond -- and unplugging their Crypto devices. This was particularly true of less developed nations, according to the documents.
Most of the employees identified in the CIA and BND histories are in their 70s or 80s, and some of them have died. In interviews in Switzerland last month, several former Crypto workers mentioned in the documents described feelings of unease about their involvement in the company.
They were never informed of its true relationship to intelligence services. But they had well-founded suspicions and still wrestle with the ethical implications of their decisions to remain at a firm they believed to be engaged in deception.
"Either you had to leave or you had to accept it in a certain way," said Caflisch, now 75, who left the company in 1995 but continues to live on the outskirts of Zug in a converted weaving factory where she and her family for many years staged semiprofessional operas in the barn. "There were reasons I left," she said, including her discomfort with her doubts at Crypto and her desire to be home more for her children. After the latest revelations, she said, "It makes me wonder whether I should have left earlier."
Spoerndli said he regrets his own rationalizations.
"I told myself sometimes it may be better if the good guys in the United States know what is going on between these third-world dictators," he said. "But it's a cheap self-excuse. In the end, this is not the way."
Most of the executives directly involved in the operation were motivated by ideological purpose and declined any payment beyond their Crypto salaries, according to the documents. Widman was among several exceptions. "As his retirement drew near, his covert compensation was substantially increased," the CIA history says. He was also awarded a medal bearing the CIA seal.
After the BND's departure, the CIA expanded its clandestine collection of companies in the encryption sector, according to former Western intelligence officials. Using cash amassed from the Crypto operation, the agency secretly acquired a second firm and propped up a third. The documents do not disclose any details about these entities. But the BND history notes that one of Crypto's longtime rivals -- Gretag AG, also based in Switzerland -- was "taken over by an 'American' and, after a change of names in 2004, was liquidated."
Crypto itself hobbled along. It had survived the transitions from metal boxes to electronic circuits, going from teletype machines to enciphered voice systems. But it struggled to maintain its footing as the encryption market moved from hardware to software. U.S. intelligence agencies appear to have been content to let the Crypto operation play out, even as the NSA's attention shifted to finding ways to exploit the global reach of Google, Microsoft, Verizon and other U.S. tech powers.
In 2017, Crypto's longtime headquarters building near Zug was sold to a commercial real estate company. In 2018, the company's remaining assets -- the core pieces of the encryption business started nearly a century earlier -- were split and sold.
The transactions seemed designed to provide cover for a CIA exit.
CyOne's purchase of the Swiss portion of the business was structured as a management buyout, enabling top Crypto employees to move into a new company insulated from the espionage risks and with a reliable source of revenue. The Swiss government, which was always sold secure versions of Crypto's systems, is now CyOne's only customer.
Giuliano Otth, who served as CEO of Crypto AG from 2001 until its dismemberment, took the same position at CyOne after it acquired the Swiss assets. Given his tenure at Crypto, it is likely he was witting to the CIA ownership of the company, just as all of his predecessors in the job had been.
"Neither CyOne Security AG nor Mr. Otth have any comments regarding Crypto AG's history," the company said in a statement.
Crypto's international accounts and business assets were sold to Linde, a Swedish entrepreneur, who comes from a wealthy family with commercial real estate holdings.
In a meeting in Zurich last month, Linde said that he had been drawn to the company in part by its heritage and Hagelin connection, a past that still resonates in Sweden. Upon taking over operations, Linde even moved some of Hagelin's historic equipment from storage into a display at the factory entrance.
When confronted with evidence that Crypto had been owned by the CIA and BND, Linde looked visibly shaken, and said that during negotiations he never learned the identities of the company's shareholders. He asked when the story would be published, saying he had employees overseas and voiced concern for their safety.
In a subsequent interview, Linde said his company is investigating all the products it sells to determine whether they have any hidden vulnerabilities. "We have to make a cut as soon as possible with everything that has been linked to Crypto," he said.
When asked why he failed to confront Otth and others involved in the transaction about whether there was any truth to the long-standing Crypto allegations, Linde said that he had regarded these as "just rumors."
He said that he took assurance from the fact that Crypto continued to have substantial contracts with foreign governments, countries he assumed had tested the company's products vigorously and would have abandoned them if they were compromised.
"I even acquired the brand name, 'Crypto,' " he said, underscoring his confidence in the company's viability. Given the information now coming to light, he said, this "was probably one of the most stupid decisions I've ever made in my career."
The company's liquidation was handled by the same Liechtenstein law firm that provided cover for Hagelin's sale to the CIA and BND 48 years earlier. The terms of the 2018 transactions have not been disclosed, but current and former officials estimated their aggregate value at between $50 million and $70 million.
For the CIA, the money would have been one final payoff from Minerva.
Julie Tate contributed to this report.
- Microsoft may earn an Affiliate Commission if you purchase something through recommended links in this article. Windows 7 Is Dead: What You Need To Do Now To Stay Safe... Ad Top 10 AntivirusYOU MAY LIKEAd taboola
- Born Before 1955? Don't Buy Medicare Experts In Saving
- Enter Any Name, Wait 105 Seconds, See Truthfinder
- The Most Successful Lawyers in Budd Lake DID U KNOW Reviews
Mar 02, 2018 | www.zerohedge.com
Hillarys Server Fri, 03/02/2018 - 02:00 PermalinkHelena Bonham-Carter -> Hillarys Server Fri, 03/02/2018 - 02:08 Permalink
I've used a very simple code.
You know those wavy lines that some people put above and below their automatic signature, e-mail address and phone number?
When I wanted to send a private chat using office e-mail I'd make that wavy automatic signature line using the decorative "widgets" font.
The receiver would take the wavy widgets fonts line and change the font from widget symbols to "Cyrillic" font and copy paste the cyrillic line into Google Translate and translate it from Russian into English. And that was my private message.
And to write back he'd just write a message in English, translate it into Russian, change the Cyrillic font into widgets, make the widgets small like a decorative wavy line and stick it above and below his automatic signature.
