So when he DM’d me to say that he had “a hell of a story”—promising “one-time pads! 8-bit computers! Flight attendants smuggling floppies full of random numbers into South Africa!”—I responded.
Ha ha ha. Yes, that was literally my very short pitch to Steven about Tim Jenkin's story!
The actual DM: "I think this has the makings of a hell of a story: https://blog.jgc.org/2024/09/cracking-old-zip-file-to-help-o... If you want I can connect you with Tim Jenkin. One time pads! 8-bit computers! Flights attendants smuggling floppies full of random numbers into South Africa!"
No, I did not. I threw quite a lot of compute power at it using bkcrack (CPU) and hashcat (GPU) but never found out what it was. It was definitely not TIMBOBIMBO, sadly!
This was a great read, thank you for inspiring it! I also did not realize it was you who led the petition for the UK to apologize to Turing, what an achievement.
You're quoted at the end as saying, "The code itself is a historical document". That sort of electrified me as I began thinking about what other historical code is out there in need of preservation. I'm fascinated with stuff like this, toolkits meant to be used in the field with little room for incremental development. Tracking this kind of stuff down seems like a fun hobby.
I remember the activist campaigns and the movie Cry Freedom about Steve Biko, another SA activist, had a significant impact on my worldview growing up. As revolutions and coups go it was clearly a success. I'd wonder how much of a role their electronic opsec played in it.
I think it was the ANC and its activists organizing the coalition of other countries to sanction and isolate the government that ultimately caused it to yield power, which is the necessary condition for any revolution- it requires allies to be in place to support it for when it succeeds. On the ground, you only really need a few dozen people to seize some buildings and bank accounts, it's coordinating the external trade links to keep everyone paid and in their jobs while the top of the regime changes to new hands that's difficult. The opsec for that ground force just has to get most of them to their X day, where they're going to take casulties anyway.
In the case of SA, it seemed like a matter of convincing other countries to do nothing, by persuading the world the govt were just racist villains, and convincing the National Party in government that nobody would intervene to save them if there were a civil revolt. That part was organized in plain view. Opsec is interesting and mysterious, but often less important than the stories we tell about it afterwards.
I remember traveling to the US from South Africa when I was 14 in 1990 and my dad renting Cry Freedom on VHS so we could watch it, since it was banned in South Africa. The long roll of peoples' names and how they died "accidentally" or "falling from window" in prison at the end was haunting and the experience of watching it has stayed vividly with me ever since.
It's hard to stress how normal _anything_ can seem when you grow up with it. I often wonder whether, if we'd stayed (we moved to the US permanently in 1992) and if apartheid had continued, whether I'd have woken up to the reality of what was going on and become more politically active in my college years. I have no confidence my sense of right and wrong would have been strong enough to escape the stifling blanket feeling of "Well, yes, it's not right, but let's not go tooooo crazy" that pervaded political feeling in those days.
Thanks for doing this, JGC. (And now that I think of it, you might enjoy the historical spelunking in the "Georg Nees" entries on my blog at zellyn.com. Code archeology is tremendously satisfying, and getting an email from one of his sons out of the blue was a delight!)
I watched the movie shortly before going to Lesotho (the enclave country Donald Woods and his family escaped to) and crossing the border into "Transkei" (https://en.wikipedia.org/wiki/Bantustan) at the same bridge he entered Lesotho.
To be honest, I was prepared to see all white South Africans as evil oppressors, and it took me a while to see that there was a spectrum -- many of whom I met -- from oppressors to opportunists to passive enablers to freedom/justice fighters.
One of my distant relatives in South Africa was decidedly racist, but mourned how his son had gone from playing with the children of black farmworkers to, after a stint in the South African Defence Forces, being a vicious white supremacist.
> it's coordinating the external trade links to keep everyone paid and in their jobs while the top of the regime changes to new hands that's difficult.
That's actually a really good insight. It explains why quite a few successful revolutions – e.g. Russia and China – happened in countries _without_ an established administrative bureaucracy, and patted themselves on the based on their apparent competence in building one.
