THE CYPHERNOMICON: Cypherpunks FAQ and More, Version 0.666,
1994-09-10, Copyright Timothy C. May. All rights reserved.
See the detailed disclaimer. Use short sections under "fair
use" provisions, with appropriate credit, but don't put your
name on my words.
3.2 - SUMMARY: Cypherpunks -- History, Organization, Agenda
3.2.1. Main Points
- Cypherpunks formed in September, 1992
- formed at an opportune time, with PGP 2.0, Clipper, etc.
- early successes: Cypherpunks remailers, publicity
3.2.2. Connections to Other Sections
3.2.3. Where to Find Additional Information
- "Wired," issue 1.2, had a cover story on Cypherpunks.
- "Whole Earth Review," Summer 1993, had a long article on
crypto and Cypherpunks (included in the book "Out of
Control," by Kevin Kelly.
- "Village Voice," August 6th (?). 1993, had cover story on
"Crypto Rebels" (also reprinted in local weeklies)
- and numerous articles in various magazines
3.2.4. Miscellaneous Comments
- the best way to get a feel for the List is to simply read
it for a while; a few months should do.
3.3 - The Cypherpunks Group and List
3.3.1. What is it?
+ Formal Rules, Charter, etc.?
- no formal rules or charter
- no agreed-upon mission
3.3.2. "Who are the Cypherpunks?"
- A mix of about 500-700
+ Can find out who by sending message to email@example.com
with the message body text "who cypherpunks" (no quotes, of
- Is this a privacy flaw? Maybe.
- Lots of students (they have the time, the Internet
accounts). Lots of computer science/programming folks. Lots
- quote from Wired article, and from "Whole Earth Review"
3.3.3. "How did the Cypherpunks group get started?"
- Discussions between Eric Hughes and me, led to Eric's
decision to host a gathering
+ First meeting was, by coincidence, the same week that PGP
2.0 was released...we all got copies that day
- morning session on basics
- sitting on the floor
+ afternoon we played the "Crypto Game"
- remailers, digital money, information for sale, etc.
- John Gilmore offered his site to host a mailing list, and
his company's offices to hold monthly meetings
- The mailing list began almost immediately
- The Name "Cypherpunks"?
3.3.4. "Should I join the Cypherpunks mailing list?"
- If you are reading this, of course, you are most likely on
the Cypherpunks list already and this point is moot--you
may instead be asking if you should_leave_ the List!
- Only if you are prepared to handle 30-60 messages a day,
with volumes fluctuating wildly
3.3.5. "How can I join the Cypherpunk mailing list?"
- send message to "firstname.lastname@example.org" with a _body_ text of
"subscribe cypherpunks" (no quote marks in either, of
- about 500-700 at any given time
- many folks join, are overwhelmed, and quit
- other groups: Austin, Colorado, Boston, U.K.
3.3.7. "Why are there so many libertarians on the Cypherpunks list?"
+ The same question is often asked about the Net in general.
Lots of suggested reasons:
- A list like Cypherpunks is going to have privacy and
freedom advocates. Not all privacy advocates are
libertarians (e.g., they may want laws restricting data
collection), but many are. And libertarians naturally
gravitate to causes like ours.
- Net grew anarchically, with little control. This appeals
to free-wheeling types, used to making their own choices
and building their own worlds.
- Libertarians are skeptical of central control structures,
as are most computer programming types. They are
skeptical that a centrally-run control system can
coordinate the needs and desires of people. (They are of
course more than just "skeptical" about this.)
- In any case, there's not much of a coherent "opposition
camp" to the anarcho-capitalist, libertarian ideology.
Forgive me for saying this, my non-libertarian friends on
the list, but most non-libertarian ideologies I've seen
expressed on the list have been fragmentary, isolated, and
not coherent...comments about "how do we take care of the
poor?" and Christian fundamentalism, for example. If there
is a coherent alternative to a basically libertarian
viewpoint, we haven't seen it on the list.
- (Of course, some might say that the libertarians outshout
the alternatives...I don't think this is really so.)
3.3.8. "How did the mailing list get started?"
- Hugh Daniel, Eric Hughes, and I discussed this the day
after the first meeting
- mailing list brought together diverse interests
- How to hoin?
3.3.9. "How did Cypherpunks get so much early publicity?"