I don't think anyone would think, Hey this decorative wavy signature line might actually be a coded message in Amharic, Russian or Hebrew, I'll change the font and into all of the world's alphabets one by one and see.Doom and Dust -> Helena Bonham-Carter Fri, 03/02/2018 - 02:12 Permalink
Your message will be detected as suspicious in 2 seconds because it's a statistical outlier compared to other comms. If it's ranked as suspicious enough (when combined with other detection criteria) to land on an analyst's desk, they'll figure it out in 5 minutes. Use peer-reviewed cryptographic implementations or go home.Helena Bonham-Carter -> Doom and Dust Fri, 03/02/2018 - 02:17 Permalink
Even the best encryption is useless when your RNG is compromised.
Guess where the most advanced and widely used RNGs are designed and located?Doom and Dust -> Helena Bonham-Carter Fri, 03/02/2018 - 02:22 Permalink
The most advanced, and the most widely used, are not the same product.
The most widely used are the RNG's integrated into consumer CPU's and OS's. Many are backdoored.
The most advanced are manufactured by small firms in a number of countries.Helena Bonham-Carter -> Doom and Dust Fri, 03/02/2018 - 02:28 Permalink
RNGs in CPUs and other devices are useless for true encryption since they are pseudo-random by definition.
True RNGs are manufactured and maintained from nuclear sources by a small number of companies mostly from one single very small country. Surely you can guess it.Helena Bonham-Carter -> Doom and Dust Fri, 03/02/2018 - 02:32 Permalink
Expand your horizons.Doom and Dust -> Helena Bonham-Carter Fri, 03/02/2018 - 02:44 Permalink
There are CPU-integrated HWRNG's using thermal noise. They are not pseudorandom by definition. There are HWRNG's generating true randomness based on beam splitters, shot noise, reverse-biased semiconductor junctions, the photoelectric effect, and more. If you want to share some knowledge, do it.Helena Bonham-Carter -> Doom and Dust Fri, 03/02/2018 - 03:08 Permalink
Numbers derived from the deterministic processes you mention, no matter how many, are not random and can not be used for high-end encryption or simulations like the Monte Carlo method.
One of the most important and least known books of the 20th century was published in the 50s by the RAND Corporation, titled "A Million Random Digits with 100,000 Normal Deviates". For decades it was THE source of random numbers used around the Western world.
True random numbers are rare and very hard to obtain because they rely on measurements of indeterministic processes like atomic decay.
All of the methods I mentioned are nondeterministic and, in proper implementation, are widely deployed for generating key material. Everyone with an EECS education has heard of the RAND book.
Jun 09, 2017 | arstechnica.com
According to a report published Tuesday by researchers from antivirus provider Eset, a recently discovered backdoor Trojan used comments posted to Britney Spears's official Instagram account to locate the control server
... ... ...
The extension will look at each photo's comment and will compute a custom hash value. If the hash matches 183, it will then run this regular expression on the comment in order to obtain the path of the bit.ly URL:
Looking at the photo's comments, there was only one for which the hash matches 183. This comment was posted on February 6, while the original photo was posted in early January. Taking the comment and running it through the regex, you get the following bit.ly URL:
Looking a bit more closely at the regular expression, we see it is looking for either @|# or the Unicode character \200d. This character is actually a non-printable character called 'Zero Width Joiner,' normally used to separate emojis. Pasting the actual comment or looking at its source, you can see that this character precedes each character that makes the path of the bit.ly URL:
smith2155#2hot make loveid to her, uupss #Hot #X
When resolving this shortened link, it leads to
static.travelclothes.org/dolR_1ert.php, which was used in the past as a watering hole C&C by the Turla crew.
foetusinc Ars Scholae Palatinae Jun 6, 2017 8:16 PM PopularSo spammy social media comments are the new numbers stations ? I've assumed for a while that somebody out there must be doing something similar with image steganography, but leave it to the Russians to come up with something this brilliantly simple.dramamoose Smack-Fu Master, in training Jun 6, 2017 6:52 PMThat's brilliant, and incredibly similar in principle if not execution to tried and true espionage techniques for communication; codewords in BBC broadcasts, newspaper ads sending information, etc. Why risk using a central server which can be eliminated if you can just hide your information in the incredible amount of simple-to-post, easier-to-read social networking out there. If you covered enough sites, you'd likely be able to slip in requests that even a security pro wouldn't be able to pick up. Sure, there are some people who don't use Facebook, Twitter, Instagram, or Reddit, but there aren't that many. Combine it with a few regional networking sites and you could probably hide the traffic in a way that even somebody looking for the transmissions couldn't find them.
Dec 26, 2016 | tech.slashdot.org(onthewire.io) 22
Posted by BeauHD on Monday December 19, 2016 @05:45PM from the come-out-come-out-wherever-you-are dept.
Trailrunner7 quotes a report from On the Wire:
Google has released a new set of tests it uses to probe cryptographic libraries for vulnerabilities to known attacks . The tests can be used against most kinds of crypto algorithms and the company already has found 40 new weaknesses in existing algorithms. The tests are called Project Wycheproof , and Google's engineers designed them to help developers implement crypto libraries without having to become experts. Cryptographic libraries can be quite difficult to implement and making errors can lead to serious security problems. Attackers often will look for weak crypto implementations as a means of circumventing strong encryption in a target app. Among the issues that Google's engineers found with the Project Wycheproof tests is one in ECDH that allows an attacker to recover the private key in some circumstances.
The bug is the result of some libraries not checking the elliptic curve points that they get from outside sources.
"In cryptography, subtle mistakes can have catastrophic consequences, and mistakes in open source cryptographic software libraries repeat too often and remain undiscovered for too long.
Good implementation guidelines, however, are hard to come by: understanding how to implement cryptography securely requires digesting decades' worth of academic literature.
We recognize that software engineers fix and prevent bugs with unit testing, and we found that many cryptographic issues can be resolved by the same means," Daniel Bleichenbacher and Thai Duong, security engineers at Google, said in a post announcing the tool release.
"Encodings of public keys typically contain the curve for the public key point.
If such an encoding is used in the key exchange then it is important to check that the public and secret key used to compute the shared ECDH secret are using the same curve. Some libraries fail to do this check," Google's documentation says.
Ok, so you need to quickly encrypt the contents of you pen drive. The easiest solution is to compress them using the 7z archive file format, that is open source, cross-platform, and supports 256-bit encryption using the AES algorithm.
Linux has LUKS, which can encrypt partitions or do whole-disk encryption. When you create a new partition, the partition manager will give you the option to, say, encrypt the /home directory.
