Return-Path: Received: by massis.lcs.mit.edu (8.7.4/NSCS-1.0S) id HAA16464; Fri, 10 Jan 1997 07:51:03 -0500 (EST) Date: Fri, 10 Jan 1997 07:51:03 -0500 (EST) From: ptownson@massis.lcs.mit.edu (TELECOM Digest Editor) Message-Id: <199701101251.HAA16464@massis.lcs.mit.edu> To: ptownson@massis.lcs.mit.edu Subject: TELECOM Digest V17 #6 TELECOM Digest Fri, 10 Jan 97 07:51:00 EST Volume 17 : Issue 6 Inside This Issue: Editor: Patrick A. Townson RSA DES Challenge (Fred Schimmel) Re: MCI Bait-And-Switch Beware (Torsten Lif) 53rd UCLA Engineering and Management Program (Bill Goodin) Divide Counties Into Two Area Codes? (Tad Cook) AOL Cuts Russian Access (Tad Cook) Ameritech Now Too Impatient For Dialing (Gail M. Hall) JPEG File Formats Question (Stewart Fist) TDD Carriers (was Canadian Use of N11 Codes) (Paul Robinson) Ericsson Discussion Groups (Eric De Sedas PCC) Re: Telecom Related Comics (Dale Farmer) TELECOM Digest is an electronic journal devoted mostly but not exclusively to telecommunications topics. It is circulated anywhere there is email, in addition to various telecom forums on a variety of public service systems and networks including Compuserve and America On Line. It is also gatewayed to Usenet where it appears as the moderated newsgroup 'comp.dcom.telecom'. Subscriptions are available to qualified organizations and individual readers. Write and tell us how you qualify: * ptownson@massis.lcs.mit.edu * The Digest is edited, published and compilation-copyrighted by Patrick Townson of Skokie, Illinois USA. You can reach us by postal mail, fax or phone at: Post Office Box 4621 Skokie, IL USA 60076 Phone: 847-329-0571 Fax: 847-329-0572 ** Article submission address: ptownson@massis.lcs.mit.edu Our archives are located at mirror.lcs.mit.edu. The URL is: http://mirror.lcs.mit.edu/telecom-archives They can also be accessed using anonymous ftp: ftp mirror.lcs.mit.edu/telecom-archives/archives A third method is the Telecom Email Information Service: Send a note to tel-archives@mirror.lcs.mit.edu to receive a help file for using this method or write me and ask for a copy of the help file for the Telecom Archives. ************************************************************************* * TELECOM Digest is partially funded by a grant from the * * International Telecommunication Union (ITU) in Geneva, Switzerland * * under the aegis of its Telecom Information Exchange Services (TIES) * * project. Views expressed herein should not be construed as represent-* * ing views of the ITU. * ************************************************************************* Finally, the Digest is funded by gifts from generous readers such as yourself who provide funding in amounts deemed appropriate. Your help is important and appreciated. A suggested donation of twenty dollars per year per reader is considered appropriate. See our address above. All opinions expressed herein are deemed to be those of the author. Any organizations listed are for identification purposes only and messages should not be considered any official expression by the organization. ---------------------------------------------------------------------- From: schimmel@hobbit.gandalf.ca (Fred Schimmel) Subject: RSA DES Challenge Date: 9 Jan 1997 13:32:58 -0500 Organization: Gandalf Technologies Inc. The following was seen on the cryptography mailing list. It is announcing a contest to try and crack DES through a network of personal computers. Attached also is a pretty clever note from Ron Rivest (of RSA Labs) which shows the magnitude of the effort required by brute force methods. If you want to follow along with the progress of this or are otherwise interested, and would like to subscribe to the cryptography mailing list send a message to: majordomo@panix.com with a message body containing the line: subscribe crypto-news ------>8 clipped from cryptography mailing list 8<------ From trei@process.com Thu Jan 9 11:21:12 1997 Date: Fri, 3 Jan 1997 15:07:07 -6 From: Peter Trei Reply-To: ptrei@acm.org Subject: (Fwd) RSA Announces New "DES Challenge" I suggested this to Jim Bidzos several months ago. My software for participating should be available (to US citizens) shortly. Peter Trei ptrei@acm.org ------- Forwarded Message Follows ------- From: Bob Baldwin To: "'cypherpunks@toad.com'" Cc: Bob Baldwin , Kurt Stammberger Subject: RSA Announces New "DES Challenge" Date: Fri, 3 Jan 1997 10:10:29 -0800 RSA Announces New "DES Challenge" Tens of thousands of dollars in cash prizes offered; contest should improve overall Internet security by illustrating relative strength of different crypto algorithms and keysizes. Business Editors and Computer Writers REDWOOD CITY, Calif.