Bahama Leaks exposed – Top Politicians and VIPs involved

The Bahamas
The Bahamas have been on the radar of tax officials around the world for nearly a century.

A cache of leaked documents provides names of politicians and others linked to more than 175,000 Bahamian companies registered between 1990 and 2016

For years, Neelie Kroes traveled Europe as one of the continent’s senior officials, warning big corporations that they couldn’t “run away” from the European Union’s rules. The Dutch politician sympathized with average citizens who worried they’d been left to pay the bills “as infringers cream off the extra profits.”

As the EU’s commissioner for competition policy from 2004 until 2010, she was Europe’s top corporate enforcer and madeForbes magazine’s annual list of the “World’s 100 Most Powerful Women” five times.

What Kroes never told audiences – and didn’t tell European Commission officials in mandatory disclosures – was that she had been listed as a director of an offshore company in the Bahamas, the Caribbean tax haven whose secrecy and tax structures have attracted multinational companies and criminals alike.

Kroes was listed as director of a Bahamian company from 2000 to 2009, according to documents reviewed by the International Consortium of Investigative Journalists.

Kroes, through a lawyer, told ICIJ and media partners that she did not declare her directorship of the company because it was never operational. Kroes’ lawyer blamed her appearance on company records as “a clerical oversight which was not corrected until 2009.” Her lawyer said the company, set up through a Jordanian businessman and friend of Kroes, had been created to investigate the possibility of raising money to purchase assets – worth more than $6 billion – from Enron Corp., the American energy giant. The deal never came off, and Enron later collapsed amid a massive accounting scandal.

 

Emily O’Reilly, the European Ombudsman with powers to investigate alleged breaches of EU rules and procedures, did not comment on the Kroes’ case but said: “When the rules are breached, whether accidentally or otherwise, the negative impression it leaves with the public tends to resonate more strongly than any positive counter steps subsequently undertaken.”

Details of Kroes’ link to the offshore company are among the revelations found in a new leak of documents, received by the German newspaper Süddeutsche Zeitung and shared with ICIJ, that disclose details behind companies incorporated in the Bahamas. The cache of 1.3 million files from the island nation’s corporate registry provides names of directors and some owners of more than 175,000 Bahamian companies, trusts and foundations registered between 1990 and early 2016.

Today ICIJ, Süddeutsche Zeitung and other media partners are making this informationavailable to the public. This creates, for the first time, a free, online and publicly-searchable database of offshore companies set up in the Bahamas. This information has been combined with data from the Panama Papers and other leaked offshore documents to add additional heft to one of the largest public databases of offshore entities in history.

Neelie KroesFormer EU commissioner Neelie Kroes. Photo: AP Photo/Geert Vanden WijngaertThe new information reveals previously unknown or little-reported connections to companies owned or run by current or former politicians from the Americas, Africa, Europe, Asia and the Middle East.

In the Bahamas’ capital, Nassau, company documents can be consulted in person. An online registry, in theory, serves the same purpose. Yet the information in the online registry maintained by the Bahamian government is often incomplete. In addition, retrieving one company’s documents will cost at least $10, in conflict with the recommendation of the international association of company registries, which discourages search fees.

The data released today involve the basic building blocks of offshore companies: a company’s name, its date of creation, the physical and mailing address in the Bahamas and, in some cases, the company’s directors. At a basic level, this information is crucial to day-to-day commerce. In other cases, police, detectives and fraud investigators use registries as starting points on the trail of wrongdoing.

“Corporate registries are incredibly important,” said Debra LaPrevotte, a former U.S. Federal Bureau of Investigation special agent whose work included tracing billions of dollars in bribes and corruption proceeds hidden in tax havens for politicians from Ukraine, Nigeria and Bangladesh. “Offshore companies are often used as intermediaries to facilitate money laundering and, frequently, the companies are only used to open bank accounts, thus the corporate registry documents, which might identify the beneficial owners, are part of the evidence.”

Fresh insights

Unlike the Panama Papers, 11.5 million often-detailed emails, contracts, audio recordings and other documents from one law firm, the information listed in the new Bahamian documents is plainer — if still fundamental — in content. The new data does not make it clear, for example, whether directors named in connection with a Bahamian firm truly control the company or act as nominees, employees-for-hire who serve as the face of the company but have no involvement in its operations.

When paired with the Panama Papers, the Bahamas data provide fresh insights into the offshore dealings of politicians, criminals and executives as well as the bankers and lawyers who help move money.

The new leaked documents include the names of 539 registered agents— corporate middlemen who serve as intermediaries between Bahamian authorities and customers who wish to create an offshore company. Among them is Mossack Fonseca, the law firm whose leaked files formed the basis of the Panama Papers. The firm set up 15,915 entities in the Bahamas, making it Mossack Fonseca’s third busiest jurisdiction. At one point, Bahamian companies were among Mossack Fonseca’s best-sellers.

Mossack Fonseca offices.A police officer outside Mossack Fonseca’s Panama City office. Photo: AP Photo/Arnulfo FrancoThe Panama Papers show how Mossack Fonseca helped clients use Bahamian secrecy to keep their name out of public filings and how the law firm undermined the global push towards tax transparency.

Beyond Mossack Fonseca and the Panama Papers, the leaked Bahamian files reveal details of the offshore activities of prime ministers, cabinet ministers, princes and convicted felons. It is generally not illegal to own or direct an offshore company, and there are legitimate business reasons in many cases for setting up an offshore structure. But transparency experts say it’s important that public officials disclose their connections to offshore entities.

The political and government figures named in the leaked documents include Colombia’s minister of mines and energy between 1999 and 2001, Carlos Caballero Argáez. He was listed as president and secretary of a Bahamian company, Pavc Properties Inc., between 1997 and 2008. Caballero Argáez also appeared as director of Norway Inc., a company registered in the Bahamas between 1990 and 2015.

Argáez told ICIJ that Norway Inc. held a Miami bank account owned by his father. The account’s assets were distributed to his sons upon his death, Argáez said. Pavc Properties owned an apartment in Miami, Argáez said, and his relationship with the company ended in 2008, when he sold his shares. Argáez said he and others chose the Bahamas on lawyers’ advice. He denied any conflict of interest. He said the company was set in the Bahamas for “tax purposes.”

In the case of Kroes, the former senior EU official, the records show that she was director of Mint Holdings Ltd from July 2000 to October 2009. The company was registered in the Bahamas in April 2000 and is currently active.

In response to questions from ICIJ, the Guardian and Dutch newspapers Trouw and Het Financieele Dagblad, Kroes acknowledged that she did not disclose her connection to this company in her declarations of personal financial interests when she first became competition commissioner in 2004 or in later declarations as she continued serving as a high-level EU official.

Kroes served as competition commissioner from November 2004 to February 2010 and as digital commissioner from February 2010 to November 2014.

EU rules require that European commissioners declare all their economic interests in the previous 10 years, including governing, supervisory and advisory positions in companies devoted to commercial and economic activities.

Mint Holdings’ other directors included Jordanian businessman Amin Badr-El-Din. Badr-El-Din was still listed as holding that position in documents from July 2015. The Bahamas online corporate registry does not list the company’s directors.

Mint Holdings Ltd.Click to explore the Offshore Leaks Database.Badr-El-Din founded UAE Offsets Group, a company that reinvests proceeds from weapons sales into the United Arab Emirates. UAE Offsets Group previously contracted with the weapons manufacturing giant Lockheed Martin Corp. Kroes worked as a lobbyist for Lockheed prior to being named EU competition commissioner.

When she was appointed EU competition commissioner, Kroes placed her money in a blind trust and promised to avoid adjudicating on companies with which she had a connection.  While her opponents worried that she might be soft on the business world, Kroes earned the nickname “Steely Neelie” as she imposed record fines on companies that fixed prices and organized unfair monopolies.

Since stepping away from her EU positions, however, she has criticized her successor as competition minister for a ruling declaring that tech giant Apple owes Ireland €13 billion in unpaid taxes.

Kroes, 75, is currently a director or board member of several companies and serves as an advisor to Bank of America Merrill Lynch and Uber. She remains an influential member of the Netherlands’ ruling People’s Party for Freedom and Democracy.

Kroes rejected any criticism of her business activities. Her lawyer said she denied that “she was ever conflicted by ties to the private sector.”

The declarations to the European Union that omitted mention of Mint Holdings were “made in good faith” and “to the best of her knowledge,” Kroes’ lawyer said. “The assumption was that she was no longer a director after the company was no longer needed.”

“Mrs. Kroes will inform the President of the European Commission of this oversight and will take full responsibility for it,” Kroes’ lawyer said.

Badr-El-Din said “Mint Holdings was established as a special purpose vehicle to manage the acquisition of international energy assets, principally from Enron. That deal fell through in late summer of 2000.”

If the deal had gone through, said an attorney for Badr-El-Din, the company was to become “the world’s premier gas company, leading industry away from oil and coal” and reduce Europe’s dependency on Russia’s energy monopoly.

Badr-El-Din’s role in the proposed purchase of Enron’s global assets had been previously disclosed by The New York Times, but Kroes’ involvement in the potential deal apparently had never been reported.

Kroes continued being listed as a director of Mint Holdings until 2009 because the “lawyers involved did not carry out all the instructions and terminate Mrs Kroes’ directorship with Mint Holding,” Badr-El-Din said. “Once these clerical oversights came to light in 2009, they were corrected.”

The Switzerland of the West

The Bahamas is a constellation of 700 islands, many smaller than a square mile. It is one of a handful of micro nations south of the United States whose confidentiality laws and reluctance to share information with foreign governments gave rise to the term “Caribbean curtain.”

For nearly a century, the Bahamas has been on the radar of tax officials around the world.

Nassau, the BahamasThe Bahamas’ capital, Nassau, is home to cruise ships, resorts and offshore service providers. Photo: ShutterstockIn the 1930s, the U.S. Internal Revenue Service investigated Americans who avoided taxes in Switzerland and the Bahamas, which once sold itself as the “Switzerland of the West.” The focus intensified in the 1960s when U.S. investigators noticed an uptick in the use of the Bahamas by organized crime bosses. U.S. bank assets in the Bahamas, meanwhile, ballooned eight times between 1973 and 1979. By the end of the 1970s, one study reported that the “flow of criminal and tax evasion money” into the Bahamas was $20 billion a year.

The Caribbean nation was not easy to penetrate.

To peek behind the curtain, a clandestine U.S. government project named “Operation Tradewinds” used IRS agents who paid an informant to enter the bedroom of a Bahamian banker visiting Miami and to remove his briefcase. At a nearby restaurant, another IRS informant provided the oblivious banker with “female entertainment.”

The briefcase held a goldmine of information from one Bahamian bank on 308 U.S. account holders, including mafia kingpins, celebrities and corporate moguls, who reportedly held as much as a quarter of a billion dollars.

Although the operation led to criminal prosecutions and $100 million in tax penalties, it was scrapped in 1975 after congressional outcry into the IRS’s use of informants.  A U.S. court later declared the briefcase search “flagrantly illegal.”

In 2000, the Organisation for Economic Co-operation and Development, the world’s leading tax policy forum, placed the Bahamas on a blacklist of countries that aid tax dodging. After the Bahamas hurriedly introduced nine new laws, the OECD removed it from the blacklist in 2001. In 2009, though, the OECD put the Bahamas on the organization’s “gray list,” a less severe categorization that nonetheless signified nonconformity with international standards.

The Bahamas is a staple of U.S. tax evasion investigations. Walter C. Anderson, a Washington, D.C., telecommunications executive who disguised his ownership of companies through shell entities in the British Virgin Islands and the Bahamas, was sent to prison in 2007 for evading more than $200 million in income taxes. In 2007, billionaire real estate developer Igor Olenicoff pleaded guilty to a federal tax felony relating to misleading tax returns and the quiet transfer of $196 million into the Bahamas. Olenicoff, who chaired two Bahamian companies with bank accounts on the island, told Forbes earlier this year “that his offshore law firm of choice was in the Bahamas.”

Years later, the Bahamas emerged as a common thread in the U.S. Department of Justice’s crackdown on Swiss banking giant UBS. Between 2009 and 2014, the agency took criminal actions against U.S. citizens and residents with offshore dealings in the Bahamas, including a consultant from California, a steel executive from Illinois, a computer executive from Ohio, a Texan oil industry consultant, a Florida hotel developer and a New Mexico farmer.

In many cases, U.S. investigators struggled to know where to begin. Bahamian law requires the names of directors, who have complete power over offshore companies, to be filed with the national registrar. Yet the names are not always available online and directors’ names cannot be searched individually or without preexisting knowledge of the Bahamian company’s name. That makes it difficult to check whether a public official or a corporate executive is linked to companies chartered in the Bahamas.

In the new documents, for example, Exxon Azerbaijan Caspian Sea Limited, the energy giant’s company in the repressive yet oil-rich nation Azerbaijan lists no directors in the Bahamas registry. Yet there are 19 directors listed in the documents seen by ICIJ. The Bahamian company Equatorial Guinea LNG Holdings Limited shows no directors in the Bahamas’ public registry but, in filesreviewed by ICIJ, six well-connected Equatorial Guineans appear, including the First Lady’s brother and four current and former ministers of energy.

Jason Sharman, who co-authored a survey of information from 40 corporate registers around the world, said the names of offshore company directors are basic information that should be easily accessible to the public.

These days, the Bahamas, a one-hour plane ride from Miami to the capital, Nassau,  claims to be cleaner than ever. Yet doubts persist.

“Bahamas has taken an attitude of selective noncompliance with its own laws, and it is now pushing out this message with a nudge, nudge, wink, wink.” – Nicholas Shaxson

In 2014, the most recent review of the Bahamas’ anti-money laundering systems by the OECD faulted the country on half of the core measures used to judge countries’ compliance with international standards. This included no requirement for banks or financial institutions to know the real identity of a company or trust owner. Although the OECD now considers the Bahamas compliant, in June 2015, the European Union listed the Bahamas and 30 other countries as uncooperative tax havens.

Nicholas Shaxson, author of Treasure Islands: Tax Havens and the Men Who Stole the World, said the Bahamas is one of the handful of tax havens with a riskier and wilder reputation than bigger offshore jurisdictions such as Switzerland.

The Bahamas is “on a par with Panama in terms of its thirst for and tolerance of dirty money,” said Shaxson.

Recently, Shaxson said, as governments push tax havens to share banking and financial information with national tax agencies concerned about offshore evasion by citizens, the Bahamas has pushed back.