Encrypt with Seahorse
The third option that I will show basically utilizes the popular GNU PG tool to encrypt anything you want in your disk. What we need to install first are the following packages: gpg, seahorse, seahorse-nautilus, seahorse-daemon, and seahorse-contracts which is needed if you're using ElementaryOS like I do. The encryption will be based on a key that we need to create first by opening a terminal, and typing the following command:
Apr 21, 2014| YouTube
Documentary Inside NSA - Discovery Channel
Jan 28, 2015 | youtube.com
A 36-year veteran of America's Intelligence Community, William Binney resigned from his position as Director for Global Communications Intelligence (COMINT) at the National Security Agency (NSA) and blew the whistle, after discovering that his efforts to protect the privacy and security of Americans were being undermined by those above him in the chain of command.
The NSA data-monitoring program which Binney and his team had developed -- codenamed ThinThread -- was being aimed not at foreign targets as intended, but at Americans (codenamed as Stellar Wind); destroying privacy here and around the world. Binney voices his call to action for the billions of individuals whose rights are currently being violated.
William Binney speaks out in this feature-length interview with Tragedy and Hope's Richard Grove, focused on the topic of the ever-growing Surveillance State in America.
On January 22, 2015: (Berlin, Germany) – The Government Accountability Project (GAP) is proud to announce that retired NSA Technical Director and GAP client, William "Bill" Binney, will accept the Sam Adams Associates for Integrity in Intelligence Award today in Berlin, Germany. The award is presented annually by the Sam Adams Associates for Integrity in Intelligence (SAAII) to a professional who has taken a strong stand for ethics and integrity. http://whistleblower.org/press/nsa-wh...
Would You Like to Know More?
Subscribe to the Peace Revolution podcast produced by Tragedy and Hope: http://www.PeaceRevolution.org
Mar 16, 2014 | YouTube
Jesselyn Radack is Edward Snowden's Attorney
Thomas Drake is an Former NSA Executive & Whistleblower
Bulletproof Coffee http://bit.ly/bulletprooflr
December 28, 2012 | Antiwar.com
The US Senate on Friday reauthorized the warrantless wiretapping program started under President George W. Bush by a 73 to 23 vote, easily evading the several amendments proposed to check its dangerous surveillance powers.
The FISA Amendments Act of 2008 authorized broad, warrantless surveillance of Americans' international communications, checked only by a secretive Foreign Intelligence Surveillance Court that doesn't make it's activities and procedures available to the public.
Even though the government has acknowledged that the secretive program has exceeded its legal limits, violating Americans' Fourth Amendment constitutional rights, the Obama administration has aggressively pushed for its full renewal.
When the law was passed in 2008 it amended the Bush administration's initial program and broadened powers for domestic surveillance. President Obama was a presidential candidate at the time, and warned that, while he was voting for its passage, it "does not resolve all of the concerns that we have about President Bush's abuse of executive power."
However, as President Obama has fully embraced the unchecked executive powers and secretive surveillance capabilities built into the FISA Amendment. And the controversy that the bill conjured in 2008 is contrasted with the subdued acceptance of it in 2012.
"The Bush administration's program of warrantless wiretapping, once considered a radical threat to the Fourth Amendment, has become institutionalized for another five years," said Michelle Richardson, the ACLU's legislative counsel.
Several tame amendment were proposed by Senators Ron Wyden, Rand Paul, and Jeff Merkely to try and rein in the surveillance program. But they were all rejected, and the Obama administration has refused to release any further information about it.
"The only thing the public really knows about it so far," writes Julian Sanchez, a policy scholar at the Cato Institute, "is that it was almost immediately misused, resulting in 'significant and systemic' overcollection of Americans' purely domestic communications. Subsequent reporting revealed that the improperly 'overcollected' communications could number in the millions, and included former president Clinton's private e-mails. So naturally, the Senate is charging ahead toward the renewal of these sweeping powers without hearings or debate."
As the American for Civil Liberties Union has explained, the Director of National Intelligence James Clapper says "it isn't even 'reasonably possible' to estimate how many Americans are swept up in the NSA's expansive dragnet."
The Obama administration, as is usual in cases where they disregard the Constitution, promises this mass surveillance comes with strong safeguards and accountability. In reality, the war on terrorism is continuing to be used to justify major infringements on the civil liberties of Americans.
12/05/11 | InformationWeek
A San Francisco-based programming team pieced together five shredded documents in 33 days to win the U.S. Defense Advanced Research Projects Agency's (DARPA's) Shredder Challenge.
The three programmers used custom computer-vision algorithms to assemble the complex puzzles comprised of documents, which were shredded into more than 10,000 pieces. The team spent nearly 600 hours creating the algorithms, designing them to suggest fragment pairings.
The programmers were then able to manually verify the pairings to piece together the documents, which had Antonio Prohias, the creator of the Spy vs. Spy comic strip, as their common, running theme.
DARPA organizers were surprised not only that all of the puzzles were solved, but in a relatively short time.
"Lots of experts were skeptical that a solution could be produced at all, let alone within the short time frame," says DARPA's Dan Kaufman.
He says the most effective approaches combined computational tools, crowdsourcing, and "clever detective work."
12/02/11 | University of London
Royal Holloway, University of London researchers are analyzing the Transport Layer Security (TLS) system to identify weaknesses. The TLS system is designed to ensure the security and safety of online personal information, but vulnerabilities were found in version 1.0 of the system. The researchers say that TLS version 1.2 offers improved security.
"Our analysis of TLS version 1.2 gives us higher confidence that the data we share online will be kept safe, secure, and private," says Royal Holloway professor Kenny Paterson. TLS encrypts messages as they are transmitted across the Internet, keeping personal data insulated against attack. The researchers have found only one vulnerability in the latest version of TLS. "There is still scope for a 'distinguishing attack' against TLS 1.2, where an attacker could tell whether a user has sent a 'yes' or a 'no' during a transaction, for example," Paterson says.
However, he notes that this kind of attack is considered theoretical, and it is very unlikely that it would actually arise in practice. TLS uses a Message Authentication Code (MAC) tag to help provide security, and for the Royal Holloway attack to work, the MAC tag would need to be small.
Feb 24 2003 | SecurityFocus
Netizens with extreme privacy needs got a new tool for their cyber utility belts recently with the release of an application that lets users hide secret messages in virtually any executable computer program, without changing the program's size or affecting its operation.