- started at the right time, just as PGP was gaining
popularity, as plans for key escrow were being laid (I
sounded an alarm in October, 1992, six months before the
Clipper announcement), and just as "Wired" was preparing
its first issue
- Kevin Kelly and Steven Levy attended some of our early
meetings, setting the stage for very favorable major
stories in "Wired" (issue 1.2, the cover story), and "Whole
Earth Review" (Summer, 1993)
- a niche for a "renegade" and "monkey-wrenching" group, with
less of a Washington focus
- publicity in "Wired," "The Whole Earth Review," "The
+ Clipper bombshell occupied much of our time, with some
effect on policy
- climate of repudiation
- links to EFF, CPSR, etc.
3.3.10. "Why the name?"
- Jude Milhon nicknames us
- cypherpunkts? (by analogy with Mikropunkts, microdots)
3.3.11. "What were the early meetings like?"
- cypherspiel, Crypto Anarchy Game
3.3.12. "Where are places that I can meet other Cypherpunks?"
- physical meetings
- start your own...pizza place, classroom
+ other organizations
+ "These kind of meetings (DC 2600 meeting at Pentagon City
Mall, 1st Fri. of
- every month in the food court, about 5-7pm or so) might
be good places for
- local cypherpunks gatherings as well. I'm sure there
are a lot of other
- such meetings, but the DC and Baltimore ones are the
ones I know of.
- (note that the DC area already meets...)
- Hackers, raves
- regional meetings
3.3.13. "Is the Cypherpunks list monitored? Has it been infiltrated?"
- Unknown. It wouldn't be hard for anyone to be monitoring
- As to infiltration, no evidence for this. No suspicious
folks showing up at the physical meetings, at least so far
as I can see. (Not a very reliable indication.)
3.3.14. "Why isn't there a recruiting program to increase the number
- Good question. The mailing list reached about 500
subscribers a year or so ago and has remained relatively
constant since then; many subscribers learned of the list
and its address in the various articles that appeared.
- Informal organizations often level out in membership
because no staff exists to publicize, recruit, etc. And
size is limited because a larger group loses focus. So,
some stasis is achieved. For us, it may be at the 400-700
level. It seems unlikely that list membership would ever
get into the tens of thousands.
3.3.15. "Why have there been few real achievements in crypto
+ Despite the crush of crypto releases--the WinPGPs,
SecureDrives, and dozen other such programs--the fact is
that most of these are straightforward variants on what I
think have been the two major product classes to be
introduced in the last several years"
- PGP, and variants.
- Remailers, and variants.
- These two main classes account for about 98% of all product-
or version-oriented debate on the Net, epitomized by the
zillions of "Where can I find PGP2.6ui for the Amiga?"
sorts of posts.
+ Why is this so? Why have these dominated? What else is
+ First, PGP gave an incredible impetus to the whole issue
of public use of crypto. It brought crypto to the masses,
or at least to the Net-aware masses. Second, the nearly
simultaneous appearance of remailers (the Kleinpaste/Julf-
style and the Cypherpunks "mix"-style) fit in well with
the sudden awareness about PGP and crypto issues. And
other simultaneous factors appeared:
- the appearance of "Wired" and its spectacular success,
in early 1993
- the Clipper chip firestorm, beginning in April 1993
- the Cypherpunks group got rolling in late 1992,
reaching public visibility in several articles in 1993.
(By the end of '93, we seemed to be a noun, as Bucky
+ But why so little progress in other important areas?
- digital money, despite at least a dozen reported
projects, programs (only a few of which are really
anything like Chaum's "digital cash")
- data havens, information markets, etc.
- money-laundering schemes, etc.
+ What could change this?
- Mosaic, WWW, Web
- A successful digital cash effort
3.4 - Beliefs, Goals, Agenda
3.4.1. "Is there a set of beliefs that most Cypherpunks support?"
+ There is nothing official (not much is), but there is an
emergent, coherent set of beliefs which most list members
seem to hold:
* that the government should not be able to snoop into our
* that protection of conversations and exchanges is a basic
* that these rights may need to be secured through
_technology_ rather than through law
* that the power of technology often creates new political
realities (hence the list mantra: "Cypherpunks write
+ Range of Beliefs
- Many are libertarian, most support rights of privacy,
some are more radical in apppoach
3.4.2. "What are Cypherpunks interested in?"
- crypto anarchy
- digital money
3.4.3. Personal Privacy and Collapse of Governments
- There seem to be two main reasons people are drawn to
Cypherpunks, besides the general attractiveness of a "cool"
group such as ours. The first reason is _personal privacy_.
That is, tools for ensuring privacy, protection from a
surveillance society, and individual choice. This reason is
widely popular, but is not always compelling (after all,
why worry about personal privacy and then join a list that
has been identified as a "subversive" group by the Feds?