-Jan 2, 1997--RSA Data Security, Inc., a wholly owned subsidiary of Security Dynamics Technology, Inc. (NASDAQ: SDTI), today announced an Internet-based contest with cash prizes. The contest, known as the "RSA DES Challenge", challenges mathematicians, hackers and computer experts around the world to decipher encrypted messages. The goal of the contest is to quantify the security offered by the government endorsed DES encryption standard and other secret-key ciphers at various key sizes. The challenge proper will be launched during the RSA Data Security Conference to be held in San Francisco, January 28-31, with the target ciphertexts for the different contests being simultaneously posted on the company web-site, at http://www.rsa.com/ RSA Data Security pioneered the Internet-based "cracking" contest, when it launched the original "RSA Factoring Challenge" back in 1991. Since then, the company has paid out over $100,000 in prize money to mathematicians and hackers around the world, and the data gained from that Challenge (which is ongoing) has greatly increased mathematicians' understanding of the strength of encryption techniques based on the "factoring problem", such as the RSA Public Key Cryptosystem T. Background It's widely agreed that 56-bit keys, such as those offered by the government's DES standard, offer marginal protection against the committed adversary. By inertia as much as anything else, DES is still used for many applications, and the 20-year-old algorithm is proposed to be exportable under the latest incarnation of Clipper. It is the perfect time to demonstrate to the world that better systems are both required - and available - thus improving the world's security. There have been theoretical studies done showing that a specialized computer "DES cracker" could be built for a modest sum, which could crack keys in mere hours by exhaustive search. However, no one is known to have built such a machine in the private sector - and nobody knows if one has been built in any government, either. The successes of the RSA Factoring Challenge show that for some types of problems, it's possible to recruit spare "cycles" on a large number of machines distributed around the Internet. Therefore, by offering a suitable incentive, it should be possible to recruit sufficient CPU power across the Internet to exhaustively search the DES keyspace in a matter of weeks. Computer scientists have already developed software that will allow even the novice computer user to participate in the cracking effort. By incorporating the key search software in a "screen saver", a simple PC anywhere on the Internet can devote its spare time to working on the problem - remotely and completely unattended. Even people with limited computer skills will be able to participate. In the RSA DES Challenge, the motto will definitely be "The More, The Merrier". The Contest Full details of the RSA DES Challenge will be posted on the RSA home page (http://www.rsa.com/) during the first weeks of January. Complete rules for the competition will be provided as well as example challenges and solutions against which computer scientists and hackers can test their software. In conjunction with the RSA DES Challenge, RSA will simultaneously launch a series of other contests based around the RC5 Symmetric Block Cipher (another encryption algorithm). Since RC5 is a variable key length block cipher, targets that offer increasing resistance against so-called "exhaustive search attacks" will be posted in the hope of assessing the full impact of a widely-distributed exhaustive search. There will be 12 challenges based on the use of RC5. Prizes will be awarded for the recovery of each of 12 keys which are chosen to be of lengths varying from 40 bits all the way up to 128 bits, with the length increasing in steps of eight bits. The email sender of the first correctly formatted submissions to each contest will receive a cash prize. For the RSA DES Challenge the first sender of the secret DES key will receive $10,000. For the other contests the prize money awarded will vary with the difficulty of the RC5 key attacked. For more information about the ongoing RSA Factoring Challenge send email to challenge-administrator@rsa.com and for the latest news and developments send email to challenge-news@rsa.com. About RSA Data Security, Inc. RSA Data Security, Inc., a wholly owned subsidiary of Security Dynamics Technologies, Inc., is the world's brand name for cryptography, with more than 75 million copies of RSA encryption and authentication technologies installed and in use worldwide. RSA technologies are part of existing and proposed standards for the Internet and World Wide Web, IT4, ISO, ANSI, IEEE, and business, financial and electronic commerce networks around the globe. The company develops and markets platform-independent developer's kits and end-user products, and provides comprehensive cryptographic consulting services. For more information on any of RSA's encryption technologies, please call RSA directly at 415/595-8782 or send electronic mail to sales@rsa.com. RSA also provides information on its Web site at http://www.rsa.com. Kurt R. Stammberger Director, Technology Marketing RSA Data Security, Inc. (A Security Dynamics Company) 415-595-8782 vox 415-595-1873 fax kurt@rsa.com www.rsa.com ----------------- Peter Trei Senior Software Engineer Purveyor Development Team Process Software Corporation http://www.process.com trei@process.com Ron Rivest replies: ---------- Forwarded message ---------- Date: Tue, 07 Jan 1997 11:45:50 -0500 From: "Perry E. Metzger" To: cryptography@c2.net Subject: Ron Rivest: DES key search // concrete analogy Forwarded with permission. ------- Forwarded Message From: rivest@theory.lcs.mit.edu (Ron Rivest) Date: Mon, 06 Jan 97 23:07:16 EST