More flyingpenguins

Whew. I just mowed through hundreds of spam comments.

I used to enjoy reading these crazy things as a sort of stream-of-conscious Kerouac-like review of our modern tendencies for consumption.

Call me crazy, but maybe someone should make this into performance art — read a spam filter to music and do an artistic interpretation of the messages:

stricken golf servicemen entrusting pads
oat sycophantic mortgages apprehensions
Teletext Jackie Seabrook contrition whacked pills
intoxicating geyser sandpaper Germania Amoco coriander treatise mortgages
home equity loan

Yeah, say it out loud man! Cool, daddy-o. Home equity loan…oh, home equity loan.

I admit it, I can sometimes really get into this stuff. I suppose I should dismiss everything but the sensible comments, yet there’s something oddly poetic and security-related in thinking about the hundreds of spam entries I get every day.

For example, remember the origins of public-key cryptography?

We know that secret communication still uses blind-drops and even steganography (someone posts a jpg on a free public site like flickr and then anyone else can download and decrypt), so there’s clearly intent out there. And we know that some serious time and money is spent listening to the noise from space. Wonder what would happen if we ran spam through some of the same analytics and filters. Would there be a hidden message? The meaning of life? Does it all add up to a magic number?

Maybe I’m just having too much fun thinking about it, when I could be out getting some sun like this little fellow:

Evil Penguineval

Ok, enough spam. I’m going to think about putting in some new controls.

Honda Diesel by 2009

Reported by USATODAY, Honda is aiming to release a diesel vehicle that meets US Department of Energy Tier 2 Bin 5 emissions standards:

As for the diesel, Honda Vice President Ed Cohen said the timing is right to bring a new breed of quieter, smoother, cleaner engines to the USA. They achieve 30% better mileage than comparable gas engines. Volkswagen and DaimlerChrysler also have made a commitment to diesel in the USA.

Their technology is called the 2.2L i-CTDi and is already said to be more efficient, with more torque and less noise and emissions than gas and even the hybrid engines. Watch a nice Honda introductory video here, and read a comparison of honda engines (from Dec 2004!) here.

Who invented public-key cryptography

I went to presentation yesterday where a speaker told the audience the tale of how the three guys from MIT invented public-key cryptography. You know, the RSA trio. I mentioned that they were not the sole inventors (hey, Diffie sits on the crypto panel at RSA for a reason) but was soundly shut-down.

After the presentation I did a little research to double-check and while I thought Diffie-Hellman and Merkle were important, I didn’t realize that another group actually pre-dated even their publication. It turns out that there is a paper from 1987 called The Story of Non-Secret Encryption written by James Ellis. This paper not only describes ground-breaking work done prior to Diffie-Hellman and Merkle, but it gives credit to Bell Labs in 1944 for helping instigate the modern public key cryptography concepts.

Source is available here:

A paper written by Clifford Cocks (November 20, 1973) called “A Note on Non-Secret Encryption” is also relevant.

Here’s a nice review of the actual history, as told by the Living Internet:

Ellis began thinking about the shared secret key problem in the late 1960’s when he discovered an old Bell Labs paper from October, 1944 titled “Final Report on Project C43”, describing a clever method of secure telephone conversation between two parties without any prearrangement. If John calls Mary, then Mary can add a random amount of noise to the phone line to drown out John’s message in case any eavesdroppers are listening. However, at the same time Mary can also record the telephone call, then later play it back and subtract the noise she had added, thereby leaving John’s original message for only her to hear. While there were practical disadvantages to this method, it suggested the intriguing logical possibility: there might be methods of establishing secure communications without first exchanging a shared secret key.

Ellis thought about this seemingly paradoxical idea for awhile, and while lying in bed one night developed an existence proof that the concept was possible with mathematical encryption, which he recorded in a secret CESG report titled The Possibility of Non-Secret Encryption in January, 1970. This showed logically that there could be an encryption method that could work without prior prearrangement, and the quest in GCHQ then turned to find a practical example.

The first workable mathematical formula for non-secret encryption was discovered by Clifford Cocks, which he recorded in 1973 in a secret CESG report titled A Note on Non-Secret Encryption. This work describes a special case of the RSA algorithm, differing in that the encryption and decryption algorithms are not equivalent, and without mention of the application to digital signatures. A few months later in 1974, Malcolm Williamson discovered a mathematical expression based on the commutativity of exponentiation that he recorded in a secret report titled Non-Secret Encryption Using A Finite Field, and which describes a key exchange method similar to that discovered by Diffie, Hellman, and Merkle. It is not known to what uses, if any, the GCHQ work was applied.

It just goes to show, don’t always believe what you hear in presentations…

Winny and Trend

Winny seems to be peer-to-peer software in Japan that is behind some high-profile incidents. Computerworld reports that even a leading anti-virus company has been bitten by the program:

Trend Micro became the latest of a number of corporations or government agencies to report data losses as a result of viruses on the Winny network. Winny can be downloaded at no charge and is a popular way for Japanese Internet users to exchange music and video files.

Documents, including police investigation materials, training manuals for Japan’s Self-Defense Force, data related to nuclear power plants and information including the names of sex-crime victims, have all found their way into the public domain via Winny, according to local news reports.

The string of leaks led a senior Japanese government official, Chief Cabinet Secretary Shinzo Abe, to call on people not to use Winny.

“We cannot prevent information leaks unless everyone takes antivirus measures,” Abe said at a news conference on March 15. “The surest way is not to use Winny.”

Coming next, the Japanese government officials will politely ask people to stop eating Fugu.