Something to think about.)
- The second major is personal liberty through reducing the
power of governments to coerce and tax. Sort of a digital
Galt's Gulch, as it were. Libertarians and
anarchocapitalists are especially drawn to this vision, a
vision which may bother conventional liberals (when they
realize strong crypto means things counter to welfare,
AFDC, antidiscrimination laws....).
- This second view is more controversial, but is, in my
opinion, what really powers the list. While others may
phrase it differently, most of us realize we are on to
something that will change--and already is changing--the
nature of the balance of power between individuals and
3.4.4. Why is Cypherpunks called an "anarchy"?
- Anarchy means "without a leader" (head). Much more common
than people may think.
- The association with bomb-throwing "anarchists" is
3.4.5. Why is there no formal agenda, organization, etc.?
- no voting, no organization to administer such things
- "if it ain't broke, don't fix it"
- and it's how it all got started and evolved
- also, nobody to arrest and hassle, no nonsense about
filling out forms and getting tax exemptions, no laws about
campaign law violations (if we were a formal group and
lobbied against Senator Foo, could be hit with the law
limiting "special interests," conceivably)
3.4.6. How are projects proposed and completed?
- If an anarchy, how do things get done?
- The way most things get done: individual actions and market
3.4.7. Future Needs for Cyberspace
+ Mark Pesci's ideas for VR and simulations
- distributed, high bandwidth
- a billion users
- spatial ideas....coordinates...servers...holographic
- WWW plus rendering engine = spatial VR (Library of
- "The Labyrinth"
+ says to avoid head-mounted displays and gloves (bad for
+ instead, "perceptual cybernetics".
- phi--fecks--psi (phi is external world,Fx = fects are
effectuators and sensors, psi is your internal state)
3.4.8. Privacy, Credentials without identity
3.4.9. "Cypherpunks write code"
- "Cypherpunks break the laws they don't like"
- "Don't get mad, get even. Write code."
3.4.10. Digital Free Markets
+ strong crypto changes the nature and visibility of many
economic transactionst, making it very difficult for
governments to interfere or even to enforce laws,
- thus, changes in the nature of contract enforcement
+ (Evidence that this is not hopeless can be found in
- criminal markets, where governments obviously cannot be
- international markets, a la "Law Merchant"
- "uttering a check"
- shopping malls in cyberspace...no identifiable national or
regional jurisdiction...overlapping many borders...
+ caveat emptor (though rating agencies, and other filter
agents, may be used by wary customers....ironically,
reputation will matter even more than it now does)
- no ability to repudiate a sale, to be an Indian giver
- in all kinds of information....
3.4.11. The Role of Money
- in monetarizing transactions, access, remailers---digital
3.4.12. Reductions on taxation
- offshore entities already exempt
- tax havens
- cyberspace localization is problematic
- rules of nations are ignored
3.4.14. Data Havens
- credit, medical, legal, renter, etc.
3.4.15. MOOs, MUDs, SVRs, Habitat cyberspaces
- "True Names" and "Snow Crash"
- What are
+ Habitat....Chip and Randy
- Lucasfilm, Fujitsu
- started as game environment...
- many-user environments
- communications bandwidth is a scarce resource
- object-oriented data representation
+ implementation platform unimportant...range of
- pure text to Real ity Engines
- never got as far as fully populating the reality
- "detailed central planning is impossible; don't even try"
- 2-D grammar for layouts
+ "can't trust anyone"
- someone disassembled the code and found a way to make
- ways to break the system (extra money)
+ future improvements
- multimedia objects, customizable objects, local turfs,
- "Global Cyberspace Infrastructure" (Fujitsu, FINE)
+ more bandwidth means more things can be done
- B-ISDN will allow video on demand, VR, etc.
- protocol specs, Joule (secure concurrent operating
- intereaction spaces, topological (not spatial)
+ Xerox, Pavel Curtis
- 1200 different users per day, 200 at a time, 5000 total
- "social virtual realities"--virtual communities
- how emergent properties emerge
- rooms, audio, video, multiple screens
- policing, wizards, mediation
- effective telecommuting
- need the richness of real world markets...people can sell
+ Is there a set of rules or basic ideas which can form the
basis of a powerfully replicable system?
- this would allow franchises to be disctrubed around the
- networks of servers? distinction between server and
- money, commercialization?
- Joule language
3.4.16. "Is personal privacy the main interest of Cypherpunks?"
- Ensuring the _right_ and the _technological feasibility_ is
more of the focus. This often comes up in two contexts:
- 1. Charges of hypocrisy because people either use
pseudonyms or, paradoxically, that they _don't_ use
pseudonyms, digital signatures
3.4.17. "Shouldn't crypto be regulated?"
- Many people make comparisons to the regulation of
automobiles, of the radio spectrum, and even of guns. The
comparison of crypto to guns is especially easy to make,
and especially dangerous.
+ A better comparison is "use of crypto = right to speak as
- That is, we cannot demand that people speak in a language
or form that is easily understandable by eavesdroppers,
wiretappers, and spies.
+ If I choose to speak to my friends in Latvian, or in
Elihiuish, or in
- triple DES, that's my business. (Times of true war, as
in World War
- II, may be slightly different. As a libertarian, I'm
- that, but I understand the idea that in times of war
speaking in code
+ is suspect. We are not in a time of war, and haven't
- Should we have "speech permits"? After all, isn't the
+ speech consistent with the regulation of automobiles?
- I did a satirical essay along these lines a while back.
- included it here, though. (My speech permit for satire
expired and I
+ haven't had time to get it renewed.)
- In closing, the whole comparison of cryptography to
- misleading. Speaking or writing in forms not readily
- your enemies, your neighbors, your spouse, the cops, or
- eavesdropper is as old as humanity.
3.4.18. Emphasize the "voluntary" nature of crypto
+ those that don't want privacy, can choose not to use crypto
- just as they can take the locks of their doors, install
wiretaps on their phones, remove their curtains so as not
to interfere with peeping toms and police surveillance
- as PRZ puts it, they can write all their letters on
postcards, because they have "nothing to hide"
- what we want to make sure doesn't happen is _others_
insisting that we cannot use crypto to maintain our own
+ "But what if criminals have access to crypto and can keep
- this comes up over and over again
- does this mean locks should not exist, or.....?
3.4.19. "Are most Cypherpunks anarchists?"
- Many are, but probably not most. The term "anarchy" is
- As Perry Metzger puts it "Now, it happpens that I am an
anarchist, but that isn't what most people associated with
the term "cypherpunk" believe in, and it isn't fair to
paint them that way -- hell, many people on this mailing
list are overtly hostile to anarchism." [P.M., 1994-07-01]
- comments of Sherry Mayo, others
- But the libertarian streak is undeniably strong. And
libertarians who think about the failure of politics and
the implications of cryptgraphy generally come to the
anarcho-capitalist or crypto-anarchist point of view.
- In any case, the "other side" has not been very vocal in
espousing a consistent ideology that combines strong crypto
and things like welfare, entitlements, and high tax rates.
(I am not condemning them. Most of my leftist friends turn
out to believe in roughly the same things I believe
in...they just attach different labels and have negative
reactions to words like "capitalist.")
3.4.20. "Why is there so much ranting on the list?"
- Arguments go on and on, points get made dozens of times,
flaming escalates. This has gotten to be more of a problem
in recent months. (Not counting the spikes when Detweiler
+ Several reasons:
+ the arguments are often matters of opinion, not fact, and
hence people just keep repeating their arguments
- made worse by the fact that many people are too lazy to
do off-line reading, to learn about what they are
expressing an opinion on
- since nothing ever gets resolved, decided, vote upon,
etc., the debates continue
- since anyone is free to speak up at any time, some people
will keep making the same points over and over again,
hoping to win through repetition (I guess)
+ since people usually don't personally know the other
members of the list, this promotes ranting (I've noticed
that the people who know each other, such as the Bay Area
folks, tend not to be as rude to each other...any
sociologist or psychologist would know why this is so
+ the worst ranters tend to be the people who are most
isolated from the other members of the list community;
this is generally a well-known phenomenon of the Net
- and is yet more reason for regional Cypherpunks
groups to occasionally meet, to at least make some
social and conversational connections with folks in
- on the other hand, rudeness is often warranted; people
who assault me and otherwise plan to deprive me of my
property of deserving of death, not just insults [Don't
be worried, there are only a handful of people on this
list I would be happy to see dead, and on none of them
would I expend the $5000 it might take to buy a contract.
Of course, rates could drop.]
3.4.21. The "rejectionist" stance so many Cypherpunks have
- that compromise rarely helps when very basic issues are
- the experience with the NRA trying compromise, only to find
ever-more-repressive laws passed
- the debacle with the EFF and their "EFF Digital Telephony
Bill" ("We couldn't have put this bill together without
your help") shows the corruption of power; I'm ashamed to
have ever been a member of the EFF, and will of course not
be renewing my membership.
- I have jokingly suggested we need a "Popular Front for the
Liberation of Crypto," by analogy with the PFLP.
3.4.22. "Is the Cypherpunks group an illegal or seditious
- Well, there are those "Cypherpunk Criminal" t-shirts a lot
of us have...
- Depends on what country you're in.
- Probably in a couple of dozen countries, membership would
be frowned on
- the material may be illegal in other countries
- and many of us advocate things like using strong crypto to
avoid and evade tzxes, to bypass laws we dislike, etc.
3.5 - Self-organizing Nature of Cypherpunks
3.5.1. Contrary to what people sometimes claim, there is no ruling
clique of Cypherpunks. Anybody is free to do nearly anything,
just not free to commit others to course of action, or
control the machine resources the list now runs on, or claim
to speak for the "Cypherpunks" as a group (and this last
point is unenforceable except through reptutation and social
3.5.2. Another reason to be glad there is no formal Cypherpunks
structure, ruling body, etc., is that there is then no direct
target for lawsuits, ITAR vioalation charges, defamation or
copyright infringement claims, etc.
3.6 - Mechanics of the List
3.6.1. Archives of the Cyperpunks List
- Karl Barrus has a selection of posts at the site
chaos.bsu.edu, available via
gopher. Look in the "Cypherpunks gopher site" directory.
3.6.2. "Why isn't the list sent out in encrypted form?"
- Too much hassle, no additional security, would only make
people jump through extra hoops (which might be useful, but
probably not worth the extra hassle and ill feelings).
- "We did this about 8 years ago at E&S using DEC VMS NOTES.
We used a plain vanilla secret key algorithm and a key
shared by all legitimate members of the group. We could do
it today -- but why bother? If you have a key that
widespread, it's effectively certain that a "wrong person"
(however you define him/her) will have a copy of the key."
[Carl Ellison, Encrypted BBS?, 1993-08-02]
3.6.3. "Why isn't the list moderated?"
- This usually comes up during severe flaming episodes,
notably when Detweiler is on the list in one of his various
personnas. Recently, it has not come up, as things have
been relatively quiet.
+ Moderation will *not* happen
- nobody has the time it takes
- nobody wants the onus
+ hardly consistent with many of our anarchist leanings, is
- (Technically, moderation can be viewed as "my house, my
rules, and hence OK, but I think you get my point.)
- "No, please let's not become a 'moderated' newsgroup. This
would be the end of freedom! This is similar to giving the
police more powers because crime is up. While it is a
tactic to fight off the invaders, a better tactic is
knowledge." [RWGreene@vnet.net, alt.gathering.rainbow, 1994-
3.6.4. "Why isn't the list split into smaller lists?"
- What do you call the list outages?
+ Seriously, several proposals to split the list into pieces
have resulted in not much
- a hardware group...never seen again, that I know of
- a "moderated cryptography" group, ditto
- a DC-Net group...ditto
- several regional groups and meeting planning groups,
which are apparently moribund
- a "Dig Lib" group...ditto
- use Rishab's comment:
+ Reasons are clear: one large group is more successful in
traffic than smaller, low-volume groups...out of sight,
out of mind
- and topics change anyway, so the need for a
"steganography" mailing list (argued vehemently for by
one person, not Romana M., by the way) fades away when
the debate shifts. And so on.
3.6.5. Critical Addresses, Numbers, etc.
+ Cypherpunks archives sites
- mirror sites
- ftp sites
- PGP locations
- Infobot at Wired
- email@example.com; "help" as message body
3.6.6. "How did the Cypherpunk remailers appear so quickly?"
- remailers were the first big win...a weekend of Perl
3.7 - Publicity
3.7.1. "What kind of press coverage have the Cypherpunks gotten?"
- " I concur with those who suggest that the solution to the
ignorance manifested in many of the articles concerning the
Net is education. The coverage of the Cypherpunks of late
(at least in the Times) shows me that reasonable accuracy
is possible." [Chris Walsh, news.admin.policy, 1994-07-04]
3.8 - Loose Ends
3.8.1. On extending the scope of Cypherpunks to other countres
- a kind of crypto underground, to spread crypto tools, to
help sow discord, to undermine corrupt governments (to my
mind, all governments now on the planet are intrinsically
corrupt and need to be undermined)
- links to the criminal underworlds of these countries is one
gutsy thing to consider....fraught with dangers, but
ultimately destabilizing of governments