Subject: DES key search // concrete analogy For your amusement: The number 2^56 of DES keys is quite close to the number of 3"x5" index cards that it takes to cover the surface of the earth (ocean included). A Pentium searching 200,000 keys/second is like driving a car at 70 mph and checking all the index cards in a 200-foot wide swath. At this speed, it takes two weeks just to go around the earth once. Cheers, Ron Rivest ------- End of Forwarded Message Fred Schimmel (609)461-8100 ext. 5060 | email: schimmel@gandalf.ca Gandalf Systems Corporation |------------------------------- 501 Delran Parkway | Objects in mirror are Delran NJ 08075 USA | closer than they appear! ------------------------------ From: Torsten Lif Subject: Re: MCI Bait-And-Switch Beware Date: Thu, 09 Jan 1997 16:22:06 -0500 Organization: Ericsson Messaging Systems, Woodbury, New York, USA Ron Bolin wrote: > I just recently changed from AT&T to MCI. MCI promised significantly > lower rates when they called me to switch. They had some third party > call and confirm my change and service. After a month on MCI I found > that they did not honor their rates and that the rates were actually > higher than AT&T. > I have a major problem with this kind of marketing. I call it a lack > of integrity. Needless to say I switched back to AT&T and will never > consider MCI again. > Get it in writing before you change providers. > [TELECOM Digest Editor's Note: If you 'get it in writing before you > change providers' then you probably never will change providers since > all of them hate to write letters or make any written commitments. > I do not know why it is, but getting any telemarketer -- not just the > ones for phone companies -- to engage in written correspondence is > almost impossible. Telephone companies in particular never like to > write letters it would seem. PAT] Sorry for leaving in all of the quoted message, but it's all relevant to my personal experiences in the area. When my wife and I moved to the US (18 months ago), we got repeated calls from long-distance carriers wanting to sign us up. NONE provided any written info, despite all of them promising to do so. I have not had any success in getting any of them to ever send me any information in writing. We used AT&T more or less "by default" for 15 months until MCI called in with an attractive offer that the salesperson said was "for eternity", meaning that it was not a time-limited promotion. I specifically asked her to confirm this several times and she did. Fine, we accepted MCI. But when the paperwork arrived, I found that the prices were a 6-month promotional and would double after that date. Annoyed, I called and they denied any responsibilty - "the sales person was not authorized to make those promises - Sorry". Then, AT&T called to try to re-enlist us. They offered a comparable rate to MCI's (significantly lower than their original one) and claimed that it would be valid for as long as we used them as our long-distance carrier. Remembering the MCI promises, I asked the AT&T salesperson several times if this was correct, if they really would honor these rates "forever" and he said they would. Then the first bill appeared and they had not even honored the rates he promised. I called AT&T and they "fixed" it "All set, Sir. Your account has been credited and you will have the reduced rates for six months from today." I protested that their sales person had specifically said the rates came without any expiry date. "Sorry, Sir. The sales person was not authorized to make those promises." Sound familiar? I'm forced to conclude that they are both equally guilty in this. So far, Sprint is the only one of the "Big Three" that hasn't made any false promises. If nothing else happens to change my mind, I will be calling them about their rates to Sweden as soon as the "Thanks for switching" check from AT&T has cleared. Another angle: Verbal contracts are legally as binding as writing, if you can prove what was said. Do the third-party "witnesses" that are called in record the conversations in some "safe" manner? Could I insist on having the salescritter repeat the offer for the recording and then really hold the company to it? Torsten [TELECOM Digest Editor's Note: They get real indignant when you tell them you are going to record the conversation. You must by law inform the other party that you are going to record it. They really do not like it however. Be sure to include the question, "Are you personally authorized to make promises and commitments on behalf of ? If the telemarketer says yes, then you can later get them on fraud charges for having made such claims (about their authority to speak for their employer). If they say no, then you ask to speak to someone who *is* authorized to make promises and commitments. Also, whenever you request it from your local telco, you can have your long distance service defaulted to no carrier at all, and leave it that way until you get an offer you want to accept. Of course during that time you will need to make calls using the 10xxx method of selection. PAT] ------------------------------ From: Bill Goodin Subject: 53rd UCLA Engineering and Management Program Date: Thu, 9 Jan 1997 11:25:00 -0800 March 23-28, 