“They are saying ‘While everyone else is being transparent, your secrets are safe with us,’” said Shaxson. “Bahamas has also long taken an attitude of selective noncompliance with its own laws, and it is now pushing out this message with a nudge, nudge, wink, wink.”

Bahamian authorities told ICIJ that the country honors its international obligations and cooperates with international authorities. The Bahamas “does not tolerate dirty money,” authorities said, noting it “has in many areas been rated as ‘largely compliant’ with international standards.”

Authorities did not comment on specific cases and defended the Bahamian corporate registry. “Fees for online registry searches covers the cost and upgrading of the online system,” said authorities.

Regarding the sharing of tax information, authorities said: “The Bahamas negotiates in good faith with all appropriate partners of the Global Forum for transparency and exchange of information for tax purposes, subject to…international confidentiality and data security standards.”

Rulers, kleptocrats and yachts

Marco Antonio and Augusto PinochetFormer Chilean dictator Augusto Pinochet, right, with his son Marco Antonio. Photo: AP Photo / Martin ThomasBahamian companies, trusts and bank accounts have appeared in numerous cases involving the seizure of dictators’ and politicians’ money. The son of former Chilean dictator Augusto Pinochet used a Bahamian company, Meritor Investments Limited, to move $1.3 million to his father. Pinochet’s son, Marco Antonio, dismissed the allegations as “lies” and declared no wrongdoing through the Bahamas. Pinochet himself owned another Bahamian company, Ashburton Company Limited,  set up in 1996. Abba Abacha, the son of former Nigerian president, Sani Abacha, had $350 million frozen in Luxembourg and the Bahamas as part of a global asset hunt into the estimated $3 billion stripped from Nigeria during his father’s five-year rule.

Bahamian companies and bank accounts have also played key roles in graft schemes involving former politicians from Greece, Ukraine, Kuwait and Trinidad and Tobago and in illegal kickbacks to Saddam Hussein’s Iraqi government under the United Nations Oil-for-Food program.

The Bahamas was also linked to the dealings of five politicians and public officials revealed in the Panama Papers.

They include Sheikh Hamad bin Jassim bin Jaber Al Thani, Qatar’s former prime minister and foreign minister until 2013, who owned Trick One Limited, a Bahamas company. In January 2005, when foreign minister, Al Thani signed a loan agreement with a bank for $53 million. As collateral on the loan, Al Thani signed up the Al Marqab, a 133-meter, prize-winning yacht worth $300 million.

An attorney for Al Thani declined to comment.

Argentina’s president, Mauricio Macri, his father Francisco and brother Mariano, directed Fleg Trading Ltd, set up in the Bahamas in 1998 and dissolved 11 years later. Macri did not disclose his connection to Fleg Trading in asset declarations in 2007 and 2008 when he was mayor of Buenos Aires. Following the release of Panama Papers, an Argentine prosecutor sought information from authorities in Panama and the Bahamas as part of an investigation into whether Macri “maliciously” omitted his connections to the company.”

Macri’s spokesman told ICIJ that the Argentine president didn’t disclose Fleg Trading Ltd. because he held no financial interests or shares in the company.

The Bahamas was also where meetings and documents were held for Blairmore Holdings Inc., the investment fund directed by Ian Cameron, father of former British Prime Minister David Cameron. Ian Cameron died on Sept. 8, 2010. After the release of the Panama Papers, David Cameron was forced to admit that he financially benefited from the fund, which managed tens of millions of pounds on behalf of wealthy families. Through the offshore structure, incorporated in Panama but run from the Bahamas, the fund avoided paying tax in the United Kingdom.

Mossack Fonseca did not reply to ICIJ’s request for comment. The law firm previously told ICIJ: “As a registered agent we merely help incorporate companies, and before we agree to work with a client in any way, we conduct a thorough due-diligence process, one that in every case meets and quite often exceeds all relevant local rules, regulations and standards to which we and others are bound.”

Happy with status quo

Mossack Fonseca pushed the Bahamas’s confidentiality laws as a selling point and echoed the country’s own defense of the offshore industry in the face growing global calls for transparency.

In 2003, as the country recovered from its money-laundering blacklisting, a Mossack Fonseca employee met with a client to discuss the need for “an aggressive public relations campaign … to try to change the bad perception people have about the Bahamas when it comes to privacy.” Information was “not exchanged often or extensively,” the two reassured one another, according to internal notes from the Panama Papers.

In 2009, a Mossack Fonseca employee proposed transferring a U.S. customer’s assets to a trust in the Bahamas to ensure confidentiality during a bankruptcy.  In 2014, Mossack Fonseca suggested to a New Zealand client that he use a Bahamas bank to obscure his ownership of a company. In 2015, a Spanish client used the Bahamas to bank half a million dollars she did not wish to declare back home. Another Spaniard used Mossack Fonseca’s in-house directors for a company to avoid listing his name in public registers.

Tax reform advocates have criticized tax havens, including the Bahamas, for trumpeting transparency while signing exchange agreements with other tax havens or with small countries unlikely to yield much information of use to poor, tax-starved governments. It signed one such agreement in 2010 with Greenland, which has a population of 57,000.  A Mossack Fonseca employee and a Swiss client “joked” during a meeting in 2014 about a similar agreement between Greenland and another tax haven, Switzerland, according to internal meeting notes.

Bahamas brochureA brochure promoting the Bahamas financial services industry.Today, in advertising material, the Bahamas promotes a “unique approach” that purports to respect international rules yet protect its offshore clients. The Bahamas reassures potential investors that it will share tax information later than most other countries and, even then, only with selected governments that meet stringent technical and confidentiality requirements.

In line with this approach, the Bahamas has not signed the global treaty that helps countries share tax information. The OECD, the treaty’s governing body, calls it the “most powerful instrument against offshore tax evasion and avoidance.” In August, the number of participants hit 103, which includes tax havens and some of the world’s poorest countries.

The Bahamas argues that the cost and administrative burden of automatically exchanging tax details is too high and that client privacy could be jeopardized. The Bahamas claims it will instead uphold international rules through bilateral, or one-to-one, agreements.

“I am very doubtful that jurisdictions that seek to maintain bilateralism on this issue are serious about meeting their commitments even under bilateral agreements,” said Reuven Avi-Yonah, professor of tax law at the University of Michigan and former consultant for the United States and the OECD.

The multilateral convention “is the new global standard,” said Professor Avi-Yonah, “and jurisdictions that are serious about exchange of information sign on to it. I worry that money will flow to the bilateral jurisdictions and no information will be forthcoming.”

The Bahamas, however, has reason to be happy with the status quo. In 2016, the Bahamas expects to earn $17.7 million from offshore company fees.

Recently, when countries met to forge an agreement on swapping tax information between nations, organizers declared that soon tax cheats would have “nowhere left to hide.” The Bahamas’ minister of financial services struck another note with reporters, concluding: “We got everything we wanted.”

Top 10 Most Wanted Nazi War Criminals

A. Alois Brenner – Syria *

Key operative of Adolf Eichmann. Responsible for deportation of Jews from Austria (47,000), Greece (44,000), France (23,500), and Slovakia (14,000) to Nazi death camps.

Status: Lived in Syria for decades; Syrian refusal to cooperate stymies prosecution efforts; convicted in absentia by France. Alois Brunner is the most important unpunished Nazi war criminal who may still be alive, but the likelihood that he is already decreased increases with each passing year. Born in 1912 and last seen in 2001, the chances of his being alive are relatively slim, but until conclusive evidence of his demise is obtained, he should still be mentioned on any Most Wanted List of Holocaust perpetrators.

B. Dr. Aribert Heim – ?? *

Doctor in Sachsenhausen (1940), Buchenwald (1941) and Mauthausen (1941) concentration camps. Murdered dozens of camp inmates by lethal injection in Mauthausen.

Status: Disappeared in 1962 prior to planned prosecution; wanted in Germany and Austria New evidence revealed in February 2009 suggests that he may have died in Cairo in 1992, but questions regarding these findings and the fact that there is no corpse to examine, raise doubts as to the veracity of this information. During the past year, a court in Baden-Baden, Germany closed the case without forensic confirmation of Heim’s death.

    1. Ladislaus Csizsik-Csatary – Hungary

Served as the Commander of the Hungarian police in Kosice (Hungarian-occupied Slovakia) and was in charge of the ghetto of “privileged” Jews; helped organize the deportation to Auschwitz of approximately 15,700 Jews from Kosice and vicinity in spring 1944.

Status: : Convicted in absentia and sentenced to death for torturing Jews and his role in the mass deportation to Auschwitz. Escaped to Canada after World War II, but was stripped of his Canadian citizenship in 1997, and chose to voluntarily leave the country. His whereabouts were unknown until fall 2011 when he was discovered living in Budapest by the Wiesenthal Center in the framework of “Operation: Last Chance.” On July 17, 2012, Csatary was charged with torture of the Jews in the KosiceGhetto, and was placed under house arrest and had his passport confiscated. Currently under house arrest in Hungary, where he awaits possible prosecution. In late March 2013, a Slovak court commuted his death sentence to life imprisonment to enable Slovakia to seek Csatary’s extradition to stand trial for his crimes in Kosice.

    1. Gerhard Sommer – Germany

Former SS-Untersturmfuehrer in the 16th Panzergrenadier Division Reichsfuehrer-SS; participated in the massacre of 560 civilians in the Italian village of Sant’ Anna di Stazzema.

Status: On June 25, 2005, Sommer was convicted in absentia by a military court in La Spezia, Italy for committing “murder with special cruelty” in Sant’ Anna di Stazzema. Since 2002, he has been under investigation in Germany, but no criminal charges have yet been brought against him.

    1. Vladimir Katriuk – Canada

Served as a platoon commander of the first company of Ukrainian Schutzmannschaft Battalion 118 which carried out the murder of Jews and innocent civilians in various places in Belarus.

Status: Escaped to Canada after World War II but was stripped of his Canadian citizenship in January 1999 after his service as a Nazi collaborator was revealed. In May 2007, the Canadian authorities decided to overturn his denaturalization, a decision confirmed by the Federal Court of Appeal in November 2010. New research by Swedish historian Per Anders Rudling revealed Katriuk’s active role in the mass murder of the residents of the village of Khatyn, Belarus and provides a firm basis to overturn the decision not to strip Katriuk of his Canadian citizenship.

    1. Hans (Antanas) Lipschis – Germany

Served in the SS–Totenkopf Sturmbann (Death’s Head Battalion) from October 1941 until 1945 at theAuschwitz-Birkenau death camp where he participated in the mass murder and persecution of innocent civilians, primarily Jews.

Status: Escaped to the United States after World War II, but was deported by the American Office of Special Investigations to Germany in April 1983. Currently under investigation by the German authorities for his role in the Nazi death camp.

    1. Ivan (John) Kalymon – United States

Served in Nazi-controlled Ukrainian Auxiliary Police in Lvov (then German-occupied Poland, todayUkraine) during the years 1941-1944, during which time he participated in the murder, roundups and deportation of Jews living in the Lvov Ghetto.

Status: On January 31, 2011, Kalymon was ordered deported from the United States to Germany,Ukraine, Poland, or any country willing to admit him, for concealing his wartime service with forces in collaboration with Nazi Germany and his participation violent acts of persecution. No such country has yet been found and he therefore remains in the United States.

    1. Soeren Kam – Germany

Volunteered for SS-Viking Division, where he served as an officer; participated in the murder of Danish anti-Nazi newspaper editor Carl Henrik Clemmensen.

Status: In 1999, Denmark requested the extradition of Kam, which Germany refused due to his German citizenship. A subsequent extradition request was refused in early 2007 on the grounds that Clemmensen’s death was not murder but manslaughter, which was under a statue of limitation. Efforts continue to bring Kam to justice either in Germany or in Denmark.

    1. Algimantas Dailide – Germany

Served in the Vilnius District of the Saugumas(Lithuanian Security Police); arrested Jews and Poles executed by the Nazis and local Lithuanian collaborators.

Status: His American citizenship was revoked in 1997 and he was deported from the United States in 2004 for concealing his wartime activities with the Saugumas. In 2006, he was convicted by a Lithuanian court for arresting 12 Jews trying to escape from the Vilnius Ghetto (and 2 Poles), who were subsequently executed by the Nazis, and was sentenced to five years imprisonment. The judges, however, refused to implement his sentence because he was old and was caring for his ill wife and “did not pose a danger to society.” In July 2008, in response to an appeal against the refusal to implement his sentence, Dailde was ruled medically unfit to be punished, without being personally examined by the doctors who provided the expertise.

    1. Mikhail Gorshkow – Estonia

Served as interpreter for the Gestapo in Belarus and is alleged to have participated in the mass murder of Jews in Slutzk.

Status: Fled from the United States to Estonia before he was denaturalized for concealing his wartime service with the Nazis; had been under investigation in Estonia since his arrival several years ago, but in October 2011 the Estonian authorities closed the investigation against Gorshkow, claiming the case was one of “mistaken identity,” a decision which was severely criticized by the United States, Russia, and the Simon Wiesenthal Center.

    1. Theodor Szehinskyj – United States

Served as an armed SS Death’s Head guard at the Gross Rosen (Poland), Sachsenhausen (Germany) andWarsaw (Poland) concentration camps where he actively participated in the persecution of civilian prisoners.

Status: Escaped to the United States after World War II, but was stripped of his American citizenship in 2000 by the Office of Special Investigations and was ordered deported in 2003. To this date, no country has been willing to admit him and he therefore remains in the United States.

    1. Helmut Oberlander – Canada

Served in Einsatzkommando 10a (part of Einstazgruppe D) which operated in southern Ukraine andCrimea and is estimated to have murdered more than 23,000 people, mostly Jews.

Status: Escaped to Canada after World War II, but was stripped of his Canadian citizenship in August 2001, after his wartime service with the Nazis was revealed. In May 2004 his citizenship was restored but it was revoked a second time in May 2007, and that decision was overturned by a Federal Court of Appeal in November 2009. The case is currently pending again.