The tool is called "Hydan," an old English word for the act of hiding something, and it's part of a research project by Columbia University computer science masters student Rakan El-Khalil, who showed off the program to a small group of open-source programmers and hackers gathered at the second annual CodeCon conference in San Francisco on Sunday.
Hydan is a novel development in the field of steganography -- the science of burying secret messages in seemingly innocuous content. Popular stego programs operate on image and music files, where a secret missive can be hidden without altering the content enough to be perceived by human senses. But because they contain instructions for a computer's processor, executable files are less forgiving of tampering. Improperly changing a single bit of executable code can render an application completely unusable.
El-Khalil's research focused on redundancies in the Intel x86 instruction set -- places where at least two different instructions are effectively the same. Each choice between two redundant options can represent a single bit of data. "The problem with program binaries is there is just not a lot of redundancy in them," said El-Khalil.
He found some of that useful redundancy in the instructions that tell the computer to add or subtract.
A computer instruction to add the number 50 to another value, for example, can be replaced with an instruction to subtract the number -50 instead. Mathematically, the instructions are the same. In choosing between the two, a stego program can get one bit of covert storage out of each addition or subtraction operation in the executable -- without changing the way the application runs, or adding a single byte to its size. "If we use a scenario in which addition is zero, and subtraction is one, we can just go through and flip them as needed," El-Khalil explained.
El-Khalil concedes that the method is imperfect -- an application that's been impressed with a secret message has considerably more "negative subtractions" than an unadulterated program, making it easy to pick out through a statistical analysis. Hydan could also break programs that are self-modifying or employ other unconventional techniques. And it's less efficient than stego programs for image and sound files: good steganography for a JPEG file can hide one byte of storage in 17 bytes of image, while Hydan's ratio is one byte of storage to 150 bytes of code.
Future versions of Hydan will boost that capacity by finding different places to code data, such as in the order of a program's functions, and the order in which arguments are passed to those functions. For now, the application is still powerful enough to secretly stash the United States Constitution and the Declaration of Independence in a single copy of Microsoft Word.
Beyond the covert uses, the technology could be used to attach a digital signature to an application, or to embed an executable with a virtual watermark.
Question H: How flexible is your design?
Discussion: That question isn't what you think. A better way of phrasing it would be "How ambiguous is your design?". Flexibility in an abstract crypto design is a Good Thing. Ambiguity in a specification is a Bad Thing. Unfortunately, a cryptographer's flexibility is an implementer's ambiguity, or more bluntly an implementer's nightmare. An example of this is IPsec's IKE, which is so flexible/ambiguous that no two people can agree on what it should look like. As a result, even after years of work, there are still implementations that can't (or barely) interoperate, and even when they interoperate it's often only because implementers figured out what the other side was doing and adapted their code to match it.
Resolution: Once you've impressed everyone with the power and flexibility of your design, provide a sketch of a simple, straightforward, easy-to-get-right profile that implementors can work with. This is a standard feature of protocol specifications, either done explicitly (MUST/SHOULD/MAY) or implicitly when everyone ignores all but the most simple, straightforward part
of the specification. Another way of looking at this is that if implementors are going to ignore much of your design in order to make implementation practical, you want to be the one deciding which bits get used and which don't.
See also: Question G.
Question I: How big a problem are you really solving?
Discussion: Many problems pointed out in crypto papers are relatively insignificant to non-cryptographers, or can be fixed with a trivial update of existing code rather than by changing the crypto design. For example, the "correct" solution to various attacks (real and theoretical) on PKCS #1 v1.5 padding is for implementors to switch to something better such as OAEP, Simple
RSA, PSS, or whatever they're wearing in Santa Barbara this year. However, since the problem can also be resolved with "Don't do that, then", it's easier to stick with an existing solution rather than re-engineering everything to use a new protocol (see the Final Thoughts for a longer discussion on this).
Resolution: Unlike cryptographers, implementors probably won't appreciate the advantages of a design secure in the IND-CCAn+1 model where the previous was only IND-CCAn if it requires a complete redeployment of all of their products. Don't expect to see a new design widely adopted any time soon unless (a) it's being deployed in a greenfields development or (b) you've found a hole
exploitable in O(1) time by an army of script kiddies.
2002/185 ( PDF ) Turing, a fast stream cipher Greg Rose and Philip Hawkes 2002/182 ( PS PS.GZ ) Oblivious Keyword Search Wakaha Ogata and Kaoru Kurosawa 2002/142 ( PDF ) On the Applicability of Distinguishing Attacks Against Stream Ciphers Greg Rose and Philip Hawkes 2002/131 ( PS PS.GZ PDF ) An Improved Pseudorandom Generator Based on Hardness of Factoring Nenad Dedic and Leonid Reyzin and Salil Vadhan
Since graduating in theoretical physics and electrical engineering some 30+ years ago I have had an interest in cryptography and this has developed with the advent of progressively more powerful home computers. In recent years I have played with a number of algorithms where I have taken a particular interest in the techniques involved in making algorithms go as fast as possible.
- The Limits of Cryptanalysis
- Classical Cryptography Course (Lanaki)
- CSE207C Lattices in Cryptography and Cryptanalysis
- Cryptanalysis of CipherSaber-1
- Cryptanalysis of Contents Scrambling System
- Links to papers about cryptanalysis of block ciphers
- FM 34-40-2 Basic Cryptanalysis
- Cryptography, Encryption and Stenography
Public-Key Crypto-systems Using Symmetric-Key Crypto-algorithms
Bruce Christianson, Bruno Crispo, and James A. Malcolm
Abstract. The prospect of quantum computing makes it timely to consider the future of public-key crypto-systems. Both factorization and discrete logarithm correspond to a single quantum measurement, upon a superposition of candidate keys transformed into the fourier domain. Accordingly, both these problems can be solved by a quantum computer in a time essentially proportional to the bit-length of the modulus, a speed-up of exponential order.
At first sight, the resulting collapse of asymmetric-key crypto-algorithms seems to herald the doom of public-key crypto-systems. However for most security services, asymmetric-key crypto-algorithms actually offer relatively little practical advantage over symmetric-key algorithms. Most of the differences popularly attributed to the choice of crypto-algorithm actually result from subtle changes in assumptions about hardware or domain management.