> That's actually a really good insight. It explains why quite a few successful revolutions – e.g. Russia and China – happened in countries _without_ an established administrative bureaucracy
Erm.... Whut? China was (and is) _the_ example of a country held together by a civil bureaucracy. Ditto for Russia.
the view of coups as one faction replacing another is quite a rabbit hole, but it's a political analysis that has some experimental and predictive power.
there has to be guarantor or benefactor on the other side of it. in this view, leaders are figureheads accountable to the small essential coalition who keeps them there. the idea of secret cabals orchestrating these things is usually backwards, where a revolutionary (or politician) is really just an entrepreneurial dealmaker between elite factions.
Interesting how the PKZIP password-protected compressed file is now easily decrypted in <5 minutes, but the original one-time pad is still as mathematically robust as ever.
We could have had a very different history if they'd used DES or RC2 for encryption!
One time pads used properly are theoretically perfectly unbreakable. The problem is making sure no one ever uses the same 'pad'/keystream twice, that your pad generation is actually random, and that the pads never fall into the hands of your adversaries. (or if they do you've been diligent about completely destroying the used pads and the other end of your communications doesn't use the captured set of pads) They're just not very good at anything other than point to point secret passing and require a real world connection to distribute.
So much of symmetric key cryptography is just trying to find creative ways of creating and recreating 'one time pads' so we can distribute the key material instead of the pads themselves.
The one thing that stood out to me with the original blog post and a quick glance at the code was that it appeared as if the pad was certainly not actually random.
Could anyone that has actually understood it a bit more confirm or reject this?
Edit: It seems that the random generation can be found starting here https://github.com/Vulacode/RANDOM/blob/d6a1a1d694b22e6a115b...
With three methods, one (RAND2) seems to use the basic interpreter rng more or less directly and the other two seem to be fairly simple prngs seeded from the basic interpreter's rng.
I don't actually know what the state of basic interpreter rngs was in the early '80s but I would be fairly surprised if they're anything that is secure.
Traditionally, encode meant to use one word/symbol to represent another, while encipher meant to transform one (usually mathematically) into another.
For example, "Tora, Tora, Tora" was a code that had no intrinsic meaning, but was the signal to proceed with the Pearl Harbor attack. No way to reverse that.
Meanwhile, "THE QUICK BROWN FOX JUMPS OVER THE LAZY DOG" can be transformed with a Caesar cipher to "QEB NRFZH YOLTK CLU GRJMP LSBO QEB IXWV ALD". It can easily be reversed.
Funny but also thought-provoking! When did the verb "encipher" give way to "encrypt," and why? I might enjoy reading a well-researched piece on that subject.
I remember reading in Bruce Schneier's Applied Cryptography that in some cultures "encrypt" refers to the process of entombing bodies for burial and that "encipher" did not have that baggage.
Similar connotation to "decrypt" which would be exhumation.
Readit News
Ha ha ha. Yes, that was literally my very short pitch to Steven about Tim Jenkin's story!
The actual DM: "I think this has the makings of a hell of a story: https://blog.jgc.org/2024/09/cracking-old-zip-file-to-help-o... If you want I can connect you with Tim Jenkin. One time pads! 8-bit computers! Flights attendants smuggling floppies full of random numbers into South Africa!"
I also ended up sponsoring the bkcrack project because the maintainer added a new option for me: https://github.com/kimci86/bkcrack/pull/126
(It was an 8088, essentially an 8086 with an 8 bit data bus, but 16bit registers and 20bit address bus).
You're quoted at the end as saying, "The code itself is a historical document". That sort of electrified me as I began thinking about what other historical code is out there in need of preservation. I'm fascinated with stuff like this, toolkits meant to be used in the field with little room for incremental development. Tracking this kind of stuff down seems like a fun hobby.
The story reads like _The Cuckoo's Egg_ in a way. Spies, intrigue, covert comms, action, revolution!