NAMES ON PREVIOUS LISTS:

  • Karoly (Charles) Zentai
  • Klass Carel Faber (Died May 2012)
  • Sándor Képíró (Died September 2011)
  • Dr. Aribert Heim (Died in 1992; Evidence of Death Uncovered in September 2012)
  • Milivoj Ašner (Died June 2011)
  • Adolf Storms (Died June 2010)
  • Peter Egner (Died January 2011)
  • John Demjanjuk (Died March 2012)
  • Heinrich Boere (Convicted March 2010)
  • Harry Mannil (Died January 2010)
  • Erna Wallisch (Died February 2008)
  • Lajos Polgar (Died July 2006)
  • Ladislav Nizmansky (Acquitted December 2005)
  • Jack Reimer (Died August 2005)

Sources: Dr. Efraim Zuroff, “2013 Annual Report on the Status of Nazi War Criminals,” Simon Wiesenthal Center [PDF] (April 2013); Associated Press (July 30, 2013)

DHS Field Analysis Report: Growing Trend of Ransomware Attacks Targeting Hospitals

 

Growing Trend of Ransomware Attacks Targeting Hospitals and Healthcare Facilities

Page Count: 5 pages
Date: July 21, 2016
Restriction: For Official Use Only
Originating Organization: Department of Homeland Security, Office of Intelligence and Analysis, Oregon Terrorist Information and Threat Analysis Network, Kentucky Intelligence Fusion Center
File Type: pdf
File Size: 700,582 bytes
File Hash (SHA-256):7C06327003FC391E7C97CE2B86E7E07EAF9B04768EB4C793D3409A81F61192C0

Download File

(U) Key Judgments: An uptick in ransomware attacks directed against the healthcare community in the first four months of 2016 underscores the potential vulnerability of all hospital and healthcare provider computer systems.

(U//FOUO) TITAN, KIFC, and I&A have not identified any specific impending or future threats to hospitals or healthcare providers in Oregon or Kentucky.

(U//FOUO) Recent incidents in the United States, Canada, and New Zealand, however, indicate that hospitals and healthcare providers could become victims. There have been six reported ransomware attacks on healthcare organizations in the United States, affecting at least 16 hospitals during the first four months of 2016.

(U) End-user training and education about cybersecurity, threats such as ransomware, and systems vulnerabilities could mitigate such attacks in the future.

(U//FOUO) The healthcare sector has been a desirable target for hackers due to the sensitive nature of patient information contained in their systems. The stakes are very high in the healthcare industry because any disruption in operations and care can have significant repercussions for patients. As such, this industry offers an ideal victim for ransomware, and these attacks are likely to continue—disrupting employee access to important documents and patient data and hampering the ability to provide critical services—creating a public safety concern.

(U//FOUO) Locky will likely decline in the coming months as a new ransomware strain known as SamSam begins to emerge. According to researchers, SamSam, which exploits server vulnerabilities to spread across and infect enterprise networks, may be a precursor to a new generation of ransomware known as “cryptoworms.” Cryptoworms are predicted to penetrate networks through previously known vulnerabilities, blending modern network intrusion tactics based off SamSam with past computer worms that targeted unpatched server vulnerabilities, such as the Conficker and SQL Slammer worms. Organizations that operate on typically less-secure networks should remain especially diligent in prevention efforts.

hospital-ransomware

Exposed – FBI Report on Hillary Clinton E-Mail Investigation for Mishandling of Classified Information

 

Clinton E-Mail Investigation Mishandling of Classified – Unknown Subject or Country (SIM)

Page Count: 58 pages
Date: July 2016
Restriction: None
Originating Organization: Federal Bureau of Investigation
File Type: pdf
File Size: 37,829,437 bytes
File Hash (SHA-256):E9ACBA18350499CE6CE739D165D5BE18C7C27B96C8F474CFABE315F6DC5BCAD4

Download File

On July 10, 2015, the Federal Bureau of Investigation (FBI) initiated a full investigation based upon a referral received from the US Intelligence Community Inspector General (ICIG), submitted in accordance with Section 811 (c) of the Intelligence Authorization Act of 1995 and dated July 6, 2015, regarding the potential unauthorized transmission and storage of classified information on the personal e-mail server of former Secretary of State Hillary Clinton (Clinton). The FBI’s investigation focused on determining whether classified information was transmitted or stored on unclassified systems in violation of federal criminal statutes and whether classified information was compromised by unauthorized individuals, to include foreign governments or intelligence services, via cyber intrusion or other means.

The FBI’s investigation and forensic analysis did not find evidence confirming that Clinton’ s e-mail accounts or mobile devices were compromised by cyber means. However, investigative limitations, including the FBI’s inability to obtain all mobile devices and various computer components associated with Clinton’s personal e-mail systems, prevented the FBI from conclusively determining whether the classified information transmitted and stored on Clinton’s personal server systems was compromised via cyber intrusion or other means. The FBI did find that hostile foreign actors successfully gained access to the personal e-mail accounts of individuals with whom Clinton was in regular contact and, in doing so, obtained e-mails sent to or received by Clinton on her personal account.

Prior to January 21, 2009, when she was sworn in as the US Secretary of State, Clinton used a personally-acquired BlackBerry device with service initially from Cingular Wireless and later AT&T Wireless, to access her e-mail accounts. Clinton initially used the e-mail addresses hr15@mycingular.blackberry.net and then changed to hr15@att.blackberry.net. According to Cooper, in January 2009, Clinton decided to stop using her hr15@att.blackberry.net e-mail address and instead began using a new private domain, clintonemail.com, to host e-mail service on the Apple Server. Clinton stated to the FBI that she directed aides, in or around January 2009, to create the clintonemail.com account, and as a matter of convenience her clintonemail.com account was moved to an e-mail system maintained by President Clinton’s aides. While Cooper could not specifically recall registering the domain, Cooper was listed as the point of contact for clintonemail.com when the domain was registered with a domain registration services company, Network Solutions, on January 13, 2009. Clinton used her att.blackberry.net e-mail account as her primary e-mail address until approximately mid-to-late January 2009 when she transitioned to her newly created hdr22@clintonemail.com account. The FBI did not recover any information indicating that Clinton sent an e-mail from her hr15@att.blackberry.net e-mail after March 18, 2009.

clinton-email-1

Revealed – FBI Cyber Bulletin: Targeting Activity Against State Board of Election SystemsFBI Cyber Bulletin: Targeting Activity Against State Board of Election Systems

 

Targeting Activity Against State Board of Election Systems

Page Count: 4 pages
Date: August 18, 2016
Restriction: TLP: AMBER
Originating Organization: Federa; Bureau of Investigation, Cyber Divison
File Type: pdf
File Size: 524,756 bytes
File Hash (SHA-256):1EE66D31C46FF1F4DE98D36012E705586D6DFF6800B7F051F564D1A7CED58B3E

Download File

The FBI received information of an additional IP address, 5.149.249.172, which was detected in the July 2016 compromise of a state’s Board of Election Web site. Additionally, in August 2016 attempted intrusion activities into another state’s Board of Election system identified the IP address, 185.104.9.39 used in the aforementioned compromise.

Technical Details

The following information was released by the MS-ISAC on 1 August 2016, which was derived through the course of the investigation.

In late June 2016, an unknown actor scanned a state’s Board of Election website for vulnerabilities using Acunetix, and after identifying a Structured Query Language (SQL) injection (SQLi) vulnerability, used SQLmap to target the state website. The majority of the data exfiltration occurred in mid-July. There were 7 suspicious IPs and penetration testing tools Acunetix, SQLMap, and DirBuster used by the actor, detailed in the indicators section below.
Indicators associated with the Board of Elections intrusion:

  • The use of Acunetix tool was confirmed when “GET /acunetix-wvs-test-for-some-inexistent-file – 443” and several requests with “wvstest=” appeared in the logs;
  • The user agent for Acunetix was identified in the logs –”Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.21++(KHTML,+like+Gecko)+Chrome/41.0.2228.0+Safari/537.21″;
  • The use of SQLMap was confirmed after “GET /status.aspx DLIDNumber=1′;DROP TABLE sqlmapoutput” appeared in the logs;
  • The user agent for SQLMap is “Mozilla/5.0+(Macintosh;+U;+Intel+Mac+OS+X+10.7;+en-US;+rv:1.9.2.2)+ Gecko/20100316+Firefox/3.6.2 200 0 0 421” (These are easily spoofed and not inclusive of all SQLMap activity);
  • The user agent for the DirBuster program is “DirBuster-1.0- RC1+(http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project<http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project&gt; )”;

IP Addresses:

  • 185.104.11.154
  • 185.104.9.39
  • 204.155.30.75
  • 204.155.30.76
  • 204.155.30.80
  • 204.155.30.81
  • 89.188.9.91
  • 5.149.249.172 (new, per FBI)

Recommendations

The FBI is requesting that states contact their Board of Elections and determine if any similar activity to their logs, both inbound and outbound, has been detected. Attempts should not be made to touch or ping the IP addresses directly.

Windbeutel und Bankrott-Tourist von Holst schreit nach Rache und steigert Besucherzahlen

Als Reaktion auf die Aufdeckung seiner diversen Machenschaften durch angesehene englische Medien wie Daily Mail und mich – siehe

https://www.google.com/search?q=rainer%20von%20holst

 

Uns und auch Ihnen wird von Holst kein X als U verkaufen können, wie er das mit dem Verkauf von illegalen Investments, seiner illegalen Bank und seinen nicht-existenten Betrügerfirmen tausendfach versucht hat und noch immer versucht. Er hat schon genug angerichtet.

Siehe auch die Wallstreet-Diskussion über den Bielefelder Scharlatan und Windbeutel:

http://www.wallstreet-online.de/diskussion/1222551-1-10/unternehmen-firmenwelten-ag-bielefeld

Der Name Rainer von Holst ist so belastet, dass er sich bis dato nicht TRAUT eine Facebook-Seite, einen eigenen Blog, einen Twitter-Account oder sonst etwas im Internet unter eigenem Namen zu publizieren. Denn wegen der Anschläge auf “GoMoPa”  und dem Einbruch bei wird auch gegen von Holst ermittelt.

Warum wohl ?

Und das bei so einer Type der Staat und die STASI Synonyme sind, sagt eigentlich eh schon alles.

Doch wie sagt der Volksmund: “Wer anderen eine Grube gräbt, fällt selbst hinein.”

Windbeutel Rainer von Holst – wie immer anonym unterwegs – beschert uns einen kräftigen Besucherzuwachs und ich an sage an dieser Stelle: “Danke, alter Windbeutel, bitte weiter schlampig schreiben !”

Nur weiter so. Unsere Anzeigenkunden freut es auch…

 

 

The Cyberpunk Revolution revealed

Punk is resistance. During the 1980s and ’90s, the subculture was resistance of a special kind: heavy on fashion and light on politics. Punk generated eccentric hairstyles, tattoos, boots and leather outfits, drug habits, and hard-core music that oozed being against stuff. Yet fashion trumped direct action. Punk was aesthetic anarchy.When computers and networks were added to the mix, cyberpunk was born. The 1990s were a time of extraordinary hope. The decade came barging right through Brandenburg Gate, with the Berlin Wall crashing down in the background. The end of the Cold War and the peaceful collapse of the Soviet Union released an intoxicating sense of optimism, at least in the West. Washington debated the “end of history,” with liberal market economies coming out triumphant. In the Persian Gulf War of 1991, perhaps America’s shortest and most successful ground war operation to date, the Pentagon overcame the mighty Iraqi army — and with it the lingering Vietnam hangover. Silicon Valley and America’s technology startup scene, still bathing in the crisp utopian afterglow of the 1980s, watched the rise of the New Economy, with vertigo-inducing growth rates. Entrepreneurs rubbed their hands in anticipation. Intellectuals were inebriated by the simultaneous emergence of two revolutionary forces: personal computers and the internet. More and more PC owners connected their machines to the fast-growing global computer network, first with clunky, screeching modems, then with faster and faster broadband connections.

But amid the hype and a slowly but steadily growing economic bubble, it dawned on a number of users that something was missing: privacy and secure communications. History, thankfully, was gracious. Even more than that: nature itself was generous to humans in front of plastic keyboards. Unrelated to either PCs or the internet, cryptographers had made a third and no less far-reaching discovery in the 1970s. They didn’t just invent a technology; more like explorers than innovators, they discovered an algorithm based on a beautiful mathematical truth. That truly revolutionary technology was finally unleashed for widespread public use in June 1991: asymmetric encryption, also known as public-key cryptography.

When free crypto was added to the computer underground, “crypto anarchy” emerged. Now people with mirror shades, modems, and PCs could be against stuff. And even better, despite the decade’s spirit for unrestrained optimism, they had found something concrete to be against: the government’s attempts to regulate ciphers. And so cypherpunk was born, a pun on “cyberpunk.” The ideology was powerful — far more powerful and durable than those whimsical and short-lived names implied.

Cryptography is the art of secret communication. Diplomats and military commanders began using secret keys to encrypt their missives thousands of years ago, long before the invention of computers or even the telegraph. To establish secret communication, participants must first have the secret key. Thus arises the problem of key distribution— how to share a secret key with all participants of a secure conversation before the conversation starts. For centuries, key distribution gave large organizations a big advantage. The more resourceful a state’s military and intelligence establishment, the more easily it could manage the logistics of key distribution.

Perhaps the single most significant invention in the history of cryptography came to be in 1973: public-key encryption, or “nonsecret” encryption, as its inventors called it. It is probably the only mathematical algorithm that spurned its own political philosophy. Ironically, “nonsecret” encryption was first discovered in secret at the British eavesdropping agency Government Communications Headquarters (GCHQ). And it was kept secret for many years.

Public-key encryption was revolutionary for a simple reason. It solved the age-old security problem of key distribution. Sharing a secret key had previously required a secure communication channel. If Alice wanted to send Bob a secret message, she would first need to share the secret key with him. But a secret could not be shared on an insecure channel. Suppose Alice sent Bob a letter containing the secret key and asking him to use it to scramble their subsequent correspondence — say, by replacing every letter with a specified alternative letter. Eve (cryptographers like to call the supposed evil eavesdropper “Eve”) could simply intercept the letter and make a copy of Alice’s secret key en route to Bob. Eve would then be able to read all future messages encrypted with this key.

Perhaps the single most significant invention in the history of cryptography came to be in 1973: public-key encryption, or “nonsecret” encryption, as its inventors called it.

By the 1960s, the British military had started worrying. Tactical radio had become more widespread, along with computers and telecommunication technology, making the problem of key distribution worse. “The management of vast quantities of key material needed for secure communication was a headache for the armed forces,” recalled one of the British government’s leading cryptographers at the time, James Ellis. Ellis first believed, as was generally assumed then, that no secret communication was possible without a secret key first being shared. His view changed with the random discovery of a World War II report, “Final Report on Project C-43,” by a Bell technician, Walter Koenig, also prepared under an NDRC contract.

Back in October 1944, Koenig had suggested a theoretical way of securing a telephone call by having the recipient of a call add noise to the signal and then subtract it afterward. Only Bob could subtract the noise, because only he knew what he had added in the first place. An eavesdropper, Eve, simply would not know how to modify the noise, because she wouldn’t have access to the noise that had been added to the phone conversation in the first place.

