Heh, well, since then SqueakSource itself was moved to a different
server in a different country.  I guess there was also a mirror of
SqueakSource hosted in Chile under a different URL for many years.

I'm doubtful any of it matters, but we wouldn't want anyone to end up
in Gitmo over it.  If you're uncomfortable about hosting a copy
elsewhere, then please at least namespace-prefix the Pharo-specific
packages, to at least help keep it from becoming a tangled mess.

On Mon, Oct 19, 2015 at 2:39 PM, Ron Teitelbaum <ron at usmedrec.com> wrote:
> Hi All,
>
> Unless someone filed the proper paperwork I would suggest NOT moving the cryptography code anywhere except for SqueakSource.  When we started the project we spent time ensuring that we had a proper exemption from the  U.S. regulations on exporting cryptographic code.  If someone copied and forked the code that exemption may not still apply to that new repository.
>
> I'm not personally involved with the code on Pharo, not sure who is doing crypto there.
>
> All the best,
>
> Ron
>
>> -----Original Message-----
>> From: Pharo-dev [mailto:pharo-dev-bounces at lists.pharo.org] On Behalf Of
>> Chris Muller
>> Sent: Monday, October 19, 2015 2:47 PM
>> To: The general-purpose Squeak developers list
>> Cc: Pharo Development List
>> Subject: Re: [Pharo-dev] [squeak-dev] [Cryptography port to Pharo]
>> RandomGenerator class>>unpredictableStringsDo:
>>
>> Yes, if a common package for both Squeak and Pharo is possible, that'd be
>> great.  Otherwise, the Squeak and Pharo versions should reside in separate
>> repositories.  Squeak users are still using squeaksource.com, Pharo moved to
>> smalltalkhub and beyond..
>>
>> On Mon, Oct 19, 2015 at 1:42 PM, Robert Withers
>> <robert.w.withers at gmail.com> wrote:
>> > hey Ron,
>> >
>> > It was actually the Pharo Cryptography team I was thinking of. Perhaps
>> > we can get the same package to work in both squeak and Pharo, with use
>> > of installable entropy sources or the like. In order to get SqueakElib
>> > running in Pharo I need crypto and we may as well do it right.
>> >
>> > Cheers,
>> > Robert
>> >
>> >
>> > On 10/19/2015 02:28 PM, Ron Teitelbaum wrote:
>> >>
>> >> Hi Robert,
>> >>
>> >> You are already on the Cryptograph repo on SqueakSource.com as an
>> admin.
>> >> Please feel free to reorg if you like.
>> >>
>> >> Let me know if you have trouble resurrecting your account.
>> >>
>> >> All the best,
>> >>
>> >> Ron
>> >>
>> >>> -----Original Message-----
>> >>> From: squeak-dev-bounces at lists.squeakfoundation.org
>> >>> [mailto:squeak-dev- bounces at lists.squeakfoundation.org] On Behalf Of
>> >>> Robert Withers
>> >>> Sent: Monday, October 19, 2015 1:53 PM
>> >>> To: squeak-dev at lists.squeakfoundation.org
>> >>> Subject: Re: [squeak-dev] [Pharo-dev] [Cryptography port to Pharo]
>> >>> RandomGenerator class>>unpredictableStringsDo:
>> >>>
>> >>> This is great guys. Is there a way to get this from the image? Good
>> >>> to get
>> >>
>> >> it
>> >>>
>> >>> with an FFI/OSProcess call or something.
>> >>>
>> >>> Thank you,
>> >>> Robert
>> >>>
>> >>> On 10/19/2015 08:58 AM, Louis LaBrunda wrote:
>> >>>>
>> >>>> Hi Guys,
>> >>>>
>> >>>> How about getting the CPU temperature.  I think most CPUs support
>> >>>> "Digital Thermal Sensor" (I'm not sure about ARM).  I think it is
>> >>>> seven bits.  The real range should be less than that but it may be
>> >>>> enough to help add some entropy.