In fact it is straightforward to see that symmetric-key algorithms can be embodied into tamper-proof hardware in such a way as to provide equivalent function to a public-key crypto-system, but the assumption that physical tampering never occurs is too strong for practical purposes. Our aim here is to build a system which relies merely upon tamper-evident hardware, but which maintains the property that users who abuse their cryptographic modules through malice or stupidity harm only themselves, and those others who have explicitly trusted them.
LNCS 2133, p. 182 ff.
Full article in PDF (35 KB)
Recently, a group of Indian scientists made news by announcing an algorithm that appears to be able to tell quickly whether a number is prime or not.
If you're mathematically minded, the actual downloadable primality.pdf is worth reading.
So what does this actually mean for cryptography? First, a little background.
Many of the popular common crypto algorithms work because of "something to do with prime numbers". Most security books are about that vague. So math research about primes could have interesting effects on our field. But is being able to determine whether a number is prime quickly going to be able to help or hinder us? Let's look at the RSA algorithm as an illustrative example. (It lost its patent a few years back, so it's okay to discuss now.)
... ... ...
Public key crypto algorithms such as RSA depend on there being two keys used to encrypt and decrypt a message. (Hence, the "generate a key pair" step you see when setting up many applications that use cryptography.) Every user has a complimentary set made up of a private key and a public key. Anything encrypted with the private key can be decrypted with the public key, and anything encrypted with the public key can be decrypted with the private key. Only you should have a copy of your private key, but anyone can have your public key because it's, well, public. If someone encrypts traffic with your public key, it doesn't matter to you because only you can decrypt it.
So, you're probably thinking, if I have a message to send to Jane, I want to encrypt it. I can't encrypt it with my public key, because she doesn't have my private key to decrypt it. So I'll encrypt it with my private key, and she can decrypt it with my public key. Right? Not quite, but this is a really common mistake. Sure, Jane can decrypt the message with your public key. But so can anyone else. What you need to do is encrypt the message with Jane's public key, so that only Jane's private key (which only Jane should have) can decrypt it.
So, the RSA algorithm says this:
- Take two large prime numbers.
- When multiplied together, they have a product N.
- Find two numbers E and D, such that:
- When E is multiplied by D, that should be equal to one mod (p-1)(q-1).
- What this boils down to is that E and N have to be relatively prime.
- They can't share any common components.
8 and 9 are relatively prime. When broken down as much as possible,
8 = 2 x 2 x 2
9 = 3 x 3
Nothing in common.
8 and 20 are not relatively prime.
8 = 2 x 2 x 2
20 = 2 x 2 x 5
They have 2 in common, so they're not relatively prime.
If E and D are chosen correctly, then let's make C the ciphertext and P the plaintext.
C = M to the E power mod N
M = C to the D power mod N
So, something encrypted with N and E (the public key) can be solved for M -- decrypted into the plaintext. Something encrypted with N and D (the private key) can be solved for the ciphertext C. And since E and D fit together in a defined mathematical relationship as above, you cannot automatically deduce one from the other, but can encrypt and decrypt. The beauty of the modulus is that it's a one way operation. You know what the remainder is, but you'll have to try brute-forcing it to figure out whether it's C multiplied by one with a remainder of three, by two with a remainder of three... by forty thousand with a remainder of three... [grin] That takes a lot of time.
If you want to see an example of this worked out with numbers, there's a clear one at http://math.kennesaw.edu/maa/talks/RSAEncryptionAlgorithm.htm
So, back to our original point. Being able to quickly determine whether a number is prime -- what effect does that have on all this? Well, one of the weakest points about RSA and other public key algorithms is that their large prime numbers are only probably prime. It's really hard to tell whether a number with eight zillion digits is actually prime or not -- you have to try dividing it by every prime number up to half of its value or so. That's very time consuming. Since those of us that use PGP, etc., don't want to wait too long for our keys to be generated, the RSA algorithm picks values for P and Q that are very likely to be prime, but that's not known for certain.
If those numbers aren't actually prime, then there may be different solutions for the equations other than the ones that are supposed to work. So, someone might be able to decrypt a message without having the matching key -- they'd just need a matching key, if there were more than one. (That's what could happen if P and Q aren't prime.) If the new algorithm can determine whether P and Q are really prime and they're not for a given key pair, that could lead to a weakness in RSA. But if that's the case, RSA and other algorithm authors could modify their software to use the new algorithm to ensure that P and Q really are prime, and that would defeat that sort of attack.
There's a lot of sound and fury at the moment about this article, and many people are freaking out about it, but I don't think it's anything to worry about. Mathematicians haven't fully satisfied themselves yet that it's a good tester for primes -- I don't think we'll be seeing exploit code in the near future.
- Technical papers
- Kerckhoffs' principles
- Online technical reports
- Steganography papers
- Crypto protocol papers
- Theory of Cryptography library
- Conference list
- NDSS '96
- IBM Cyberjournal
- Nice description of Kerberos
- Nifty paper on Authentication
- Draft paper on anonymity, etc.
- Hugo's SKEME
- Hugo's security analysis of his new MD5 MAC
- A huge factoring report
- Official GOST standard, translated to English
- TEA block cipher
- Some AU tech reports
- Quantum cryptography
- key lengths
- Some factoring papers I need to read, from AMS:    and some more crypto papers I need to read:    
- New triple-DES mode from Coppersmith et. al. old
- Papers online, from 1996 SCN (Italy)
- Papers online, from Sweden
- DES in FPGA's: SAC'98, a UK implementation
- Baran on security and secrecy
- Other notes and documents
- sci.crypt FAQ
- DVD CSS revealed and broken
- Many technical crypto docs
- A beautiful set of lecture notes for an advanced algorithms course
- Cellphone security stuff
- GSM MoU documents
- GSM direction finder
- NSA handbook for new NSA employees
- The Hacker Crackdown
- PGP User's Guide
- Handbook of Applied Cryptography
- Microsoft's crypto API spec
- Aegean press
- Colin Plumb reading list
- A note on WWW browsers & privacy
- Ross Anderson on ATM technology
- Crypto clip art
- Crypto notes on many ciphers
- PGP statistics
- Schneier's Skipjack info
- Some untested documents on PKZIP cracking:   [and lots o' links]
- ARJ encryption, broken
- Stuff on RNGs
- Papers on LLL
- Cybersecrecy, UK TV program
- How to implement DES
- If you ever have to implement x509...
- STS improved Diffie-Hellman protocol summary
- FIX, a banking protocol
- SIGABA and other naval classical crypto information
- Peter Meyer's intro to crypto
- A paper on Enigma and attacks on it
- Lattice crypto
Here are speed benchmarks for some of the most popular hash algorithms and symmetric and asymmetric ciphers. All were coded in C++ or ported to C++ from C implementations, compiled with Microsoft Visual C++ 6.0 SP4 (optimize for speed, blend code generation), and ran on a Celeron 850MHz processor under Windows 2000 SP 1. Two assembly routines were used for multiple-precision addition and subtraction.
Algorithm Bytes Processed Time Taken Megabytes(2^20 bytes)/Second CRC-32 1073741824 8.682 117.945 Adler-32 2147483648 6.970 293.831 MD2 8388608 11.276 0.709 MD5 1073741824 10.165 100.738 SHA-1 536870912 10.565 48.462 SHA-256 268435456 10.345 24.746 SHA-512 67108864 7.761 8.246 HAVAL (pass=3) 536870912 7.922 64.630 HAVAL (pass=4) 536870912 12.337 41.501 HAVAL (pass=5) 268435456 7.090 36.107 Tiger 268435456 10.325 24.794 RIPE-MD160 268435456 8.332 30.725 Panama Hash (little endian) 1073741824 7.401 138.360 Panama Hash (big endian) 1073741824 11.797 86.802 MDC/MD5 268435456 9.884 25.900 Luby-Rackoff/MD5 67108864 8.402 7.617 DES 134217728 9.945 12.871 DES-XEX3 134217728 11.716 10.925 DES-EDE3 33554432 6.740 4.748 IDEA 134217728 11.286 11.341 RC2 33554432 7.912 4.044 RC5 (r=16) 536870912 12.988 39.421 Blowfish 134217728 7.091 18.051 Diamond2 67108864 11.086 5.773 Diamond2 Lite 67108864 9.403 6.806 3-WAY 201326592 12.728 15.085 TEA 134217728 12.799 10.001 SAFER (r=8) 67108864 10.565 6.058 GOST 134217728 12.829 9.977 SHARK (r=6) 268435456 12.878 19.879 CAST-128 134217728 7.090 18.054 CAST-256 134217728 9.995 12.806 Square 268435456 7.801 32.816 SKIPJACK 67108864 12.017 5.326 RC6 268435456 7.871 32.524 MARS 268435456 8.503 30.107 Rijndael 268435456 8.442 30.325 Twofish 268435456 9.974 25.667 Serpent 134217728 10.505 12.185 ARC4 536870912 8.122 63.039 SEAL 1073741824 8.672 118.081 WAKE 1073741824 13.029 78.594 Panama Cipher (little endian) 1073741824 8.512 120.301 Panama Cipher (big endian) 536870912 7.091 72.204 Sapphire 134217728 12.868 9.947 MD5-MAC 1073741824 12.078 84.782 XMACC/MD5 1073741824 11.096 92.286 HMAC/MD5 1073741824 10.254 99.863 CBC-MAC/RC6 268435456 8.713 29.381 DMAC/RC6 268435456 8.642 29.623 BlumBlumShub 512 524288 10.766 0.046 BlumBlumShub 1024 262144 12.668 0.020 BlumBlumShub 2048 65536 8.903 0.007
- Service de cryptographie et de sécurité informatique du Département d'Informatique de l'Université Libre de Bruxelles
- Crypto law survey by Bert-Jaap Koops
- Digital signature law survey by Simone van der Hof
- Crypto link farm by Peter Gutmann
The first challenge of building a secure application is authentication. Let's look at some examples of authentication from everyday life:
- At an automated bank machine, you identify yourself using your bank card. You authenticate yourself using a personal identification number (PIN). The PIN is a shared secret, something that both you and the bank know. Presumably, you and the bank are the only ones who know this number.
- When you use a credit card, you identify yourself with the card. You authenticate yourself with your signature. Most store clerks never check the signature; in this situation, possession of the card is authentication enough. This is true when you order something over the telephone, as well; simply knowing the credit card number is proof of your identity.
- When you rent a movie at a video store, you prove your identity with a card or by saying your telephone number.
Authentication is tremendously important in computer applications. The program or person you communicate with may be in the next room or on another continent; you have none of the usual visual or aural clues that are helpful in everyday transactions. Public key cryptography offers some powerful tools for proving identity.
In this chapter, I'll describe three cryptographic concepts that are useful for authentication:
- Message digests produce a small "fingerprint" of a larger set of data.
- Digital signatures can be used to prove the integrity of data.
- Certificates are used as cryptographically safe containers for public keys.
A common feature of applications, especially custom-developed "enterprise" applications, is a login window. Users have to authenticate themselves to the application before they use it. In this chapter, we'll examine several ways to implement this with cryptography. In the next section, for instance, I'll show two ways to use a message digest to avoid transmitting a password in cleartext from a client to a server. Later on, we'll use digital signatures instead of passwords.
aesutil 1.0.1 (Stable)
by Tim Tassonis - Friday, July 19th 2002 13:20 EDT
About: aesutil is a small library and command line program to encrypt or decrypt data using the Rijndael algorithm in CBC mode.
Changes: A Windows port of the commandline utility, and better option handling.
Google matched content
Ten most useful resources:
Directories and Portals
Best metalink collections:
Associations and public organizations
The Rijndael Page -- new standard cypher.
Prime numbers and random number generators:
VB Helper Tutorial Cryptography -- basic
Encryption and Security Tutorial
Certicom - Online Tutorial
Welcome to the Elliptic Curve Cryptosystem Classroom. This site provides an intuitive introduction to Elliptic Curves and how they are used to create a secure and powerful cryptosystem. The first three sections introduce and explain the properties of elliptic curves. A background understanding of abstract algebra is required, much of which can be found in the Background Algebra section. The next section describes the factor that makes elliptic curve groups suitable for a cryptosystem though the introduction of the Elliptic Curve Discrete Logarithm Problem (ECDLP). The last section brings the theory together and explains how elliptic curves and the ECDLP are applied in an encryption scheme. This classroom requires a JAVA enabled browser for the interactive elliptic curve experiments and animated examples.