The system was impractical at the time. But Ellis got the decisive and entirely counterintuitive cue: there was no need to assume that only the sender could modify the message; the recipient could have a role as well. “The noise which had been added,” Ellis wrote in 1970, “had been generated by the recipient and is not known to the sender or anyone else.” The recipient, therefore, “takes an active part in the encipherment process.” In theory, at least, Ellis seems close to solving the age-old key distribution problem.

Now the secret British cryptographers needed to find a mathematical way to enable the recipient to take part in ordinary encryption and decryption. “The unthinkable was actually possible,” Ellis recalled. But because he was not a mathematician, he could not solve the underlying challenge of finding a suitable one-way function, a mathematical operation that could be performed in only one direction — something that could be done but not undone.

Three years after Ellis’s thought experiment, in 1973, a young Cambridge mathematician, Clifford Cocks, joined the spy agency in Cheltenham. Six weeks into his job, a supervisor casually told Cocks about Ellis’s “really whacky idea.” Cocks understood that finding a suitable one-way function had been the problem. The 22-year-old had worked on number theory before, and the problem of factoring — finding how a number could be divided into other numbers — was familiar to him. “If you wanted a function that couldn’t be inverted,” he remembered, “it seemed very natural to me to think of the concept of multiplying quite large prime numbers together.”

Multiplying two large primes is easy, even if they are more than a hundred digits long. Factoring the two numbers from the much larger product is hard — very hard. It took the freshly recruited spy about thirty minutes to come up with this prime solution. “From start to finish, it took me no more than half an hour. I was quite pleased with myself. I thought, ‘Ooh, that’s nice. I’ve been given a problem, and I’ve solved it.’ ”

Cocks didn’t grasp the implications of what he had just done. But soon colleagues started approaching the wunderkind from Cheltenham in admiration. The young mathematician’s discovery seemed immediately applicable to military communications, and it would become one of GCHQ’s most prized secrets. The only person Cocks could tell was Gill, his wife, who also worked for the spy agency. GCHQ called its discovery “nonsecret encryption.”

But there was a problem. In the mid-1970s, room-sized mainframe computers were not yet sufficiently powerful to crunch large primes into a secure one-way function fast enough. Neither GCHQ nor the National Security Agency (NSA) turned the theoretical possibility of nonsecret encryption into a practical algorithm or crypto product that could actually be used to secure communications. Computers, ironically, were one of the main reasons why cryptographers in the shadows neglected the magic of public keys — and why those in the open discovered this magic.

Meanwhile, a few public academics kept working hard on solving the puzzle of how to exchange a shared secret on a nonprivate channel. Unsurprisingly, the breakthrough happened in the San Francisco Bay Area of the mid-1970s, with its inspiring mix of counterculture and tech entrepreneurship. These pioneers were Whitfield Diffie and Martin Hellman of Stanford University, and Ralph Merkle of UC Berkeley. Their discovery resembled what the British spy agency had already found in secret.

In November 1976, a history-changing article appeared in an obscure journal, IEEE Transactions on Information Theory. It was titled “New Directions in Cryptography.” Diffie and Hellman knew that computers would be coming to the people, as Stewart Brand had just reported from the mesmerized Spacewar players on their own campus. And they knew that these computers would be networked. “The development of computer controlled communication networks promises effortless and inexpensive contact between people or computers on opposite sides of the world,” they wrote in the introduction to their landmark paper. Computer networks, the two cryptographers believed, would be “replacing most mail and many excursions.” Going digital posed a new security problem.

A good old-fashioned paper contract could be signed, sealed, and mailed reasonably securely. Anyone could easily recognize a handwritten signature as authentic, but no one other than the legitimate signer could easily produce it. “This paper instrument,” they wrote, needed to be digitally reproduced. The task was hard. The simple paper system didn’t just work; it worked on a very large scale, and it worked cheaply. Their answer was a public-key cryptosystem, in which “enciphering and deciphering are governed by distinct keys.”

Diffie and Hellman had now suggested a theoretical solution, but much like Ellis at GCHQ four years earlier, they had not found a practical mathematical function that actually implemented this cunning scheme. Yet they inspired dozens of other cryptographers to try. It took about four months.

The solution emerged on April 3, 1977 — on Passover. Ron Rivest, Adi Shamir, and Leonard Adleman, three MIT academics, discovered an actual and elegant method for public-key cryptosystems, after experimenting with more than forty mathematical functions. Rivest, then a 29-year-old assistant professor, was the driving force. That evening, after returning home from a seder with friends that included Adleman and Shamir, he had the eureka moment while sitting on a sofa after midnight, eyes closed: the desired one-way function could be based on very large, randomly chosen prime numbers, over a hundred digits long.

Rivest’s idea exploited the same curious one-way property of large primes that Cocks had discovered in secret. But the academic trio moved right to implementation. The numbers are easily multiplied, but it is nearly impossible to reverse the step and find the two primes that were used to generate the product. Multiplication took seconds; factoring would take millions of years, even with the most powerful computers. The algorithm that Rivest, Shamir, and Adleman suggested took advantage of this asymmetric factorization problem. The public encryption key would contain the product; the private decryption key would contain the two primes. It was safe to share the public key on an insecure channel because the factorization problem was so hard that it was, in effect, already encrypted, scrambled by a one-way function that was easy to perform but nearly impossible to reverse. It was magic.

In April 1977, the trio drafted a technical memo that would soon send shivers down the spine of the NSA. The memo remained obscure at first. After typing it up, Rivest mailed it out for informal review to colleagues, addressed simply as the Computer Science Lab at MIT, 545 Technology Square, Cambridge, MA. One of the recipients of this first draft was Martin Gardner, a columnist at Scientific American. Gardner saw the idea’s potential and mentioned Rivest’s work in the popular “Mathematical Games” column in August 1977.

Gardner announced a “new kind of cipher that would take millions of years to break.” He didn’t have space for technical details, so the column referred to the memo that was “free to anyone who writes Rivest at the above address enclosing a self-addressed, 9-by-12-inch clasp envelope with 35 cents in postage.” The column also mentioned that the National Science Foundation and the Pentagon, more specifically the Office of Naval Research, had funded this remarkable crypto work.

The response was overwhelming. Seven thousand letters came flooding in. They came from all over the world. “Some were from foreign governments,” Rivest recalled. They all wanted to get their hands on Rivest’s revolutionary encryption algorithm in Technical Memo Number 82.

NSA employees also read Gardner’s column in Scientific American. Cocks’s innocent secret discovery in Cheltenham now made the NSA become defensive, and the agency overreacted. Inside the Triple Fence the story sounded not as if somebody was simply making an important discovery, but as if academics were stealing a secret that America’s spies already possessed and guarded closely. That was a problem. The powerful Fort Meade machinery sprang into action.

Strong crypto was becoming a public good, no longer a privilege of governments and companies. And what GCHQ had called nonsecret encryption was about to inspire an entire set of ideas — some realistic, some utopian — that would come to shape the 21st century.

The public spread of cryptographic knowledge needed to stop, so the spies looked into changing legislation. The agency put pressure on academic publishers. NSA employees warned cryptographers that presenting and publishing their research could have legal consequences. They issued gag orders. Fort Meade tried to censor the National Science Foundation and to take over funding crypto research directly. Vice Admiral Bobby Inman, then the director of America’s most secretive agency, even tried a softer approach: he gave the first public interview ever in the NSA’s history to Science magazine.

“One motive I have in this first public interview is to find a way into some thoughtful discussion of what can be done between the two extremes of ‘that’s classified’ and ‘that’s academic freedom,’” Inman told the magazine. The Texas-born naval career officer said he was deeply concerned about the “burgeoning” academic interest in this field, although he did not explicitly mention public-key encryption. He doubled down and gave a speech on the growing interest in “public cryptography” five months later, in March 1979, to the Armed Forces Communications and Electronics Association:

There is a very real and critical danger that unrestrained public discussion of cryptologic matters will seriously damage the ability of this government to conduct signals intelligence and the ability of this government to protect national security information from hostile exploitation.

The academic discovery meant that sources would soon go dark, the NSA feared.

GCHQ’s tightly guarded secret was no longer a secret. The NSA would try everything it could to stop strong crypto from going public, and it would continue to try over the next two decades: cutting government funding of cryptographic research, or taking over the funding; vetting papers before publication; threatening scholars with criminal proceedings, or trying to convince them that publication damaged the national interest. The agency’s attempts to stop crypto were clumsy and ham-handed. Even their most potent tool, classifying encryption as a weapon under the International Traffic in Arms Regulations, would ultimately fail.

The NSA’s attempts to reign in crypto in the late 1970s foreshadowed a trend: the government’s endeavors to counter the rise of strong encryption confirmed the worldview of those who were inclined to distrust Washington’s secret machinations. The leaked Pentagon Papers and the ensuing Watergate affair earlier in the decade had eroded trust in the federal government, especially on the libertarian left. Resistance was brewing.

Rivest, Shamir, and Adleman’s motivation was a conservative one. They wanted to preserve the status quo, not topple it: “The era of  ‘electronic mail’ may soon be upon us,” the trio suspected, correctly. It was therefore the task of cryptographers to “ensure that two important properties of the current ‘paper mail’ system are preserved”: privacy and authentication — that messages remained confidential and they could be signed.

Public-key cryptography made it possible to keep a message private: The sender would scramble the clear text with a key that the recipient had “publicly revealed.” Then the recipient, and only the recipient, could use the matching private key to unscramble the message’s ciphertext. But the new technique could do even more. Public-key cryptography made it possible to “sign” a message electronically, by doing exactly the opposite: having the sender encipher a signature with a privately held encryption key, thus enabling the recipient to verify the message’s origin by deciphering that signature with the sender’s publicly revealed key, thereby proving that only one party, the legitimate sender, could have scrambled the message’s signature. Everybody could decipher and read the signature, but in only one way: with the sender’s public key.

This form of authentication was like a handwritten signature on steroids: signatures could be verified by everybody and forged by nobody. Electronic mail could now be even better than old-fashioned snail mail, with sealed envelopes that only the intended recipient could open and signatures that were impossible to fake, guaranteeing confidentiality and authenticity.

Perhaps the best part was that the “public” in public-key encryption really had two meanings: the key was public and, equally important, the method was simple enough for widespread public use. That was because the cryptographic breakthrough came just at the right time. It coincided with the advent of the mass-market personal computer, the PC, and soon the spread of the internet. Strong crypto was becoming a public good, no longer a privilege of governments and companies. And what GCHQ had called nonsecret encryption was about to inspire an entire set of ideas — some realistic, some utopian — that would come to shape the 21st century.

The mix was potent: computers, networks, and public keys clearly would have a huge impact. But exactly what kind of impact it would be wasn’t obvious. A few scholars who were tracking the pulse of recent technical developments started exploring these possibilities. One of them was David Chaum.

Throughout the 1980s, Chaum was torn between fear and hope. The Berkeley graduate looked like a cliché: gray beard, full mane of hair tied to a ponytail, and Birkenstocks. Chaum was concerned that “automation of the way we pay for goods and services” was advancing in large strides. He shuddered at the prospect of somebody else connecting the dots of his life. Chaum knew that an irritatingly detailed picture could be pieced together from hotel bookings, transportation, restaurant visits, movie rentals, theater visits, lectures, dues, and purchases of food, pharmaceuticals, alcohol, books, news, religious and political material. “Computerization,” he lamented in 1985, “is robbing individuals of the ability to monitor and control the ways information about them is used.”

Individuals in both the private and public sectors would routinely exchange such personal information about consumers and citizens. The individual user, Chaum was concerned, would lose control and visibility; there was no way to tell whether the information collected in bulk was accurate, obsolete, or inappropriate. “The foundation is being laid for a dossier society, in which computers could be used to infer individuals’ life-styles, habits, whereabouts, and associations from data collected in ordinary consumer transactions.” Such an outcome, Chaum suspected, would be unacceptable to many.

Thankfully, public-key encryption had emerged just in time to save privacy from automation, computerization, and data-hungry corporations and governments. So Chaum started working on concrete solutions: untraceable electronic mail, digital pseudonyms, anonymous credentials, and general protection of privacy. Chaum is best known for yet another revolutionary cryptographic discovery: blind signatures.

The nondigital equivalent to a blind signature would be using carbon paper to sign a letter that is already in an envelope, without having read the letter first. A signature, in short, is blind when the content of a message is disguised before the signature is added. This signature can then be used to verify the undisguised message.

Many of these early cryptographers had been exposed to a powerful streak of American culture: civil libertarianism with its deep-seated distrust of the federal government — or of any government.

Chaum had two situations in mind where blind signatures could be put to use: one was digital voting. Alice might want to prove that she cast a vote in an election while keeping her actual vote anonymous. Chaum’s sophisticated digital blind signature scheme made this possible. A voter could sign the ballot without revealing the cast vote. It became possible to confirm all this electronically: Alice votes anonymously, Bob sends her a blind receipt, and Eve doesn’t see any of it.

But Chaum’s true passion was another purpose for using blind signatures: digital cash. In 1983, he suggested a “fundamentally new kind of cryptography” that would enable a better form of money: third parties could not determine payee or the time or amount of the payment. Individual privacy and anonymity was guaranteed, as when paying cash at a gas station or in a drugstore. At the same time, individuals could provide proof of payment, and they could invalidate payments if someone stole their medium of payment, as when using old-fashioned credit cards.

Chaum combined the best of both worlds: the anonymity of cash and the security of plastic. The article that spelled out the idea became one of his most influential papers, “Numbers Can Be a Better Form of Cash Than Paper.” But using this improved form of cash was not only about convenience and security. If crypto cash would not be adopted widely, Chaum feared, “invisible mass surveillance” would be inevitable, “perhaps irreversible.”

Chaum’s idea was magically simple and powerful. Steven Levy, a perceptive chronicler of the grand cryptography debate of the 1990s, called him the “Houdini of crypto.” So powerful were Chaum’s ideas that an entire movement arose. That movement believed crypto was en route to making the state as we know it obsolete.

Many of these early cryptographers had been exposed to a powerful streak of American culture: civil libertarianism with its deep-seated distrust of the federal government — or of any government. Counterculture, with its focus on free speech, drugs, and sexual liberation, was constantly pushing the boundary of what was legal. Meanwhile, the NSA’s hysterical reaction to basic crypto scholarship amplified this hostility toward government in the emerging computer underground of the 1980s. So it was no coincidence that Bay Area cryptographers unearthed what would become one of the most potent political ideas of the early 21st century.