1997, on the UCLA campus in Los Angeles. For more than 40 years, UCLA Extension's Engineering and Management Program has provided "how to" answers to the challenges that technical managers face daily. The program is designed for experienced first-level technical supervisors, mid-level technical managers, technical professionals with high advancement potential, and non-technical managers in technology-based organizations. A special benefit is the opportunity for participants to personalize their own curriculum by selecting four courses, each one meeting two hours per day. Participants may choose from 24 course offerings to address these and other important management questions: o How can I develop products and services that will have a market? o How can I use technology as one of the drivers of organizational change? o How can I influence persons who do not report directly to me or to my boss? o How can I create a culture that nourishes creativity, customer service, risk taking, and accountability? o How can I successfully communicate in-house with peers, subordinates, and superiors, and with global customers and suppliers? o How can I carry out my managerial role in the face of major change in the organization? o How can I prepare myself for emerging trends and an uncertain future? o How can I better use or change aspects of my style of leadership to get desired results? o How can I identify and eliminate costly, nonvalue-added activities? Instructors are drawn from the UCLA faculty, other universities, and the business community. All combine research and theory with practice and application. The program advisory committee, which includes technical managers from Hewlett Packard, Trillium Digital Systems, TRW, Sandia National Laboratories, Beckman Instruments, Amgen, Telegenics, Rockwell, and ARCO, actively participates in the selection and evaluation of the courses. The program fee of $1,995 includes all texts and materials for courses in which the participant is enrolled, five continental breakfasts, five luncheons, social events, parking at UCLA, and use of University facilities and equipment. For further information and a complete program booklet, please contact Beverly Croswhite at: Pnone: (310) 825-3858 Fax: (310) 206-2815, e-mail: bcroswhi@unex.ucla.edu WWW: http://www.unex.ucla.edu/engineering/management ------------------------------ Subject: Divide Counties Into Two Area Codes? Date: Thu, 9 Jan 1997 10:56:36 PST From: tad@ssc.com (Tad Cook) Tennessee Agency Opposes Proposal to Divide Counties into Two Area Codes By Cree Lawson, Nashville Banner, Tenn. Knight-Ridder/Tribune Business News Jan. 9--Tennessee Regulatory Authority directors are asking telecommunications leaders to revise a plan to split the Midstate into two area codes. TRA Director Melvin Malone and Chairman H. Lynn Greer opted not to approve a stronger motion by Director Sara Kyle that would have drawn a resolution against splitting counties by area code. The authority has no legal power over the Tennessee Telecommunications Association or its plan, so Kyle's resolution would have gone to the Legislature. "I just think that we ought to give the industry a chance to work this mess out before we get involved," Greer said after the TRA's Tuesday meeting. The decision followed the presentation of a TRA staff report that showed many area residents are concerned about their counties being split between the old 615 area code and the proposed new 931 code. Under the plan, several counties would be divided, with parts of each remaining in the 615 area code. TRA staff members discussed the area code plan in public hearings in 17 counties last month. "Strong protest of this part of the plan surfaced, particularly in Houston and Smith counties," said TRA's utility services chief Eddie Roberson Jr. who presented the report. "In fact, the Houston County Commission passed a resolution requesting that the two counties refuse to be served by two area codes." The telecommunications association will meet privately Jan. 15 to put together a final proposal on the area code split. That decision will go to the TRA in February. (c) 1997, Nashville Banner, Tenn. Distributed by Knight-Ridder/Tribune Business News. ------------------------------ Subject: AOL Cuts Russian Access Date: Thu, 9 Jan 1997 11:03:52 PST From: tad@ssc.com (Tad Cook) The Post-Crescent, Appleton, Wis., Business Briefs Column The Post-Crescent, Appleton, Wis. Knight-Ridder/Tribune Business News Jan. 8-Russia AOL CUTS RUSSIAN SERVICE, ALLEGING FRAUD: With phone calls costing around $34 an hour in Russia, America Online became suspicious when it noticed a surge in calls among subscribers in the former communist country. "When you start seeing people online for hours at a time, you begin to think 'How can people afford this?"' said spokeswoman Susan Porter. The answer was they couldn't. In fact, AOL found so much fraud involving stolen credit card numbers, stolen account passwords and other fraudulent means to get free Internet access that on Dec. 14 it cut all direct service in Russia. (c) 1997, The Post-Crescent, Appleton, Wis. Distributed by Knight-Ridder/Tribune Business News. ------------------------------ From: gmhall@apk.net (Gail M. Hall) Subject: Ameritech Now Too Impatient For Dialing Date: Fri, 10 Jan 1997 06:23:53 GMT Organization: APK Net, Ltd. This is probably going to sound dumb to some people, but it is bothering me and maybe some others who may have some physical problems. I haven't heard this mentioned before, but I wouldn't be surprised if some other people are having the same problem. A few months ago Ameritech "upgraded" our lines somehow. Ever since then if I take the least little bit of extra time dialing a number, it interrupts me and the voice tells me the call didn't go through. This is in spite of the fact that I haven't dialed more than 3 or 4 numbers yet. OK, so I'm a lamebrain. But I can't REMEMBER 7 digits all at once, much less 10. So I'll enter the first part of the number, then look at my note with the number on it, and then dial some more numbers. But now the way the phone company works, it won't wait for me to dial the numbers. Next problem is the automatic thingies that want you to punch in numbers. It wants you to punch in your account number for this service. That number is maybe 12 or 14 digits long and in small print. So I can't remember all those number. It just won't accept the idea that it takes me longer to punch those numbers than it would if I had them automated in my hands the way I can when I type on this computer. I think this is a huge disservice to anyone who might be handicapped in some way and needs extra time to enter the numbers. We may have trouble seeing the numbers on the paper or seeing the numbers on the phone pad or maybe just have trouble getting our fingers placed just right. Other than preprogrammed phones where you can preset x number of numbers into a phone, I am not familiar with any phone that lets you enter a number and then press to have the phone then enter the digits like you might be able to do on a computer. So each number is entered as you press it. They need to be more patient in that case. I had never had this problem until this past fall when they "upgraded" our line. Any comments? Is there any way to get Ameritech to reset their waiting period to give us older, slower people a break? Is there a way to have Ameritech reprogram my phone lines to let me have the time I need to enter the numbers? Thanks in advance! Gail M. Hall mailto:gmhall@apk.net ------------------------------ Date: Fri, 10 Jan 1997 11:58:32 +1000 From: fist@ozemail.com.au (Stewart Fist) Subject: JPEG File Formats Question I want to look into some .JPG files on the web and deconstruct them. Can anyone point me to a good tutorial on JPEG and the source of the file format definition? Thanks, Stewart Fist Technical writer and journalist. Homepage:< http://ourworld.compuserve.com/homepages/stewart_fist > Archives of my columns:< http://www.abc.net.au/http/pipe.htm > Development site: Phone:+612 9416 7458 Fax: +612 9416 4582 ------------------------------ From: Paul Robinson Subject: TDD Carriers (was Canadian Use of N11 Codes) Date: Wed, 08 Jan 1997 23:50:21 -0500 Organization: Evergreen Software On Tue, 17 Dec 1996 02:02:35 GMT, roamer1@pobox.com (Stanley Cline) wrote in a message titled Re: Canadian Use Of N11 Codes: > Originally, the state relay services would only complete calls that > both *originated and terminated* in the same state... Since that > time, most relay services have expanded to allow interstate calls; > only *one* point has to be in the state that sponsors the relay > service. (For example, to call a Tennessee hearing-impaired > customer from my house in Georgia, I can call either the Georgia > *or* Tennessee relay services.) > Most relay services are still tied closely to AT&T, mainly because > AT&T often provides the long distance for the relay service From research I did, I happen to know that at least Maryland and North Carolina's relay services are operated by Sprint. I think Texas is, as well. In fact, I think most of the TDD relay services are operated by Sprint or MCI; I can't remember seeing any mentioned as being operated by AT&T, except for the national 800 TDD directory service. Paul Robinson (formerly PAUL@TDR.COM) ------------------------------ From: edesedas@cais.cais.com (Eric De Sedas) Subject: Ericsson Discussion Groups Date: 9 Jan 1997 13:38:10 GMT Organization: Sent via CAIS Internet Hi. I am interested in finding discussion groups for professionals dealing with specifc vendor's equipment: Ericsson products. Better yet, people who has experience with Ericsson AXE10 (Cellular platform) and ERA minilink microwave equipment. Thank you for the info! Eric De Sedas BellSouth Panama edesedas@cais.com ------------------------------ From: dale@access5.digex.net (Dale Farmer) Subject: Re: Telecom Related Comics Date: 9 Jan 1997 18:45:38 GMT Organization: Dale's House of Turnips Another telecom related comic strip is "Kevin & Kell" by Bill Holbrook. Many, many net related gags. He is a sysop on the 'herbivore forum', and a rabbit. She is a wolf working for "Herd Thinners, Inc." Only available on the www site, and color sunday strips only available at the boardwatch magazine website. I reccommend it. Dale Farmer Dale@access.digex.net Personal opinions only. ------------------------------ End of TELECOM Digest V17 #6 ****************************