Elliptic curves as algebraic/geometric entities have been studied extensively for the past 150 years, and from these studies has emerged a rich and deep theory. Elliptic curve systems as applied to cryptography were first proposed in 1985 independently by Neal Koblitz from the University of Washington, and Victor Miller, who was then at IBM, Yorktown Heights.
Many cryptosystems often require the use of algebraic groups. Elliptic curves may be used to form elliptic curve groups. A group is a set of elements with custom-defined arithmetic operations on those elements. For elliptic curve groups, these specific operations are defined geometrically. By introducing more stringent properties to the elements of a group, such as limiting the number of points on such a curve, creates an underlying field for an elliptic curve group. In this classroom, elliptic curves are first examined over real numbers in order to illustrate the geometrical properties of elliptic curve groups. Thereafter, elliptic curves groups are examined with the underlying fields of Fp (where p is a prime) and F2m (a binary representation with 2m elements).
Quantum Cryptography Tutorial
Cryptography for encryption, signatures and authentication
Cryptography -- mainly PGP related...
CRC Press has generously given us permission to make all chapters available for free download.
Please read this copyright notice before downloading any of the chapters.
- Chapter 1 - Overview of Cryptography (48 pages)
Postscript file, 554k; Pdf file, 343k.
- Chapter 2 - Mathematics Background (38 pages)
Postscript file, 472k; Pdf file, 301k.
- Chapter 3 - Number-Theoretic Reference Problems (46 pages)
Postscript file, 543k; Pdf file, 397k.
- Chapter 4 - Public-Key Parameters (36 pages)
Postscript file, 497k; Pdf file, 331k.
- Chapter 5 - Pseudorandom Bits and Sequences (22 pages)
Postscript file, 330k; Pdf file, 206k.
- Chapter 6 - Stream Ciphers (32 pages)
Postscript file, 484k; Pdf file, 274k.
- Chapter 7 - Block Ciphers (60 pages)
Postscript file, 783k; Pdf file, 491k.
- Chapter 8 - Public-Key Encryption (36 pages)
Postscript file, 434k; Pdf file, 303k.
- Chapter 9 - Hash Functions and Data Integrity (61 pages)
Postscript file, 690k; Pdf file, 482k.
- Chapter 10 - Identification and Entity Authentication (40 pages)
Postscript file, 444k; Pdf file, 316k.
- Chapter 11 - Digital Signatures (64 pages)
Postscript file, 748k; Pdf file, 526k.
- Chapter 12 - Key Establishment Protocols (53 pages)
Postscript file, 532k; Pdf file, 400k.
- Chapter 13 - Key Management Techniques (48 pages)
Postscript file, 536k; Pdf file, 340k.
- Chapter 14 - Efficient Implementation (44 pages)
Postscript file, 547k; Pdf file, 371k.
- Chapter 15 - Patents and Standards (27 pages)
Postscript file, 296k; Pdf file, 212k.
- Appendix - Bibliography of Papers from Selected Cryptographic Forums (40 pages)
Postscript file, 363k; Pdf file, 331k.
- References (52 pages)
Postscript file, 521k; Pdf file, 459k.
- Index (26 pages)
Postscript file, 236k; Pdf file, 160k.
Dynamical systems are often described as ``unpredictable" or ``complex" as aspects of their behavior may bear a cryptic relationship with the simple evolution laws which define them. Some theorists work to quantify this complexity in various ways. Others try to turn the cryptic nature of dynamical systems to a practical end: encryption of messages to preserve their secrecy. Here some previous efforts to engineer cryptosystems based on dynamical systems are reviewed, leading up to a detailed proposal for a cellular automaton cryptosystem.
Cryptosystems constructed from cellular automaton primitives can be implemented in simply constructed massively parallel hardware. They can be counted on to deliver high encryption/decryption rates at low cost. In addition to these practical features, cellular automaton cryptosystems may help illuminate some foundational issues in both dynamical systems theory and cryptology, since each of these disciplines rests heavily on the meanings given to the intuitive notion of complexity.
Prime Numbers - University of Tennessee
Mercy - block encryption algorithm Mercy is a fast block cipher operating on 4096-bit blocks, designed specifically around the needs of disk sector encryption. It takes a 128-bit parameter representing the block number being encrypted, so that saving the same plaintext to different blocks results in different ciphertexts. Mercy was presented at Fast Software Encryption 2000.
SSH - Tech Corner - Cryptographic Algorithms
The Mandala Centre - Compression and Security - One on one compression FAQ
Crypto and Security Courses
Lectures for Computer Security
These lectures contain the base introductory material used for this course. After these lectures, the student will be familiar with the underlying concepts of advanced operating systems.
The Enigma was one of the best of the new electromechanical cipher machines produced for the commercial market in the 1920s. Hugo Koch, a Dutchman, conceived of the machine in 1919. Arthur Scherbius first produced it commercially in 1923. Impressed by its security, which was based on statistical analysis, the German government acquired all rights to the machine and adapted it to the needs of its new, modern military forces. It became the standard cipher machine of the military services, of German agents, and of the secret police. It was also used at all echelons from high command to front-line tactical units including individual airplanes, tanks, and ships. An ordinary three-wheel Enigma with reflector and six plug connections generated the following number of coding positions:
Given this statistical capability, proper communications procedures and practices, and the fact that solving the Enigma on a timely basis would require rapid analytic machinery which did not exist, the Germans regarded the Enigma as impenetrable even if captured. The Germans, however, did not always practice proper communications security, and, more importantly, the Allies, even in 1938-39, were on the verge of creating the necessary cryptanalytic machinery which would unlock the Enigma's secrets. The evolution of this technology and its application were major contributing factors to the ultimate Allied victory in World War II.
See also Humor
The viral marketing campaign revolves around a Flash game infested with techie throwaway words
in which the user must guide a "worm" through a "computer system" to collect "nodes" and "crack"
a password within 60 seconds.