One of the intellectual founding fathers of the nascent crypto movement was Timothy May. The son of a naval officer, May grew up in a suburb of San Diego. When Tim was 12, his father was posted to Washington and the family made the move to the East Coast. Young Tim, not even a teenager, joined a local gun club. A fascination with firearms would stay with him. He later owned a .22 revolver, a .357 Magnum, an AR-15 assault rifle, a Ruger, a pair of SIG Sauers, and other weapons. Holding a pleasantly heavy, cold metallic firearm felt liberating and empowering. So did reading Ayn Rand, the queen of youthfully aggressive libertarianism.

May was a ferocious reader of fiction as well as nonfiction. Crypto was so new and so radical in its implications that inspiration simply couldn’t come from science, he thought; it could only come from science fiction. Vernor Vinge’s novella “True Names” came to May’s attention in 1986. “You need to read this,” a friend told him, giving him a dog-eared Xerox copy of the entire short story. Vinge feared total identification and transparency: “It occurred to me that a true name is like a serial number in a large database,” the science fiction writer recalled later. The names could serve as identifiers, connecting otherwise disparate information, as what intelligence officers call “selectors.” Whoever had access to a true-names database would have power over the objects in the database.

Vinge’s 1981 novella spelled out the very same tension that was driving Chaum’s fear of the “dossier society” at the very same moment. May was “riveted,” he said later. He thought the story articulated a number of themes that were swirling around in “computer circles” at the time — notably, the role of digital money, anonymity, pseudonyms and reputations, and countering the government’s interest to impose control “in cyberspace.”

‘Encryption makes it easy and even safe to ignore most local laws about what can be done in cyberspace.’ – Timothy May

Cyberspace was a familiar notion to May, even before it was articulated under that name. May keenly followed science and technology trends, including Jaron Lanier’s early work on virtual reality. The September 1984 issue of Scientific American, the software issue, had on its cover a visualization of Mandala, Lanier’s visual programming language. May, then working at Intel, had also contributed an illustration to that issue: a blue-and-green scan of an electron micrograph showing a small part of an Intel 80186 microprocessor. One day that September, May ran into Lanier at Printers Inc., an independent bookstore in Palo Alto and a gathering spot for San Francisco Peninsula intellectuals, not far from Stanford University. Lanier was sitting two stools over, and they struck up a conversation about cyberspace.

“Encryption makes it easy and even safe to ignore most local laws about what can be done in cyberspace,” May later argued. For May and many other crypto anarchy pioneers, this change was a first-order opportunity. In true cyberpunk fashion, May took the space idea literally. “There is no reason to expect that this capability won’t be a major reason to at least partly move into cyberspace,” May wrote at the time. The nostalgic frontiersman expected that the World Wide Web’s explosive growth, secure communication, and the coming availability of digital money would accelerate the “long-awaited colonization of cyberspace.”

In mid-1988, 10 years after Rivest’s pathbreaking discovery and two years after reading Vinge’s “True Names,” May penned the “Crypto Anarchist Manifesto,” whimsically modeled on another famous manifesto with revolutionary ambitions: “The technology for this revolution — and it surely will be both a social and economical revolution — has existed in theory for the past decade,” May wrote, “but only recently have computer networks and personal computers attained sufficient speed to make the ideas practically realizable.”

Vernor Vinge. Photo by Lisa Brewster/Flickr/Creative Commons

The possibilities were extraordinary. “Two persons may exchange messages, conduct business, and negotiate electronic contracts without ever knowing the True Name, or legal identity, of the other,” May wrote in his manifesto, using capital letters in honor of his favorite science fiction author. Then May mobilized that most powerful American myth, the Frontier. Barbed wire, a seemingly minor technical invention, had enabled the fencing off of vast ranches and farms in the open rangeland of the West. Barbs on wire had altered forever the concepts of land and property rights in the frontier states, and it had caused the Fence Cutting Wars a century earlier. May sided with the wire-clipping cattlemen and cowboys. On the electronic open range, the barbed wire need not be accepted as immutable fact.

The comparison was odd, but it sounded powerful: Crypto was a game changer. It also emerged as a seemingly minor technical invention at first, from some obscure branch of mathematics. But this time, technology worked for freedom and liberty, and against those who wanted to build fences around their property. For May, crypto was like “the wire clippers” that would dismantle the illegitimate fences around intellectual property. The federal government, he observed with horror, wanted to slow or halt the spread of this technology, and Washington justified the clampdown with vague references to national security. And yes, just as in True Names, criminals would abuse it and take advantage of the renewed liberties. But none of this would stop the rise of crypto anarchy, May knew. He ended his pamphlet with this battle cry: “Arise, you have nothing to lose but your barbed wire fences.”

The “Crypto Anarchist Manifesto” already contained the seeds of what would become a potent political ideology: technology itself, not humans, would make violence obsolete. May distributed his pamphlet electronically and in print among like-minded activists at the Crypto ’88 conference in Santa Barbara and again at the Hackers Conference that year. But something was missing. The message didn’t quite get out.

By early 1992, Timothy May and a friend, Eric Hughes, were becoming annoyed with the glacial progress of actual cryptographic technologies that could be used by normal people. Yes, Phil Zimmermann had just released his home-brewed PGP (for “Pretty Good Privacy”) 1.0 to the public. This was a significant step. Zimmermann, in violation of export control regulations as well as patent law, gave public-key encryption to the people. And the uptake of his rogue app, as well as the uproar, was big. But the first version of PGP was buggy and clunky to use. Much more was possible, and May and Hughes knew it.

May had a taste for rugged frontier individualism, often sporting a wide-brimmed Stetson hat — a true crypto cowboy. The curious physicist had recently retired from Intel as a self-made man at forty, now independently wealthy and living on a self-sufficient ranch in the Santa Cruz Mountains. Back in 1970, young May had read the Whole Earth Catalog, and he later subscribed to the Whole Earth Review. He also was a former member of the Homebrew Computer Club.

The last issue of the Whole Earth Catalog, the counterculture publication created by Stewart Brand. Photo by Scorzonera/Flickr/Creative Commons

Stewart Brand. Photo by cellanr/Flickr/Creative Commons

Hughes was just under 30, with blond hair halfway down his back and a long wispy beard. He had studied math at Berkeley. In May 1992, Hughes came down to Santa Cruz from Berkeley to hunt for a house. But the two men were drawn into their common passion: crypto anarchy. “We spent three intense days talking about math, protocols, domain specific languages, secure anonymous systems,” May said later. “Man, it was fun.” The crypto rebels had been inspired by Martin Gardner’s famous 1977 column from Scientific American, 15 years after it came out. “Wow, this is really mind-blowing,” May had thought when he read the piece.

May and Hughes began to rope in others. A group of 16 people started meeting every Saturday in an office building near Palo Alto full of small tech startups. The room had a conference table and corporate-gray carpeting. Stewart Brand was at one of the first meetings, as were Kevin Kelly and Steven Levy, the two Wired writers. They were all united by that unique Bay Area blend: passionate about technology, steeped in counterculture, and unswervingly libertarian.

The crypto group also shared one other thing: a frustration with the slow pace of cryptographic progress. Chaum’s ideas were 10 years old, yet there was still no digital cash, no anonymity by remailer, no privacy, and no security built into the emerging cyberspace. They played games, simulating encrypted messages with envelopes, sometimes for up to four hours, with role playing to see how cryptographically guaranteed anonymity would play out in the marketplace. Simply by using envelopes, the group simulated signatures, trust and reputation systems, and even online black markets.

But already at these first meetings, some were concerned that anonymity could be abused. “Seems like the perfect thing for ransom notes, extortion threats, bribes, blackmail, insider trading and terrorism,” Kelly said to May during an interview in Santa Cruz in the fall of 1992, referring to these early ideas for black markets. Brand shared this skeptical view and had already banned anonymity on the WELL for similar reasons. May was unfazed. “Well, what about selling information that isn’t viewed as legal, say about pot-growing, do-it-yourself abortion?” the self-described anarchist responded to Kelly. “What about the anonymity wanted for whistleblowers, confessionals, and dating personals?”

Most activists sided with May. In September 1992, a few crypto pioneers decided to do the obvious: take their meetings from the Palo Alto office into cyberspace and organize themselves in a mailing list. People were just beginning to use e-mail accounts, so an email list seemed the best and most open way to network the group. Unlike on the WELL up in Sausalito, no membership fees were required and, more important, everyone could sign up anonymously. The list was open; no finger files wanted. Everybody could subscribe by simply emailing cypherpunks-request@toad.com. The list was hosted on a machine owned by John Gilmore, an early San Francisco–based crypto activist with a long mane, a flimsy beard, and a keen interest in recreational drugs. Gilmore was one of five original employees at Sun Microsystems, and like May, he was independently wealthy at a relatively young age.

Cypherpunk hailed from science fiction. The name was a giveaway, of course. “You guys are just a bunch of cypherpunks,” Jude Milhon exclaimed at one of the group’s first meetings. Then an editor at Mondo 2000, Milhon was better known as St. Jude, a boisterous feminist hacker remembered for demanding that “girls need modems.” St. Jude’s play on words combined the then piping-hot science fiction trend with the British spelling of “cypher.” The would-be anarchists loved their new hipster nickname. “The ‘cyberpunk’ genre of science fiction often deals with issues of cyberspace and computer security,” May explained later, “so the link is natural.” May went up to Berkeley to a couple of Mondo parties hosted by Ken Goffman and his successor as the magazine’s editor in chief, Alison Bailey Kennedy (a.k.a. Queen Mu).

In November 1992, St. Jude, herself a WELL member, ran one of the first stories on the nascent crypto movement in her ultimate cyberpunk magazine. Milhon related the appropriately cryptic anecdote about meeting two masked cypherpunks at a Screaming Meemees concert in the Black Hole, a Bay Area club.

“Actually, unmasking your real identity could be the ultimate collateral,” one of the masked punks told her. “Your killable, torturable body. Even without kids, you’ve got a hostage to fortune — your own meat.”

“AAIEEeeee,” Milhon responded. “That’s great covert gear you got there, guys.”

“The revolutionists can be contacted at cypherpunks@toad.com,” she added.

Crypto anarchy spread. Soon, local chapters popped up in London, Boston, and Washington. Like any reputable subculture phenomenon, the cypherpunks had their own jargon: pseudonyms and anonymous handles simply became “nyms,” for instance, and they called themselves simply “c-punks.”

Steven Levy and Kevin Kelly attended some of the first Palo Alto c-punk meetings. Levy portrayed the new movement in a famous cover story for Wired, in the magazine’s second issue, which came out in May 1993. On the cover were Eric Hughes, Tim May, John Gilmore, holding up an American flag, their faces hidden behind white plastic masks, Gilmore even sporting an EFF T-shirt complete with the internet address of the then newly founded Electronic Frontier Foundation. The geeky rebels had their PGP fingerprints written on the foreheads of the masks.

The same year, in the summer of 1993, Kelly published a long story about the crypto anarchists in the anniversary issue of the Whole Earth Review, guest-edited by its founder, Stewart Brand. Earlier that year, Mosaic 1.0 had been released, the world’s first browser that could display graphics and text on the same page. The software, distributed for free, brought the web to life with color and images. Traffic exploded. The Whole Earth Review pointed out that the blooming network made encryption ever more necessary.

By November 1992, when Mondo first mentioned the list, it had about 100 members, including journalists and even a few people with .mil addresses. Radical libertarians dominated the list, along with “some anarcho-capitalists and even a few socialists.” Many had a technical background from working with computers; some were political scientists, classical scholars, or lawyers. Two years into cypherpunk, the list had about five hundred people on it, after outages on the host machine had knocked the list back from more than seven hundred subscribers. The opinions didn’t easily separate according to the political left and right, so the founding cypherpunks advised members not to rant on hot-button issues, like abortion or guns.

The list, and indeed the group, had no formal leadership. “No ruler = no head = an arch = anarchy,” May clarified, and he recommended looking up the etymology of the word “anarchy,” just to be sure. Eric Hughes administered the list for the first years. The emerging movement had no budget, no voting, no leaders. Yet the community remained active for many years. John Gilmore did the math: from Dec. 1, 1996, to March 1, 1999, the list processed 24,575 messages. That’s approximately 30 messages each day for more than 800 days.

But science fiction wasn’t just a namesake. Fiction stoked the cypherpunk movement’s utopian ideas. On the list, as well as in articles and FAQs, May recommended to “read the sources.” Those sources were not scientific articles on encryption or possibly pamphlets of libertarian or anarchist political thought. No, the recommended sources were novels — namely, George Orwell’s “1984,” John Brunner’s “The Shockwave Rider,” Ayn Rand’s “Atlas Shrugged,” and especially Vernor Vinge’s “True Names.” In fact, Vinge’s work is referenced about 20 times in the “Cyphernomicon,” a sprawling 300 page log that is perhaps the closest thing the movement has to a canonical document, organized as an appropriately messy and never-ending list of frequently asked questions. The only nonfiction source recommended in the document was Chaum’s classic 1985 article “Security without Identification.”

Fiction stoked the cypherpunk movement’s utopian ideas.

Inspired by fiction, the activists debated what was “holding up the walls of cyberspace,” as May put it. Science Fiction writer William Gibson had famously described the new virtual realm of cyberspace as a consensual hallucination. The crypto activists didn’t like that phrase. Something merely consensual wouldn’t cut it. The new frontier couldn’t just be hallucination. Their idea of cyberspace was rock solid, sturdy enough to withstand the assembled might of the US government, FBI agents and NSA spooks included. This explains why True Names holds much more appeal for the cypherpunks than Neuromancer does.

Vinge’s heroic protagonist — Roger Pollack, a.k.a. Mr. Slippery — was a successful middle-class professional with a suburban house, garden, and car. But on the Other Plane, the Feds suddenly appeared powerless, at the mercy of anonymous hackers equipped with superior power, in need of Pollack’s help. Gibson’s drug-ravaged and addicted hustler Henry Dorsett Case in his novel “Neuromancer” was the most unappealing contrast. Cyberspace couldn’t just be a collectively imagined illusion; the cypherpunks preferred to see the vast online frontier as a new territory that could be as rugged and dangerous to outsiders as the high plains of the Rocky Mountains. The question that hardened the walls of cyberspace was therefore a pertinent one. May tackled it in one of his longer essays:

What keeps these worlds from collapsing, from crumbling into cyberdust as users poke around, as hackers try to penetrate systems? The virtual gates and doors and stone walls described in True Names are persistent, robust data structures, not flimsy constructs ready to collapse.