I loved that the code is still around, and works.
Kudos!!
Dead Comment
Dead Comment
I think it was the ANC and its activists organizing the coalition of other countries to sanction and isolate the government that ultimately caused it to yield power, which is the necessary condition for any revolution- it requires allies to be in place to support it for when it succeeds. On the ground, you only really need a few dozen people to seize some buildings and bank accounts, it's coordinating the external trade links to keep everyone paid and in their jobs while the top of the regime changes to new hands that's difficult. The opsec for that ground force just has to get most of them to their X day, where they're going to take casulties anyway.
In the case of SA, it seemed like a matter of convincing other countries to do nothing, by persuading the world the govt were just racist villains, and convincing the National Party in government that nobody would intervene to save them if there were a civil revolt. That part was organized in plain view. Opsec is interesting and mysterious, but often less important than the stories we tell about it afterwards.
It's hard to stress how normal _anything_ can seem when you grow up with it. I often wonder whether, if we'd stayed (we moved to the US permanently in 1992) and if apartheid had continued, whether I'd have woken up to the reality of what was going on and become more politically active in my college years. I have no confidence my sense of right and wrong would have been strong enough to escape the stifling blanket feeling of "Well, yes, it's not right, but let's not go tooooo crazy" that pervaded political feeling in those days.
Thanks for doing this, JGC. (And now that I think of it, you might enjoy the historical spelunking in the "Georg Nees" entries on my blog at zellyn.com. Code archeology is tremendously satisfying, and getting an email from one of his sons out of the blue was a delight!)
To be honest, I was prepared to see all white South Africans as evil oppressors, and it took me a while to see that there was a spectrum -- many of whom I met -- from oppressors to opportunists to passive enablers to freedom/justice fighters.
One of my distant relatives in South Africa was decidedly racist, but mourned how his son had gone from playing with the children of black farmworkers to, after a stint in the South African Defence Forces, being a vicious white supremacist.
That's actually a really good insight. It explains why quite a few successful revolutions – e.g. Russia and China – happened in countries _without_ an established administrative bureaucracy, and patted themselves on the based on their apparent competence in building one.
Erm.... Whut? China was (and is) _the_ example of a country held together by a civil bureaucracy. Ditto for Russia.
it's essentially demesquita's "logic of political survival," also distilled into the well made cartoon, "rules for rulers" https://www.youtube.com/watch?v=rStL7niR7gs
We could have had a very different history if they'd used DES or RC2 for encryption!
So much of symmetric key cryptography is just trying to find creative ways of creating and recreating 'one time pads' so we can distribute the key material instead of the pads themselves.
The one thing that stood out to me with the original blog post and a quick glance at the code was that it appeared as if the pad was certainly not actually random.
Could anyone that has actually understood it a bit more confirm or reject this?
Edit: It seems that the random generation can be found starting here https://github.com/Vulacode/RANDOM/blob/d6a1a1d694b22e6a115b... With three methods, one (RAND2) seems to use the basic interpreter rng more or less directly and the other two seem to be fairly simple prngs seeded from the basic interpreter's rng.
I don't actually know what the state of basic interpreter rngs was in the early '80s but I would be fairly surprised if they're anything that is secure.
For example, "Tora, Tora, Tora" was a code that had no intrinsic meaning, but was the signal to proceed with the Pearl Harbor attack. No way to reverse that.
Meanwhile, "THE QUICK BROWN FOX JUMPS OVER THE LAZY DOG" can be transformed with a Caesar cipher to "QEB NRFZH YOLTK CLU GRJMP LSBO QEB IXWV ALD". It can easily be reversed.
Deleted Comment
Similar connotation to "decrypt" which would be exhumation.
https://github.com/Vulacode/Articles/blob/main/Talking%20To%...
https://omalley.nelsonmandela.org/index.php/site/q/03lv03445...
I got to here before realising this is the same guy portrayed by Daniel Radcliffe in Escape From Pretoria. Great film.