Jokes Magazine Employee Review January 25, 2000 (The classic crypto joke)
My boss asked me for a letter describing my partner Bob Smith, and this is what I wrote:
Bob Smith, my assistant programmer, can always be found
hard at work in his cubicle. Bob works independently, without
wasting company time talking to colleagues. Bob never
thinks twice about assisting fellow employees, and he always
finishes given assignments on time. Often Bob takes extended
measures to complete his work, sometimes skipping
coffee breaks. Bob is a dedicated individual who has absolutely no
vanity in spite of his high accomplishments and profound
knowledge in his field. I firmly believe that Bob can
be classed as a high-caliber employee, the type which cannot
be dispensed with. Consequently, I duly recommend that Bob
be promoted to executive management, and a proposal will
be executed as soon as possible.
S.D. - Project Leader
Shortly afterward I sent the following follow-up note: That bastard Bob was reading over my shoulder while I wrote the report sent to you earlier today. Kindly read only the odd numbered lines (1, 3, 5, etc.) for my true assessment. Regards,
Groupthink : Two Party System as Polyarchy : Corruption of Regulators : Bureaucracies : Understanding Micromanagers and Control Freaks : Toxic Managers : Harvard Mafia : Diplomatic Communication : Surviving a Bad Performance Review : Insufficient Retirement Funds as Immanent Problem of Neoliberal Regime : PseudoScience : Who Rules America : Neoliberalism : The Iron Law of Oligarchy : Libertarian Philosophy
War and Peace : Skeptical Finance : John Kenneth Galbraith :Talleyrand : Oscar Wilde : Otto Von Bismarck : Keynes : George Carlin : Skeptics : Propaganda : SE quotes : Language Design and Programming Quotes : Random IT-related quotes : Somerset Maugham : Marcus Aurelius : Kurt Vonnegut : Eric Hoffer : Winston Churchill : Napoleon Bonaparte : Ambrose Bierce : Bernard Shaw : Mark Twain Quotes
Vol 25, No.12 (December, 2013) Rational Fools vs. Efficient Crooks The efficient markets hypothesis : Political Skeptic Bulletin, 2013 : Unemployment Bulletin, 2010 : Vol 23, No.10 (October, 2011) An observation about corporate security departments : Slightly Skeptical Euromaydan Chronicles, June 2014 : Greenspan legacy bulletin, 2008 : Vol 25, No.10 (October, 2013) Cryptolocker Trojan (Win32/Crilock.A) : Vol 25, No.08 (August, 2013) Cloud providers as intelligence collection hubs : Financial Humor Bulletin, 2010 : Inequality Bulletin, 2009 : Financial Humor Bulletin, 2008 : Copyleft Problems Bulletin, 2004 : Financial Humor Bulletin, 2011 : Energy Bulletin, 2010 : Malware Protection Bulletin, 2010 : Vol 26, No.1 (January, 2013) Object-Oriented Cult : Political Skeptic Bulletin, 2011 : Vol 23, No.11 (November, 2011) Softpanorama classification of sysadmin horror stories : Vol 25, No.05 (May, 2013) Corporate bullshit as a communication method : Vol 25, No.06 (June, 2013) A Note on the Relationship of Brooks Law and Conway Law
Fifty glorious years (1950-2000): the triumph of the US computer engineering : Donald Knuth : TAoCP and its Influence of Computer Science : Richard Stallman : Linus Torvalds : Larry Wall : John K. Ousterhout : CTSS : Multix OS Unix History : Unix shell history : VI editor : History of pipes concept : Solaris : MS DOS : Programming Languages History : PL/1 : Simula 67 : C : History of GCC development : Scripting Languages : Perl history : OS History : Mail : DNS : SSH : CPU Instruction Sets : SPARC systems 1987-2006 : Norton Commander : Norton Utilities : Norton Ghost : Frontpage history : Malware Defense History : GNU Screen : OSS early history
The Peter Principle : Parkinson Law : 1984 : The Mythical Man-Month : How to Solve It by George Polya : The Art of Computer Programming : The Elements of Programming Style : The Unix Hater’s Handbook : The Jargon file : The True Believer : Programming Pearls : The Good Soldier Svejk : The Power Elite
Most popular humor pages:
Manifest of the Softpanorama IT Slacker Society : Ten Commandments of the IT Slackers Society : Computer Humor Collection : BSD Logo Story : The Cuckoo's Egg : IT Slang : C++ Humor : ARE YOU A BBS ADDICT? : The Perl Purity Test : Object oriented programmers of all nations : Financial Humor : Financial Humor Bulletin, 2008 : Financial Humor Bulletin, 2010 : The Most Comprehensive Collection of Editor-related Humor : Programming Language Humor : Goldman Sachs related humor : Greenspan humor : C Humor : Scripting Humor : Real Programmers Humor : Web Humor : GPL-related Humor : OFM Humor : Politically Incorrect Humor : IDS Humor : "Linux Sucks" Humor : Russian Musical Humor : Best Russian Programmer Humor : Microsoft plans to buy Catholic Church : Richard Stallman Related Humor : Admin Humor : Perl-related Humor : Linus Torvalds Related humor : PseudoScience Related Humor : Networking Humor : Shell Humor : Financial Humor Bulletin, 2011 : Financial Humor Bulletin, 2012 : Financial Humor Bulletin, 2013 : Java Humor : Software Engineering Humor : Sun Solaris Related Humor : Education Humor : IBM Humor : Assembler-related Humor : VIM Humor : Computer Viruses Humor : Bright tomorrow is rescheduled to a day after tomorrow : Classic Computer Humor
The Last but not Least Technology is dominated by two types of people: those who understand what they do not manage and those who manage what they do not understand ~Archibald Putt. Ph.D
Copyright © 1996-2020 by Softpanorama Society. www.softpanorama.org was initially created as a service to the (now defunct) UN Sustainable Development Networking Programme (SDNP) without any remuneration. This document is an industrial compilation designed and created exclusively for educational use and is distributed under the Softpanorama Content License. Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.
FAIR USE NOTICE This site contains copyrighted material the use of which has not always been specifically authorized by the copyright owner. We are making such material available to advance understanding of computer science, IT technology, economic, scientific, and social issues. We believe this constitutes a 'fair use' of any such copyrighted material as provided by section 107 of the US Copyright Law according to which such material can be distributed without profit exclusively for research and educational purposes.
This is a Spartan WHYFF (We Help You For Free) site written by people for whom English is not a native language. Grammar and spelling errors should be expected. The site contain some broken links as it develops like a living tree...
|You can use PayPal to to buy a cup of coffee for authors of this site|
Last modified: May 27, 2018