The answer, by now, was obvious. Cryptography provided the “ontological support for these cyberspatial worlds,” he understood. The astounding mathematical power of quite large primes guaranteed enduring structures in the vastness of a new space that could now be safely “colonized,” May believed. Owning a particular “chunk of cyberspace,” he explained, meant running software on specific machines and networks. And the owners of such virtual properties made the rules. They set access policies and determined the structure of whatever was to happen there: “My house, my rules.” Anybody who didn’t like the rules in a particular virtual world would be welcome to stay away. And, May was convinced, anybody who wanted to call in old-fashioned governments to force a change of the rules would face an uphill battle.

For the libertarian minded, crypto anarchy meant that “men with guns” could not be brought in to interfere with transactions that all participants mutually agreed on. Taking violence out of the equation had two wide-reaching consequences. Two types of men with guns would find crypto hard to cope with. The first were the police and agents of federal law enforcement. No longer would they be able to trace and find those who refused to declare income or deal in illegal goods. The state, in short, would lose a good deal of its coercive power. If financial transactions became untraceable, enforcing taxation would be impossible. And that, of course, was a good thing. “One thing is for sure,” May told Kevin Kelly of the Whole Earth Review already in late 1992, “long-term, this stuff nukes tax collection.”

But crypto wouldn’t affect only the government and the rule of law. The other kinds of men with guns were criminals. And the same applied to them. Criminals would also lose their power to coerce others with threats of physical violence. If the buyers of drugs, for instance, would be untraceable not just for the Feds but also for gangs, then markets that were chronically plagued by violence and abuse would become nonviolent and abuse would stop. Anonymously ordering LSD online was much less risky than going to dodgy street corners and talking up shady pushers.

Strong crypto, made widely available, enabled totally anonymous, unlinkable, and untraceable exchanges between parties who had never met and who would never meet. The anarchists saw it as a logical consequence that these interactions would always be voluntary: since communications were untraceable and unknown, nobody could be coerced into involuntary behavior. “This has profound implications for the conventional approach of using the threat of force,” May argued in the Cyphernomicon. It didn’t matter if the threat of force would come from governments or from criminals or even from companies: “Threats of force will fail.”

Crypto anarchy would not just take force out of chronically violent markets; it would also be a shot in the arm of dysfunctional markets. One of May’s favorite analogies was guilds. Medieval guilds had monopolized information — for instance, how to make leather or silver. When independent entrepreneurs would try to produce these goods outside the guilds, “the King’s men came in and pounded on them because the guild paid a levy to the King.” The police, tax collectors, and corporate interests joined forces.

Printing broke the oppressive system, May argued. Suddenly someone could publish and distribute a treatise on tanning leather, and the king would be unable to stop the knowledge from spreading like wildfire. But even in the age of printing, May lamented, some firms retained a firm grip on specialized technologies, such as gunsmithing. This era would now come to an end. Encryption, he reasoned, would liberate expertise and proprietary knowledge. “Corporations won’t be able to keep secrets because of how easy it will be to sell information on the nets,” he said, in the dated language of the 1990s. All kinds of transactions would become possible, without restrictions.

The “Cyphernomicon” felt raw, unedited, and self-absorbed in style. The pamphlet was clear: there was a great divide; it was either privacy or compliance with laws. Both at the same time, it implied, was impossible. The gun debate offered the template of self-protection versus protection by law and police — “crypto = guns,” as May put it. Both enabled the individual to have “preemptive protection.” Some of the most potent cypherpunk slogans were simply copied and pasted from America’s great gun debate: “If crypto is outlawed, only outlaws will have crypto.” One of the movement’s most popular slogans became an adaptation of those famous five words coined so dramatically by the NRA’s Charlton Heston: now it was not guns but crypto being pried “from my cold, dead hands.”

The National Security Agency. Source: Reuters

From the start, cypherpunk was about getting stuff done, not just debate and organization for debate and organization’s sake. In the summer of 1992, John Gilmore, one of the three original crypto rebels on the Wired cover, had made a bold move against the NSA that catapulted the movement into the national spotlight.

Gilmore had come across two cryptography books that piqued his interest: The first, “Military Cryptanalysis,” by the NSA cryptographer William Friedman, was a four-volume text published while World War II was still raging. The second, “Cryptanalytics,” in six volumes published between 1956 and 1977, was coauthored by Friedman and one of his students, Lambros Callimahos. In each case, the first two volumes had been declassified, which is why Gilmore knew about them.

In early July 1992, Gilmore filed a Freedom of Information Act request with the NSA, asking the agency to declassify the remaining Friedman volumes. Gilmore wasn’t requesting some coffee-table crypto book. Friedman was a legendary cryptographer: he had cofounded the US Army’s Signal Intelligence Service in the 1930s, a direct predecessor to the NSA. The National Cryptologic Museum idolizes him as the “Dean of American Cryptology.” Friedman himself had coined the term “cryptanalysis,” and he even had a 500-person lecture theater at Fort Meade named after him.

Without knowing it, Gilmore had requested one of the NSA’s founding documents. The agency, as is common, simply dragged out its response. Gilmore has a soft voice and the appearance of a peaceful hippie, with John Lennon glasses and a serene smile. Not one to be easily deterred, however, he considered filing an appeal.

Then a cypherpunk from the East Coast got in touch with Gilmore. “You know, I think I saw something like that at a library,” he told him. After Friedman’s death in 1969, his personal papers had gone to a public library on the campus of the Virginia Military Institute in Lexington, Virginia. The papers included the unpublished manuscript of the coveted book. The cypherpunk simply went there, Xeroxed the book’s page proofs, complete with Friedman’s annotations, and sent a thick packet to Gilmore in California. In early October, a week after the packet landed with a thud on Gilmore’s doorstep, a second letter from the East Coast arrived in his mailbox. It was from the NSA.

The agency had written to let Gilmore know that it would not release the books to him. In its response, the NSA referred to a statute — 18 U.S.C., Section 798. That statute made it a federal crime to publish classified cryptologic information. That was when it dawned on Gilmore that he had a problem. The documents in his possession were classified, and disseminating them — even showing them to experts—would be a crime.

But the NSA didn’t know he had the documents already. Gilmore carefully considered his options. He decided to submit copies of the classified documents to a federal district court under seal. The activists had limited trust in the judicial process. They trusted math, not the law. So, before Gilmore filed the sealed document with the judge, he made several copies of the classified book and hid them in extremely unlikely places.

For a while it looked as if the situation could escalate. A Justice Department lawyer representing the NSA demanded that Gilmore surrender his illegal copies and threatened that the NSA might send its own operatives, or FBI agents, to seize Friedman’s proofs from Gilmore. The cypherpunks were worried — especially Gilmore’s lawyer, Lee Tien. They were worried not just for their own personal freedom, but for the freedom of the country. At academic crypto conferences, rumors were making the rounds that the NSA had already raided the New York Public Library and reclassified documents that used to be public, and that in 1983 they had already removed Friedman’s personal correspondence from public access. An early court case seemed to affirm the government’s right to snatch any given document. “If they could do a black-bag job on everyone who had it,” Gilmore recalled in a café in Haight-Ashbury, “then they could classify anything.”

By now the anarchists were beginning to understand what the NSA feared. The c-punks had seen that the spooks at Fort Meade could tweak the law and play politics. But the activists also knew the secret agency hated publicity. So Gilmore started calling some of the technology reporters he knew through the cypherpunks list. One of the best-known journalists in San Francisco at the time was John Markoff, from The New York Times. Gilmore reached out to him. The Times later ran the story. “In Retreat, U.S. Spy Agency Shrugs at Found Secret Data,” the headline read.

Gilmore’s plan worked as predicted: the NSA shunned the light. The agency declassified the Friedman documents in response to the high-profile publicity. The NSA’s lawyers didn’t call Gilmore’s lawyer to tell him that they had finally yielded and would declassify the Friedman books; they told Markoff straightaway. “I heard it from Markoff,” Gilmore recalled. “They wanted to kill the story.”

Friedman’s actual book was useless for the cypherpunks. There was nothing in its pages that made any difference for the kinds of cryptographic tools the activists were developing. But the episode was a psychological success. It reaffirmed two views: that “the NSA was the enemy,” as Gilmore put it — and that this enemy wasn’t almighty. Even a few long-haired hippie activists could score a win against the mighty military machine. And it was only late 1992. The cypherpunks were just getting started.

“Cypherpunks write code,” was the mantra. Naturally, that was a statement of principle and a bit of an exaggeration. Not everybody on the list wrote code. In fact, only 10 percent of the cypherpunks wrote code, and only 5 percent worked on encryption-related projects. Early on, the activists had set their sights on a fundamental privacy problem in the digital age that was, at least then, unrelated to encryption: anonymity.

Making strong encryption available to John Doe was a big step forward for privacy. But it didn’t even begin to solve a fundamental problem: scrambling plaintext to ciphertext beautifully protected the letter inside an envelope. Whoever opened the envelope could not read what was inside. That was great. But the encryption available at the time didn’t conceal what was on the envelope: the sender’s address, the receiver’s address, and some other information about when and how the letter was sent. The correspondents’ identity was openly revealed. Encryption protected the content of packets but not the headers — what later would be called “metadata.” The now publicly available PGP protocol left metadata unprotected. PGP on its own, in short, created confidentiality, not anonymity. The cypherpunks wanted a solution to this problem.

Remailers were the solution. These were dedicated machines programmed to take scissors to the envelopes, encrypted or not, to physically cut out the sender’s address and then forward the email to the recipient. Remailers, in other words, were servers that automatically stripped emails of information that could identify the sender: the code running on the remailer would cut out the metadata, removing the sender’s address, replace it with a nonexistent placeholder such as nobody@shell.portal.com, and forward it to the intended recipient. It was like writing a letter with no sender’s address, or like calling somebody from a public phone with a distorted voice. Remailers could also be chained, to increase security, just in case one remailer kept a log file that could identify the sender. Court orders or lawsuits were ineffective against machines that automatically forgot data. But integrating PGP into remailers was a problem, at least initially.

Eric Hughes and Hal Finney wrote the first such remailers in 1992, in the programming languages Perl and C. By 1996, several dozen remailing machines would be operational. They had many uses. It became possible, for instance, to publish sensitive information simply by emailing it to a publicly accessible email list, because nobody could trace the email back to its sender. In this way the remailers were used to “liberate” ciphers that had not been published before, to spill a few government secrets, and to reveal secrets of the Church of Scientology.

By late 1992, things had started to move. The use of PGP was on the rise, and the first remailers were coming online. On Dec. 1, 1992, two days after Gilmore had scored his symbolic victory against the NSA, John Perry Barlow addressed a meeting of national-security and intelligence officials in McLean, Virginia: “I believe you folks in the Intelligence Community are going to [be] challenged by these issues as directly as anyone,” he told the spooks. The EFF cofounder knew that intelligence agencies were working under strict guidelines separating the domestic from the foreign. “You’re not supposed to be conducting domestic surveillance,” Barlow lectured the gathered officials. “Well, in Cyberspace, the difference between domestic and foreign, in fact the difference between any country and any other country, the difference between us and them, is extremely blurry. If it exists at all.”

For Barlow and the cypherpunks, this Vingean prophecy of a borderless cyberspace secured through the power of large primes was a shimmering pacific dream slowly inching into reality; for national security–minded government officials, it was a sinister, threatening nightmare. So in April 1993, the White House under Bill Clinton tried a new approach: if they couldn’t stop the spread of crypto, they could perhaps control it. The government proposed a new federal standard for encryption.

The proposal was officially named the Escrowed Encryption Standard, or EES. It was designed to enable encrypted telecommunication, especially voice transmission on mobile phones — but with a twist. The standard encompassed an entire family of cryptographic processors, collectively and popularly known as “Clipper chips.” The government expertise for designing such a system, naturally, resided in the country’s mighty signal intelligence agency, the NSA. The proposal was then to be implemented through NIST, the National Institute of Standards and Technology.

The system’s basic feature was simple in theory: When two devices establish a secure connection, law enforcement agencies will still be able to access the key that was used to encrypt the data. In short, communication was protected, but the FBI could read the mail or listen in when needed. The technical implementation of that simple idea was more difficult than expected.

Matt Blaze (r.) at a Passcode panel conversation on encryption at the 2016 South by Southwest Interactive festival. Photo by Ann Hermes/The Christian Science Monitor

NSA engineers came up with what they thought was a neat trick. To make a secure phone call, two phones would first establish a so-called session key to encrypt the conversation. That much was a given. The session key would unlock the ciphertext and reveal the plaintext. So the NSA needed to find a way to make the session key accessible to law enforcement without compromising the phone’s security. To do that, they created a so-called Law Enforcement Access Field, abbreviated LEAF. The LEAF would retain a copy of the session key. That retained session key, of course, was sensitive, and was itself encrypted with a device-specific key, called the “unit key.” This unit key was assigned at the time the Clipper chip was manufactured and hardwired into the device. Unit keys were held in “escrow” by two government agencies. The Feds, in short, had a spare key for encrypted traffic. The White House argued that Clipper would achieve twin goals: the chip would provide Americans with secure telecommunications, and it would not compromise law enforcement agencies in their ability to do legal, warranted wiretaps.

The cypherpunks, predictably, called BS on Clipper. The chip wasn’t just controversial; it was a bombshell. The tiny chip was the big cause the movement was waiting for. The very idea that a government, whatever its constitutional form, should be allowed to hold a copy of all secret keys was simply absurd to the growing number of crypto activists. “Crypto = guns” now meant that the Clinton administration faced the combined rage of First Amendment and Second Amendment activists, of those in favor of free speech and armed self-defense: Berkeley academics = NRA types. “Would Hitler and Himmler have used ‘key recovery’ to determine who the Jews were communicating with so they could all be rounded up and killed?” May asked on the list, rhetorically.

Graffiti sprayers took up the theme: “Stop Clipper — F*** the NSA” appeared on a garage door at the corner of 16th and Harrison St. in San Francisco, in March and April 1994. Realist-minded privacy advocates pointed out that any key escrow database would be a juicy target for aggressive intelligence agencies. The activists saw the LEAF and Clipper as a government-mandated “back door” into secure systems. Key escrow effectively meant “key surrender,” the EFF argued.

One famous anti-NSA slogan of the crypto wars of the early 1990s was the chip-mocking “Big Brother Inside,” a play on the famous tagline of one of the world’s leading chip makers: “Intel Inside.” Others designed a logo for T-shirts and pins, “Fight the Clipper,” with the old tagline from May’s “Crypto Anarchist Manifesto”: “Arise, you have nothing to lose but your barbed wire fences!” John Perry Barlow had one of the most powerful lines: “You can have my encryption algorithm,” he thundered, yet again using that favorite line, “when you pry my cold dead fingers from my private key.”