>> >>>>
>> >>>> Lou
>> >>>>
>> >>>> On Mon, 19 Oct 2015 07:39:19 -0400, Robert Withers
>> >>>> <robert.w.withers at gmail.com> wrote:
>> >>>>
>> >>>>> Hi Ron , nice to see you too! It has been a number of years, hasn't it?
>> >>>>> Crypto is timestamped back in 2010, so there is is. I hope these
>> >>>>> have been kind years to you, as they have for me.
>> >>>>>
>> >>>>> I love the idea of optional sources of entropy, depending on the
>> >>>>> deployed capabilities. So there are our mouse points and such,
>> >>>>> because they ought to be optional.
>> >>>>>
>> >>>>> What are some reliably present sources in the most minimal
>> situation?
>> >>>>> If we could define minimal as an image with no image level I/O
>> >>>>> beyond file I/O, I would think we'd have: Kernel, System,
>> >>>>> Collections, Compiler and FFI. Some intransitives in that scope
>> >>>>> for entropy would be
>> >>>
>> >>> grand.
>> >>>>>
>> >>>>>
>> >>>>> I was thinking to take 5 millisecondClockValues, separated by 4
>> >>>>> non-secure random intervals: take the low order byte of the 4
>> >>>>> intervals and reverse & concat them, as a entropic source.
>> >>>>>
>> >>>>> I can coordinate these changes. Ron, could you add me to the
>> >>>>> Cryptography team so I can upload the Pharo Cryptography
>> >>>
>> >>> #bleedingEdge?
>> >>>>>
>> >>>>>
>> >>>>> Thanks and I look forward to more, :)
>> >>>>>
>> >>>>> Robert
>> >>>>>
>> >>>>> On 10/18/2015 02:38 PM, Ron Teitelbaum wrote:
>> >>>>>>
>> >>>>>> Hi Robert,
>> >>>>>>
>> >>>>>> Nice to see you!
>> >>>>>>
>> >>>>>> Looks interesting I know that Chris did something gathering
>> >>>>>> sources of
>> >>>
>> >>> entropy.  Seems like the more the better.  Could you just make the
>> >>> entropy sources optional such that if they exist we use them?  I
>> >>> would have to go back and see what Chris did but he was following
>> >>> suggestions from Schneider in his secureRandom.
>> >>>>>>
>> >>>>>>
>> >>>>>> All the best,
>> >>>>>>
>> >>>>>> Ron Teitelbaum
>> >>>>>>
>> >>>>>>> -----Original Message-----
>> >>>>>>> From: Pharo-dev [mailto:pharo-dev-bounces at lists.pharo.org] On
>> >>>>>>> Behalf Of Robert Withers
>> >>>>>>> Sent: Sunday, October 18, 2015 5:00 AM
>> >>>>>>> To: The general-purpose Squeak developers list; Pharo
>> >>>>>>> Development List
>> >>>>>>> Subject: Re: [Pharo-dev] [Cryptography port to Pharo]
>> >>>>>>> RandomGenerator
>> >>>>>>> class>>unpredictableStringsDo:
>> >>>>>>>
>> >>>>>>> I'm sorry, I forgot the code. I list the existing method,
>> >>>>>>> followed by my modified Pharo method below. I welcome any
>> feedback.
>> >>>>>>>
>> >>>>>>> Regards,
>> >>>>>>> Robert
>> >>>>>>>
>> >>>>>>> ---
>> >>>>>>> Existing:
>> >>>>>>> unpredictableStringsDo: aBlock
>> >>>>>>>         "Enumerate sources of information from my environment
>> >>>>>>> that
>> >>>
>> >>> should
>> >>>>>>>
>> >>>>>>> be generally hard to guess."
>> >>>>>>>         | time |
>> >>>>>>>         time := Time millisecondsToRun:
>> >>>>>>>                 [ aBlock
>> >>>>>>>                         value: World imageForm bits
>> >>>>>>> compressToByteArray ;
>> >>>>>>>                         value: Sensor mousePoint x asString ;
>> >>>>>>>                         value: Sensor mousePoint y asString ;
>> >>>>>>>                         value: Time millisecondClockValue
>> >>>>>>> asByteArray ;
>> >>>>>>>                         value: Date today asString ;
>> >>>>>>>                         value: Time now asString ;
>> >>>>>>>                         value: Display extent asString.