Graffiti and punch lines didn’t kill the chip. A hack did. This final blow was expertly administered by one of the cypherpunks, Matt Blaze, who then worked for AT&T. The Clipper’s cipher algorithm, known as Skipjack, remained classified. The government would provide the cipher algorithm only in preimplemented, tamper-resistant modules. And it would provide the hardware only through vetted vendors. AT&T was one of those vendors, and it was there that Blaze was able to test the chip.

Blaze found that the LEAF, the spare key, was flawed and indeed vulnerable to tampering. He published his results in a now-famous paper in August 1994. Blaze’s finding meant, ironically, that the Clipper could be fixed by breaking it — at least from the point of view of privacy activists: by subverting the law enforcement access field, the encryption remained intact but law enforcement no longer had access. Soon the Clipper was axed, and the cypherpunks bagged another victory against the government.

Several crypto activists also battled the government in court, with varying degrees of success. Three notable cases concerned the status of computer code and machine language as free speech. In the first case, filed in 1994, Phil Karn, a former Bell Labs engineer and cypherpunk, unsuccessfully brought a suit against the Department of State claiming that restricting the export of a diskette with Bruce Schneier’s book Applied Cryptography on it infringed on his First Amendment rights. In 1996, cypherpunk list member Peter Junger, a professor at the Case Western University School of Law, filed a suit against the Commerce Department for enforcing export regulations against him because he was teaching a computer law class in the United States — ultimately also without success.

Most influential would be a bundle of court cases brought by Daniel Bernstein, known as Bernstein v. US. The young mathematician, represented by the EFF, challenged the State Department for requiring him to get a license to be an arms dealer before he could publish a small encryption program. Then, by the end of the century, on May 6, 1999, the US Court of Appeals for the Ninth Circuit would rule, in a first, that software code was constitutionally protected speech, eventually ushering in the end of the hated cryptographic export control regime.

Street art by Banksy. Photo by Brendan McDermid/Reuters

Emboldened by success and mainstream media coverage, crypto anarchy became not less extreme but more so. Stewart Brand, for one, remained highly skeptical of anonymity online. On April 1, 1994, when the Clipper debate reached its fever pitch, a “nobody” reported on the newsgroup that Phil Zimmermann had been arrested and that the crypto pioneer was being held on bail of $1 million. Brand was about to sit on a panel with Zimmermann and was not amused. He responded to the cypherpunks two days later: “The Zimmerman[n] prank,” he wrote, “hardens my line further against anonymity online. At its best, as here, it is an unholy nuisance.” Brand commanded tremendous authority among subscribers, so the founders didn’t appreciate his snide comment.

“You can’t get rid of anonymity,” Hughes responded the next morning. He pointed out that there is no clear difference between saying something anonymously and saying it by using a pseudonym. “The first use of a pseudonym is as good as anonymous, because it has no past history,” he wrote. This was a clever move. The activists were fond of pointing out that cypherpunks had even been among the nation’s founding fathers. Alexander Hamilton and James Madison had chosen the handle Publius to publish the Federalist Papers. The cypherpunks even compared themselves to the founding fathers: Gilmore explained that May was the Thomas Jefferson, “the essayist,” while Hughes was more the Benjamin Franklin, “the coder.” Basically, Hughes responded to Brand that opposing anonymity was un-American.

But Brand was right. Several influential ideas emerged that polarized crypto anarchy and drove the uncompromising and self-defined founding fathers of online anonymity further to the fringe. One such idea, and perhaps the most prophetic one, was BlackNet.

BlackNet was the anti-WELL. It was the machine of loathing and disgrace: completely anonymous, without physical location, and amoral by design. An anonymous voice out of the emptiness of cyberspace (it had to be!) introduced the idea on August 18, 1993. The “Introduction to BlackNet” came as an email to the cypherpunks list through a remailer. The message started ominously, with a hint of irony and faux exaggeration that was obvious to most members on the list:

Your name has come to our attention. We have reason to believe you may be interested in the products and services our new organization, BlackNet, has to offer. BlackNet is in the business of buying, selling, trading, and otherwise dealing with *information* in all its many forms.

The anonymous author made clear that BlackNet would use public-key cryptosystems to guarantee total and perfect security for customers. The marketplace in cyberspace, the anonymous author wrote, would have no way of identifying its own customers, “unless you tell us who you are (please don’t!).”

BlackNet was also elusive. “Our location in physical space is unimportant,” the message read: “Our location in cyberspace is all that matters.” The mysterious anonymous voice gave a fictional address: “BlackNet <nowhere@cyberspace.nil>.” That was obvious geek irony: .nil didn’t exist as a top-level domain. But the email then ominously added, “We can be contacted (preferably through a chain of anonymous remailers) by encrypting a message to our public key (contained below) and depositing this message in one of the several locations in cyberspace we monitor.” These locations were two Usenet groups — alt.extropians and alt.fan.david-sternlight — and of course the cypherpunks list itself. This didn’t look like irony.

The idea for BlackNet was to remain “nominally” nonideological. But the author of the ominous passage made clear that he considered nation-states, export laws, patent laws, and national security “relics of the precyberspace era.” These things simply served one nefarious purpose: to expand the state’s power and to further what the BlackNet pioneers called “imperialist, colonialist state fascism.”

The curious email pamphlet then made clear that BlackNet would currently build up its “information inventory,” and that it was interested in acquiring a range of commercial secrets. “Any other juicy stuff is always welcome,” the anonymous voice added. BlackNet was specifically interested in buying trade secrets (“semiconductors”); production methods in nanotechnology (“the Merkle sleeve bearing”); chemical manufacturing (“fullerines and protein folding”); and design plans for things ranging from children’s toys to cruise missiles (“3DO”). Oh, and BlackNet was also interested in general business intelligence — for instance, on mergers and buyouts. “Join us in this revolutionary — and profitable — venture,” the message concluded.

May soon claimed credit for the letter. He had come up with BlackNet in the summer of 1993, as an example of what could be done, “an exercise in guerrilla ontology,” as he called it. The goal was to find a way to ensure fully anonymous, untraceable, two-way exchanges of information. The core idea was to use a public message pool as the main channel. The sender would use a chain of remailers to deposit a note in the pool anonymously and untraceably. The sender would have encrypted this message with the intended recipient’s public key. The intended recipient, and only the intended recipient, could then simply download, decrypt, and read the public message — and respond in the same way.

The hoax was too good not to be true. May claimed that he had come up with BlackNet just for the purposes of education and research. But the interests he listed — in particular, the commercial secrets — seemed a bit too detailed for a prank. It was credible. What was even more remarkable is that May’s overall idea for BlackNet sounded like a business plan. It could actually work.

Al Billings, then an anthropology student at the University of Washington, responded on the list just a few hours after the invitation went online: “It had to happen,” he said. “Even if it isn’t real, it will happen soon enough. I’m all for it.”

“I think it’s not real, or at least wasn’t intended to be,” another cypherpunk responded, picking up on the subtle irony. “My best guess is that it’s all a joke, but that the author will soon start receiving genuine replies; it may yet turn into the real thing.” They were both spot-on.

The master cypherpunk had created a “proof-of-concept implementation of an information trading business with cryptographically protected anonymity of the traders,” in the words of Paul Leyland, an Oxford University number theorist and cryptographer.

The editors at Wired apparently didn’t spot the bluff. The November 1993 issue announced BlackNet as if it were real: “Sent to us anonymously (of course),” Wired wrote and then quoted at length from May’s faux pamphlet. A few months later, in February 1994, Lance Detweiler, a former computer science student from Colorado who had become a cypherpunk troll, posted the BlackNet announcement to more than 20 newsgroups and lists, pushing it out to many thousands of recipients.

Some copies made their way into sensitive networks. Oak Ridge National Laboratory issued an advisory to employees and recommended reporting any contacts with BlackNet to supervisors. Indeed, May soon did receive genuine replies and a number of strange propositions, including an offer to sell information about how the CIA was blackmailing diplomats of certain African nations in Washington and New York. May says he decrypted the message with BlackNet’s private key and then put it away and never responded.

One of the main motivations for BlackNet, as May had outlined, was economic espionage. By the spring of 1994, the idea had made the rounds on forums, newsgroups, and the then novel World Wide Web, a browsable interface with clickable links that has become synonymous with the internet for most users. The FBI began taking the threat of BlackNet-organized industrial espionage seriously and started investigating. One anonymous post on the list claimed that two federal agents had interrogated Detweiler in Denver about BlackNet, and even correctly identified one of the agents.

The Feds also contacted May and other cypherpunks. The crypto cowboy was so concerned about the unwanted attention, and about his idea’s obvious potential for abuse, that he emphasized again and again that he wasn’t the person who had posted the initial message on the cypherpunks list. But BlackNet was never actually used as a message pool to sell information. One of the main ingredients was missing: digital cash, which existed only as an idea then.

Soon, an even nastier suggestion appeared on the list: a public hit list for politicians, set up as a portal for contract killing. It also came from a former Intel engineer, Jim Bell. He was one of the most radical minds on the cypherpunks list (Bell and May met only once, in the early 1980s). In August 1992, Bell had read an article by David Chaum in Scientific American titled “Achieving Electronic Privacy.” Chaum, then the head of a cryptographic research group at Amsterdam University, painted a dark picture: making a phone call, using a credit card, subscribing to a magazine, paying taxes, all these bits and pieces of information could be collected and combined into “a single dossier on your life — not only your medical and financial history but also what you buy, where you travel and whom you communicate with.”

A scary idea, Bell thought when he read this. But Chaum’s suggestion for achieving electronic privacy inspired Bell in unexpected ways. Chaum suggested a method for using as identifiers not real names or Social Security numbers, but “digital pseudonyms.” Such pseudonyms would make it much harder to connect various bits and pieces of information back to the same actual individual, just like in the good old days when cash payments were the norm.

“A few months ago, I had a truly and quite literally ‘revolutionary’ idea,” Bell wrote in April 1995, still inspired by Chaum’s ideas, “and I jokingly called it ‘Assassination Politics.’” Except Bell wasn’t joking. Assassination Politics was the title of a sincere 10-part essay that was to become highly influential. To Bell, Chaum had it the wrong way around: The Amsterdam cryptographer was asking how the freedoms of ordinary life could be reproduced on the internet. For Bell, the more exciting question was, again, the opposite: “How can we translate the freedom afforded by the Internet to ordinary life?”

Bell’s basic concerns seemed innocent enough: keeping the government from banning encryption and digital cash, the new technologies of freedom. But Bell reversed the cypherpunks’ classic motivation: he didn’t just want to ensure that well-established brick-and-mortar freedoms would apply on the new internet; he wanted to translate new internet freedom to the established social norms of ordinary life. Chaum suggested shaping cyberspace in the image of the real world; Bell suggested shaping the real world in the image of cyberspace. This reversal enabled a revolutionary outlook.

Bell suggested a market for assassinations. The MIT graduate had the idea to set up a legal organization that would announce a cash prize. The winner of that cash prize would be whoever correctly “predicted” the death of a specific person. The person on the hit list, Bell clarified, would be a violator of rights already, “usually either government employees, officeholders, or appointees.”

The fact that the suggested system was targeting the government made all the difference: Bell didn’t claim that a person who hires a hit man is not guilty of murder. Obviously, the victim could be innocent. But he was not dealing with innocents. He wouldn’t even initiate the use of force. The government, after all, held a monopoly on violence, and taxing citizens as well as enforcing the law represented a use of force already. By “taking a paycheck of stolen tax dollars” and being tied to police agents, a government employee had already violated the “nonaggression principle.” Therefore, “any acts against him” — the government employee — “are not the initiation of force under libertarian principles.” Killing government employees, Bell argued, was a legitimate form of self-defense. Crypto was, indeed, like guns.

Strong crypto made legitimate hits possible — at least in Bell’s mind. At the heart of his suggested assassination politics was a wish hit list administered by an organization. The list was to be made public. It had two columns: one with a government employee’s name, and one with money pledged for that person’s “predicted” death. (Bell always put that “predicted” in quotation marks, for somebody had to make the prediction come true). Anybody holding a grudge against a particular politician or government agent could bet a small, or large, amount of money on that person’s life. “If only 0.1% of the population, or one person in a thousand, was willing to pay $1 to see some government slimeball dead, that would be, in effect, a $250,000 bounty on his head,” Bell explained. The bounty, once large enough, would be a market-driven incentive for assassins.

Bell’s suggested system worked something like this: “Guessers” would create a file with their “guess” — that is, the politician or bureaucrat’s name and the time stamp of his assassination. The person making the “prediction” would then encrypt that file with a private key, so that nobody else could read or edit this information without having access to the private key. Next, the “guesser” would put the sealed envelope and some digital cash in a second envelope, which would be encrypted with the organization’s public key, so that only the prize-giving organization could open the envelope. The money was needed to avoid a large number of random guesses, Bell reasoned.

Once the hit had been made, the victim’s death would become publicly known through press reports. The winner could then send an encrypted envelope to the organization that contained two things: a private key and a public key. The organization could use the private key to verify that the winner had correctly predicted the hit by opening the previously submitted bet with this private key. But how did the winner get paid? The second element in the envelope was a public key to which only the winner possessed the private key. The public key would effectively be used to “transfer” the prize cash to the winner — by publishing it online, so that everybody could see it. The winner, and only the winner, could then download the encrypted cash and unlock it with another private key. All this would be entirely untraceable. “Perfect anonymity, perfect secrecy, and perfect security,” Bell boasted.

Bell’s vision was truly revolutionary. Nothing, he believed, would stay the same:

Just how would this change politics in America? It would take far less time to answer, “What would remain the same?” No longer would we be electing people who will turn around and tax us to death, regulate us to death, or for that matter sent [sic] hired thugs to kill us when we oppose their wishes.

Bell, predictably, became a divisive figure. Then–IRS inspector Jeff Gordon compared him to terrorist Timothy McVeigh, who bombed a federal building in downtown Oklahoma City in April 1995, killing 168 people. On the other end of the spectrum was John Young, an architect and cypherpunk who would found the first whistleblowing portal in 1996: Cryptome. Young nominated Bell for a Chrysler Design Award for creating an “Information Design for Governmental Accountability.”

Crypto anarchy, some successes notwithstanding, seemed to meander toward the fringe. But curiously, the ideology lacked a proper book-length treatment. There was graffiti, as well as a deluge of rambling emails, magazine stories, interviews, and the messy and disorganized Cyphernomicon. The cypherpunks wrote code, but not books. May, the movement’s self-styled essayist, had tried and failed.