>> >>>>>>>                 100 timesRepeat: [ aBlock value: UUID new ].
>> >>>>>>>                 #(vmVersion platformName primVmPath imageName
>> >>>
>> >>> platformSubtype
>> >>>>>>>
>> >>>>>>> datedVersion lastQuitLogPosition vmStatisticsReportString
>> >>>>>>> imageName)
>> >>>>>>> collect:
>> >>>>>>>                         [ : each |
>> >>>>>>>                         aBlock value: (SmalltalkImage current
>> >>>>>>> perform: each)
>> >>>
>> >>> asByteArray
>> >>>>>>>
>> >>>>>>> ] ].
>> >>>>>>>         aBlock
>> >>>>>>>                 value: time asByteArray;
>> >>>>>>>                 "maybe the pointer has moved, hit it again."
>> >>>>>>>                 value: Sensor mousePoint asString ;
>> >>>>>>>                 value: Time millisecondClockValue asByteArray
>> >>>>>>>
>> >>>>>>> ---
>> >>>>>>> Pharo port:
>> >>>>>>> unpredictableStringsDo: aBlock
>> >>>>>>>         "Enumerate sources of information from my environment
>> >>>>>>> that
>> >>>
>> >>> should
>> >>>>>>>
>> >>>>>>> be generally hard to guess."
>> >>>>>>>
>> >>>>>>>         | time |
>> >>>>>>>         time := Time millisecondsToRun:
>> >>>>>>>                 [ aBlock
>> >>>>>>>                         value: Time millisecondClockValue
>> >>>>>>> asByteArray ;
>> >>>>>>>                         value: Date today asString ;
>> >>>>>>>                         value: Time now asString.
>> >>>>>>>                 100 timesRepeat: [ aBlock value: UUID new ].
>> >>>>>>>                 #(version primImagePath imagePath datedVersion
>> >>>>>>> lastQuitLogPosition)
>> >>>>>>> collect:
>> >>>>>>>                         [ : each |
>> >>>>>>>                         aBlock value: (SmalltalkImage current
>> >>>>>>> perform: each)
>> >>>
>> >>> asByteArray
>> >>>>>>>
>> >>>>>>> ] ].
>> >>>>>>>         aBlock
>> >>>>>>>                 value: time asByteArray;
>> >>>>>>>                 value: Time millisecondClockValue asByteArray
>> >>>>>>>
>> >>>>>>>
>> >>>>>>> On 10/18/2015 04:23 AM, Robert Withers wrote:
>> >>>>>>>>
>> >>>>>>>> This is a message intended for anyone who was on the
>> >>>>>>>> Cryptography
>> >>>
>> >>> team.
>> >>>>>>>>
>> >>>>>>>> I recently ported it to Pharo and had to make changes to
>> >>>>>>>
>> >>>>>>> RandomGenerator
>> >>>>>>>>
>> >>>>>>>> class>>unpredictableStringsDo:. This certainly removed some
>> >>>>>>>> class>>uncertainty
>> >>>>>>>> from the results of this message. My question is what should I
>> >>>>>>>> do about that? This method seems to require non-headless, as it
>> >>>>>>>> is checking the mouse point and such. This being a crypto
>> >>>>>>>> cornerstone, what the best answer here.
>> >>>>>>>>
>> >>>>>>>> Thank you,
>> >>>>>>>> Robert
>> >>>>>>
>> >>>>>>
>> >>>>>>
>> >>>>>>
>> >>>>>
>> >>>> -----------------------------------------------------------
>> >>>> Louis LaBrunda
>> >>>> Keystone Software Corp.
>> >>>> SkypeMe callto://PhotonDemon
>> >>>> mailto:Lou at Keystone-Software.com http://www.Keystone-
>> Software.com
>> >>>>
>> >>>>
>> >>
>> >>
>> >>
>> >
>
>