Then, in 1997, Simon & Schuster, one of the big New York publishing houses, published “The Sovereign Individual.” It was a strange book, full of apocalyptic yet optimistic predictions. The two authors, inspired by the political philosophy of cypherpunk, left out the jargon and the arcane crypto discussions, yet kept the boldness: cyberspace was about to kill the nation-state, they argued.

Lord William Rees-Mogg was a prominent, albeit sharply controversial, figure in British public life. From 1967 to 1981, the owlish Rees-Mogg was editor of the Times, chairman of the Arts Council of Great Britain, and the BBC’s vice-chairman. In 1988 he was made a life peer in the House of Lords, as Baron Rees-Mogg of Hinton Blewett in the County of Avon. His coauthor was James Dale Davidson, a conservative American financial commentator and founder of the National Taxpayers Union, an advocacy group.

Technology had truly leveled the playing field in future confrontations: “The meek and the mighty will meet on equal terms.”

“As ever more economic activity is drawn into cyberspace, the value of the state’s monopoly power within borders will shrink,” Rees-Mogg and Davidson predicted. “Bandwidth is destined to trump the territorial state.” To back up their futurology, the two pundits called on the acid-dropping former cattle rancher from Wyoming, John Perry Barlow. He had it right, they said: “Antisovereign and unregulatable, the Internet calls into question the very idea of a nation-state.”

Echoing May and the cypherpunks, they argued that the state’s threats of coercion would simply be ineffective online, shielded by strong crypto. “The virtual reality of cyberspace,” they wrote, “will be as far beyond the reach of bullies as imagination can take it.” The advantage of large-scale violence, of police or military force, would be far lower than it had been at any time since the French Revolution. Individuals would no longer need, or tolerate, sovereign states above them. The age of violence was over. The individual would now become the sovereign, effectively taking over from the state. Soon, most of the world’s commerce would be absorbed “into cyberspace,” a novel realm where the governments of old would have “no more dominion” than they exercised over the bottom of the sea or indeed the solar system’s outer planets. “In cyberspace, the threats of physical violence that have been the alpha and omega of politics since time immemorial will vanish.”

One big reason for this coming revolution was digital money. “Cybercash” would slash the state’s ability to control its citizens. In the near future, any commercial transaction would happen over the “World Wide Web,” paid for in untraceable digital cash. Taxation would become difficult, if not impossible, thus cutting the state back to size, if not destroying it entirely. As the two conservative authors put it in a twisted reference to Lennon and McCartney: “Cyberspace is the ultimate off-shore jurisdiction. An economy with no taxes. Bermuda in the sky with diamonds.”

The authors didn’t use the phrase “sovereign individual” as mere slogan. “One bizarre genius” could achieve the same impact in cyberwar as a nation-state, they argued confidently. The Pentagon was no more powerful than some teenage whiz kid. Technology had truly leveled the playing field in future confrontations: “The meek and the mighty will meet on equal terms.” The consequences were profound: “Nation-states will have to be reconfigured to reduce their vulnerability to computer viruses, logic bombs, infected wires, and trapdoor programs that could be monitored by the U.S. National Security Agency, or some teenage hackers,” Rees-Mogg and Davidson predicted.

An advance Kirkus review called the best-selling book “astonishing” and “penetrating.” The Vancouver Sun thought it was “must reading,” Toronto’s Financial Post described it as “sobering.” Reviews appeared in the Guardian and the Wall Street Journal. Predictably, the cypherpunks loved it. “The Sovereign Individual discusses many of the issues discussed on Cypherpunks,” one list member wrote. “Strongly suggested for any cpunk,” added Jim Choate, who had written one of the first remailers. Some were skeptical. The book lacked precision and was full of bold overstatements. And although the two authors never referred to crypto anarchy or the c-punks, the publication gave wider currency to an emerging political philosophy. But the book’s success was short-lived — sharing this fate with the utopian ideology from which it sprang.

Inspired by Vinge’s story and the cypherpunk list, a few entrepreneurs took the idea of the sovereign individual rather literally in those enthusiastic years before the crash of the New Economy. One of them was Ryan Lackey. Digital cash had fascinated Lackey since he was 15 years old. He had already started an e-money startup on Anguilla, a loosely regulated island, but he had run into trouble with the ruling family. An avid c-punk, he had hosted the list archives on an MIT server when he was a student in Boston. Lackey even looked like a textbook cypherpunk: head shaved bald, pale skin from spending too much time in front of screens, rimmed glasses with a dark black frame, and usually dressed all in black. Privacy and internet freedom, as he saw it, were under siege: laws everywhere, particularly in the United States, were getting more and more restrictive and authoritarian.

Several crypto anarchists had long been looking for an offshore jurisdiction to run the automats of freedom: remailers, racks of servers dishing out encryption, and machines minting digital cash. Anguilla initially seemed a good option, as did Tonga. Then, in June 1999, Lackey and Sean Hastings discovered a curious place in a book, How to Start Your Own Country, by Erwin Strauss. That place was the Principality of Sealand, a tiny artificial island on a World War II antiaircraft platform in the North Sea known as Roughs Tower. The rust-covered 550-square-meter platform sat on two giant hollow pontoons, 60 feet above the brown-green waves of the harsh North Sea, 7½ miles off Felixstowe, on the Suffolk coast.

On September 2, 1967, Roy Bates, a retired army major and World War II veteran, had declared the rig independent from Britain, bestowing the title “princess” on his wife (it was her birthday). Britain refused to accept the principality’s sovereignty, as did the US, the UN, and all other international organizations. Hastings and Lackey, however, had perfect timing. In 1999, Prince Roy was battling Alzheimer’s and his health was deteriorating. The “royal” family considered leaving Sealand, making it available for other uses. In November that year, Hastings visited the platform for the first time. He already had experience in offshore financing and online gambling in Anguilla, where he had met Lackey. After inspecting Sealand that November, the entrepreneurs were inspired. They decided to move forward.

“The biggest inspiration was Vernor Vinge, ‘True Names,’ ” recalled Lackey. The vision was to have individuals acting in the Other Plane, able to “live on hardware and transact stuff on their own and not have to be under any government,” Lackey recounted later in Palo Alto. These sovereign individuals were to be “the first class citizens,” he said. The principality was the weakest country they could find in terms of jurisdictional challenges. The deserted antiaircraft platform in the North Sea had simply no legal system, no police, and no law enforcement. Sealand seemed like the perfect place to start for would-be sovereign individuals.

HavenCo Ltd. was to be the world’s first real data haven, “physically secure against any legal actions,” the business plan promised. The idea was to combine the best of the “first world” — high-quality infrastructure — with the best of the “third world”: hosting data and running businesses “free of unnecessary regulation and taxation.” “Sealand is located less than three milliseconds (by light over fiber) from London,” the business plan promised, in language indeed reminiscent of “True Names.”

Lackey, then 20 years old, became the chief engineer and moved to the barren platform. He spent the better part of two years on the rig. He was there mostly on his own, maintaining HavenCo’s operations, with others coming just when journalists were visiting by boat. The media loved the story of Sealand.

No doubt, the startup was a hot idea. It was so hot that Wired magazine had commissioned a cover story on it even before HavenCo had done anything. The magazine’s reporter, Simson Garfinkel, was literally on Lackey’s heels, in the same boat, when HavenCo’s chief engineer visited Sealand for the very first time, in January 2000. Lackey recalls that the Wired reporter was “very credulous.”

“The Ultimate Offshore Startup,” was the magazine’s title story in July 2000. “Meet the high-seas adventurers on a multibillion-dollar quest to build a fat-pipe data haven that answers to nobody.” On Wired’s cover was the rusty antiaircraft platform with helicopter landing pad. Assembled on the platform was a fictional team of nine people (there were only four). The entire rig was not just sticking out of the ocean; it was gargantuan, reaching through the clouds and the atmosphere all the way into space, above the entire round, blue planet, Whole Earth Catalog style. The magazine presented the North Sea rig as a veritable Bermuda in the skies with diamonds. What a public launch.

After the Wired story came out, managing media requests and frequent visits of journalists took up more time than getting actual business operations up and running. Meanwhile, other things didn’t go so well. Lackey had hired Winstar Communications to run a fiber-optic line from London to the shore. Winstar was one of the poster children of the late-1990s internet boom. But the overexposed company, with a revenue of $445 million in 1999, went belly-up in 2001. The fiber connection to the coast was never built, let alone the “fat pipe” to Sealand that Wired had announced so credulously. There was only a wireless link.

HavenCo’s “crazy plan,” Lackey said, was to lay a repeaterless fiber cable from London to the Netherlands via Sealand. That cable also remained a fat pipe dream. The ambitious internet startup had to make do with a data transfer speed of just 10 megabits per second. That meant that downloading just one regular 1.5-GB movie would have taken nearly twenty minutes, clogging the pipe. “Low bandwidth killed the economics,” Lackey recalled.

Life on the c-punk rig was rough. Initially, the small HavenCo team had a nice spot in the edgy and hipster docklands in London. Living in East London was much more pleasant than on a deserted antiaircraft rig in the wintry sea. But money was in short supply, and living on Sealand was the cheapest option. Lackey moved there for good, now dining out of a pantry filled with canned food. Sean Hastings and his wife, Jo, brought a dog to Sealand from the Netherlands. But the black lab annoyed Lackey.

Then there was Colin, an English janitor in his 60s. Lackey didn’t get along with him either. To avoid running into Colin in the claustrophobic 5,000 square feet of interior space, Lackey lived on San Francisco time, even though he was off the coast of England — sleeping during the day, awake at night. He would practically hide in his room, or in the data center. “It was pretty boring,” he recalled. He would stay on the rusty rig for five to six months in one stretch, getting used to the permanent smell of diesel fuel. But he was busy tinkering with computer gear that he had smuggled in from the United States. “It really didn’t matter too much,” Lackey says. He was living in the Other Plane.

The rough life reflected HavenCo’s business situation. The company had five sturdy gray relay racks with blue plugs at the top, with space for 45 servers. But it managed to put in and rent out only a dozen machines. The company never successfully raised sufficient seed money, not even in the bullish market of the New Economy before the crash. And the budget quickly ran thin. One of HavenCo’s main investors, Avi Friedman, was worried about the Y2K problem, so he withdrew about $2 million in cash, in $100 bills, and kept the cash at home. He doled out $1,500 at a time, to make minimum payments. Lackey started using his own credit cards, spending ever more money that he didn’t have.

Yet the ideology of crypto anarchy would become spectacularly successful, even without a nonfiction best seller to spread the gospel.

Businesses did not flock to the data haven as expected. By the summer of 2000, two of the three founders had jumped ship and left the startup. A year later, Lackey managed to keep the company afloat with about 10 customers, primarily casinos. A true cypherpunk at heart, Lackey ran a Mixmaster Type II anonymous remailer on the rig. That felt like the right thing to do, but it didn’t make the company any money. HavenCo’s business plan foresaw $25 million in profits in year three; Lackey ended up losing $220,000 after three years. One day in early 2001, Lackey was standing on the platform overlooking the wide North Sea horizon, when his phone rang. It was Google, offering him an engineering job. But he still believed the cypherpunk data haven could take off. He turned the offer down.

By the end of the decade, crypto anarchy had a mixed record of success. On the one hand, many of the cypherpunk projects had flopped: the list was in demise, and many of the projects that the activists had promoted with such youthful optimism—remailers, PGP, message pools, digital cash, offshore hosting—remained on the fringe, or they had failed outright. The cypherpunks were looking for individual sovereignty, a Bermuda in the sky with diamonds; what they found was a lone geek on a rusty rig in the North Sea without cash. Yet the ideology of crypto anarchy would become spectacularly successful, even without a nonfiction best seller to spread the gospel.

Like many other libertarians, May was fascinated by Friedrich Nietzsche’s philosophy; he even called his cat Nietzsche. “Crypto is not going to enable the bottom 90 percent,” May was sure. “Crypto enables the Übermensch,” he believed. Just like a generation before him, some tech pioneers believed that cyborg technology would enable the superhuman. May ended up making a “huge amount” of money through the list, he says, by investing in promising ideas and companies that he learned about by running the list.

“This may smack of elitism,” May realized, “but I have very little faith in democracy.” Instead, the anarchists put all their faith in technology. The power of large primes trumped the power of large institutions. Math decided, not man. Even under the most adverse conditions, technology was trustworthy — even if laws, even if society, and even if corrupt governments could not be trusted. May’s vision was nothing less than one of an automated political order.

Crypto anarchy embodied the unshakable cybernetic faith in the machine. It combined Wiener’s hubristic vision of the rise of the machines with Brand’s unflinching belief that computers and networked communities would make the world a better place. A direct line connects the techno-utopianism of Timothy Leary to the techno-utopianism of Timothy May, cyberpunk to cypherpunk. Leary felt empowered by the personal computer. For May, just one ingredient was missing: the power of prime numbers. “Cryptography provides for ‘personal empowerment,’” he wrote in 1999.

The cypherpunks had not a trace of doubt that crypto itself was libertarian, that increasing its use would steadily increase degrees of freedom available to the individual. “This is just an inevitable consequence of technology,” May said. To the disciples, servers running remailers and encryption services were libertarian automata, subversive political machines. Whatever their input, their output was freedom.

Sometime in 1999, May looked back on the momentous changes of the previous two decades:

The full-blown, immersive virtual reality of ‘True Names’ may still be far off, but the technologies of cryptography, digital signatures, remailers, message pools, and data havens make many of the most important aspects of ‘True Names’ realizable today, now, on the Net. Mr. Slippery is already here and, as Vernor [Vinge] predicted, the Feds are already trying to track him down.

May need not have spoken in oblique science fiction metaphors. He didn’t know it, but he was right. As he wrote these lines, the Feds were actually busy tracking down a real-world Mr. Slippery in the vast networks of the US military establishment. That Mr. Slippery was doing exactly what May himself had predicted a few years earlier: stealing vast amounts of commercial and military secrets, encrypting them, relaying scrambled versions of these files on machines in third countries, and then exfiltrating them to machines that seemed beyond the reach of the government. And, as in Vinge’s story, the Feds were unable to stop the data theft. That metaphorical Mr. Slippery was not a freedom-loving American citizen. The FBI, after a long and painstaking investigation, was able to determine the culprit in the Other Plane: an intelligence agency of one of the most resourceful rivals of the US.

THE NAKED TRUTH – Freedom, Peace, Human Rights, Freedom of Opinion, Good Vibrations

%d bloggers like this: