cypherpunks-legacy
Threads by month
- ----- 2026 -----
- July
- June
- May
- April
- March
- February
- January
- ----- 2025 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2007 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2006 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2005 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2004 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2003 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2002 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2001 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2000 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1999 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1998 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1997 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1996 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1995 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1994 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1993 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 1992 -----
- December
- November
- October
- September
- 130025 discussions
-----BEGIN PGP SIGNED MESSAGE-----
Where can I get this software? Looks kinda cool. BTW... I like the
idea of spurring on some pgp usage. It's a good idea. I would not
object to having to sign messages.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBLtwEkqZRyOzqm29xAQEoKgQAywzBTW92lYiDEFQPVfmWxHg3hYnKDN70
c3gRSNjqO6VcJguXhVBHHjA3/ZBpWybys9deML/2FONUwrm50+MKotifo+7wpKnk
E6LIrnuzuJdmlMTACR6Qx3FXVpnuQmuDz2jRybxDST+Iob5jItwt2SsZkSuFscDN
vdxQHa26VAs=
=BmiN
-----END PGP SIGNATURE-----
1
0
Having posted that massive spam asking Pr0duct Cypher for some information,
it occurs to me to ask if he has been heard from lately. Has anyone seen
anything from him lately?
--------------------------------------------------
Lance Cottrell who does not speak for CASS/UCSD
loki(a)nately.ucsd.edu
PGP 2.6 key available by finger or server. Encrypted mail welcome.
Home page http://nately.ucsd.edu/~loki/
Home of "chain" the remailer chaining script.
For anon remailer info, mail remailer(a)nately.ucsd.edu Subject: remailer-help
"Love is a snowmobile racing across the tundra. Suddenly
it flips over, pinning you underneath. At night the ice
weasels come."
--Nietzsche
1
0
-----BEGIN PGP SIGNED MESSAGE-----
===============================BEGIN SIGNED TEXT=============================
WHERE TO GET THE PRETTY GOOD PRIVACY PROGRAM (PGP)
(Last modified: 30 November 1994 by Mike Johnson)
WHAT IS THE LATEST VERSION?
|-----------------+---------------------+---------------------------------|
| Platform(s) | Latest Version | Distribution File Names |
|-----------------+---------------------+---------------------------------|
| DOS, Unix, | Viacrypt PGP 2.7 | disk sets |
| Mac, Windows, | | |
| or WinCIM/CSNav | | |
|-----------------+---------------------+---------------------------------|
| DOS, Unix, | MIT PGP 2.6.2 | pgp262.zip (DOS + docs) |
| others | | pgp262s.zip (source) |
| | | pg262s.zip source on CompuServe |
| | | pgp262.tar.gz (source) |
| | | pgp262.gz (same as above on DOS)|
| | | pgp262.tar.Z (source) |
| | | pgp262dc.zip (documentation) |
| | | pg262d.zip (docs on CompuServe) |
|-----------------+---------------------+---------------------------------|
| Macintosh | MIT PGP 2.6 | MacPGP2.6.sea.hqx (binary+docs) |
| | | macpgp26.hqx (same as above) |
| | | MacPGP2.6.src.sea.hqx (source) |
| | | macpgp26.src (same as above) |
| | | MacPGP2.6-68000.sea.hqx (binary)|
| | | mcpgp268.hqx (same as above) |
|-----------------+---------------------+---------------------------------|
| Mac Applescript | MacPGP 2.6ui v 1.2 | MacPGP-2.6ui-v1.2.sit.hqx |
| | | MacPGP2.6ui_V1.2_sources.cpt.hqx|
| | | MacPGP2.6uiV1.2en.cpt.hqx |
| | | MacPGP2.6uiV1.2src.cpt.hqx |
| | | MacPGP2.6uiV1.2.68000.hqx |
|-----------------+---------------------+---------------------------------|
| Amiga | PGP 2.6.2 Amiga 1.4 | pgp262-a14-000.lha |
| | | pgp262-a14-020.lha |
| | | pgp262-a14-src.lha |
|-----------------+---------------------+---------------------------------|
| Atari | Atari PGP 2.6ui | pgp26uib.lzh (binary, docs) |
| | | pgp26uis.lzh |
|-----------------+---------------------+---------------------------------|
| Archimedes | Archimedes 2.3a | ArcPGP23a |
|-----------------+---------------------+---------------------------------|
| Non-USA version | PGP 2.6.i from | pgp26i.zip |
| to avoid RSAREF | Stale Schumacher | pgp26is.zip |
| license. | | pgp26is.tar.gz |
|_________________|_____________________|_________________________________|
WHERE CAN I GET THE PGP VERSION DIRECTLY FROM PHILIP ZIMMERMANN?
This is the MIT version. For several good reasons, Phil is releasing the
main line freeware PGP through MIT, at net-dist.mit.edu. See a list of sites
that also carry this version, below, or use this WWW URL:
http://web.mit.edu/network/pgp-form.html
WHAT IS PGP 2.6.i?
Stale Schumacher <staalesc(a)ifi.uio.no> released an international version of
PGP built the "right way." By "right way," I mean that it uses the latest
MIT code, but uses a different rsaglue.c to use the mpilib instead of RSAREF
for RSA calculations, thus including all the latest bug fixes and features in
the main freeware PGP code line, but frees non-USA persons from the
limitations of the RSAREF license. This release has been as strongly
endorsed by Philip Zimmermann as he can do without incriminating himself.
Naturally, by not using the RSAREF code for RSA calculations, this version is
not legal for use in the USA (other than limited research, etc.), but is fine
anywhere else (like Canada) were RSA patents don't hold.
Note that the latest version of Stale Schumacher's PGP is 2.6.i, 2.6i
(without the second .) was a beta test version that has been superceded.
WHAT IS PGP 2.6ui?
The "unofficial international" versions are really just PGP 2.3a, modified
just enough to make it compatible with MIT PGP 2.6, but do not include all of
the fixes in MIT PGP 2.6 and MIT PGP 2.6.1. They have a "ui" somewhere in
their file names. I recommend the use of the "ui" versions only if you are
using a platform for which there is no Viacrypt or MIT PGP that works
properly. For a version that doesn't use RSAREF, PGP 2.6.i from Stale
Schumacher is a better choice, because it is more up-to-date.
WHERE CAN I GET VIACRYPT PGP?
If you are a commercial user of PGP in the USA or Canada, contact Viacrypt in
Phoenix, Arizona, USA. The commecial version of PGP is fully licensed to use
the patented RSA and IDEA encryption algorithms in commercial applications,
and may be used in corporate and government environments in the USA and
Canada. It is fully compatible with, functionally the same as, and just as
strong as the freeware version of PGP. Due to limitations on ViaCrypt's RSA
distribution license, ViaCrypt only distributes executable code and
documentation for it, but they are working on making PGP available for a
variety of platforms. Call or write to them for the latest information. The
latest version number for Viacrypt PGP is 2.7.
Here is a brief summary of Viacrypt's currently-available products:
1. ViaCrypt PGP for MS-DOS. Prices start at $99.98
2. ViaCrypt PGP for UNIX. Includes executables for the following
platforms:
SunOS 4.1.x (SPARC)
IBM RS/6000 AIX
HP 9000 Series 700/800 UX
SCO 386/486 UNIX
SGI IRIX
AViiON DG-UX(88/OPEN)
Prices start at $149.98
Executables for the following additional platforms are
available upon request for an additional $30.00 charge.
BSD 386
Ultrix MIPS DECstation 4.x
3. ViaCrypt PGP for WinCIM/CSNav. A special package for users of
CompuServe. Prices start at $119.98
Please contact ViaCrypt for quantity discount pricing.
Orders may be placed by calling 800-536-2664 during the hours of 8:30am to
5:00pm MST, Monday - Friday. They accept VISA, MasterCard, AMEX and Discover
credit cards.
If you have further questions, please feel free to contact:
Paul E. Uhlhorn
Director of Marketing, ViaCrypt Products
Mail: 9033 N. 24th Avenue
Suite 7
Phoenix AZ 85021-2847
Phone: (602) 944-0773
Fax: (602) 943-2601
Internet: viacrypt(a)acm.org
Compuserve: 70304.41
WHERE CAN I GET THE FREEWARE PGP?
These listings are subject to change without notice. If you find that PGP has
been removed from any of these sites, please let me know so that I can update
this list. Likewise, if you find PGP on a good site elsewhere (especially on
any BBS that allows first time callers to access PGP for free), please let me
know so that I can update this list. Because this list changes frequently, I
have not attempted to keep it complete, but there should be enough pointers
to let you easily find PGP.
There are several ways to get the freeware PGP: ftp, WWW, BBS, CompuServe,
email ftp server, and sneakernet (ask a friend for a copy). Just don't ask
Philip Zimmermann directly for a copy.
FTP SITES IN NORTH AMERICA
There are some wierd hoops to jump through, thanks to the U. S. Department of
State and the ITAR, at many of these sites.
Telnet to net-dist.mit.edu, log in as getpgp, answer the questions, then ftp
to net-dist.mit.edu and change to the hidden directory named in the telnet
session to get your own copy.
MIT-PGP is for U. S. and Canadian use only, but MIT is only distributing it
within the USA (due to some archaic export control laws).
1. Read ftp://net-dist.mit.edu/pub/PGP/mitlicen.txt and agree to it.
2. Read ftp://net-dist.mit.edu/pub/PGP/rsalicen.txt and agree to it.
3. Telnet to net-dist.mit.edu and log in as getpgp.
4. Answer the questions and write down the directory name listed.
5. QUICKLY end the telnet session with ^C and ftp to the indicated directory
on net-dist.mit.edu (something like /pub/PGP/dist/U.S.-only-????) and get
the distribution files (see the above chart for names).
If the hidden directory name is invalid, start over at step 3, above.
You can also get PGP from:
ftp.csn.net/mpj
ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/pgp/
See ftp://ftp.csn.net/mpj/README.MPJ for the ???????
See ftp://ftp.csn.net/mpj/help for more help on negotiating this site's
export control methods (open to USA and Canada).
ftp.netcom.com/pub/mp/mpj
ftp://ftp.netcom.com/mp/mpj/I_will_not_export/crypto_???????/pgp/
See ftp://ftp.netcom.com/pub/mp/mpj/README.MPJ for the ???????
See ftp://ftp.netcom.com/pub/mp/mpj/help for more help on negotiating this
site's export control methods.
TO GET THESE FILES BY EMAIL, send mail to ftp-request(a)netcom.com
containing the word HELP in the body of the message for instructions.
You will have to work quickly to get README.MPJ then the files before
the ??????? part of the path name changes again (several times a day).
ftp.eff.org
Follow the instructions found in README.Dist that you get from one of:
ftp://ftp.eff.org/pub/Net_info/Tools/Crypto/README.Dist
gopher.eff.org, 1/Net_info/Tools/Crypto
gopher://gopher.eff.org/11/Net_info/Tools/Crypto
http://www.eff.org/pub/Net_info/Tools/Crypto/
ftp.csua.berkeley.edu (for U. S. or Canadian users)
/pub/cypherpunks/pgp/
ftp.wimsey.bc.ca
/pub/crypto/software/dist/US_or_Canada_only_XXXXXXX/PGP
(U. S. and Canadian users only)
See /pub/crypto/software/README for the characters for XXXXXXXX
This site has all public releases of the freeware PGP.
WORLD WIDE WEB ACCESS
http://web.mit.edu/network/pgp-form.html
http://www.ifi.uio.no/~staalesc/PGPVersions.html
http://www.mantis.co.uk/pgp/pgp.html
http://rschp2.anu.edu.au:8080/crypt.html
http://www.eff.org/pub/Net_info/Tools/Crypto/
http://community.net/community/all/home/solano/sbaldwin
COMPUSERVE
The NCSA Forum sysops have a library (Library 12: Export Controlled) that is
available only to people who send them a message asserting that they are
within the U. S. A. This library contains PGP. I have also seen PGP in some
other places on Compuserve. Try searching for PGP262.ZIP in the IBMFF forum
for up-to-date information on PGP in selected other areas. The last time I
tried a search like this, PGP was found in the PC World Online forum (GO
PWOFORUM) new uploads area, along with several PGP shells and accessories.
I've also heard that EUROFORUM carries PGP, but have not confirmed this.
Compuserve file names are even more limited than DOS (6.3 instead of the
already lame 8.3), so the file names to look for are PGP262.ZIP, PG262S.ZIP
(source code), PGP262.GZ (Unix source code) and PG262D.ZIP (documentation
only).
BULLETIN BOARD SYSTEMS
Colorado Catacombs BBS
Mike Johnson, sysop
Mac and DOS versions of PGP, PGP shells, and some other crypto stuff.
Also the home of some good Bible search files and some shareware written
by Mike Johnson, including ATBASH, DLOCK, CRYPTA, CRYPTE, CRYPTMPJ, MCP,
MDIR, DELETE, PROVERB, SPLIT, ONEPAD, QUICRYPT, etc.
v.FAST/v.32bis/v.42bis, speeds up to 28,800 bps
8 data bits, 1 stop, no parity, as fast as your modem will go.
Use ANSI terminal emulation, of if you can't, try VT-100.
Free access to PGP. If busy or no answer, try again later.
Log in with your own name, or if someone else already used that, try
a variation on your name or pseudonym. You can request access to
crypto software on line, and if you qualify legally under the ITAR,
you can download on the first call.
For free access: log in with your own name, answer the questions, then
select [Q]uestionaire 3 from the [M]ain menu.
(303) 772-1062 Longmont, Colorado number - 2 lines.
(303) 938-9654 Boulder, Colorado number forwarded to Longmont number
intended for use by people in the Denver, Colorado area.
The Freedom Files BBS, DeLand Florida, USA 904-738-2691
Exec-Net, New York, NY, USA (Host BBS for the ILink net) 914-667-4567
The Ferret BBS (North Little Rock, Arkansas)
(501) 791-0124 also (501) 791-0125
Special PGP users account:
login name: PGP USER
password: PGP
This information from: Jim Wenzel <jim.wenzel(a)grapevine.lrk.ar.us>
CVRC BBS 317-791-9617
CyberGold BBS 601-582-5748
Self-Governor Information Resource, 915-587-7888, El Paso, Texas, USA
In the UK, try 01273-688888
Other BBS -- check your local BBS. Chances are good that it has any release
that is at least a month old if it has much of a file area at all.
OTHER FTP SITES
ftp.informatik.uni-hamburg.de
/pub/virus/crypt/pgp
This site has most, if not all, of the current PGP files.
ftp.ox.ac.uk (163.1.2.4)
ftp.netcom.com
/pub/dc/dcosenza -- Some crypto stuff, sometimes includes PGP.
/pub/gb/gbe/pgpfaq.asc -- frequently asked questions answered.
/pub/qw/qwerty -- How to MacPGP Guide, largest steganography ftp site as
well. PGP FAQ, crypto FAQ, US Crypto Policy FAQ,
Steganograpy software list. MacUtilites for use with
MacPGP. Stealth1.1 + other steganography programs.
Send mail to ftp-request(a)netcom.com with "HELP" in the
body of the message if you don't have ftp access.
ftp.ee.und.ac.za
/pub/crypto/pgp
ftp.csua.berkeley.edu
/pub/cypherpunks/pgp (DOS, MAC)
ftp.demon.co.uk
/pub/amiga/pgp
/pub/archimedes
/pub/pgp
/pub/mac/MacPGP
ftp.informatik.tu-muenchen.de
ftp.funet.fi
ftp.dsi.unimi.it
/pub/security/crypt/PGP
ftp.tu-clausthal.de (139.174.2.10) (Atari ST/E,TT,Falcon)
/pub/atari/misc/pgp/pgp26uib.lzh (2.6ui ttp, 2.3a docs)
/pub/atari/misc/pgp/pgp26uis.lzh (2.6ui sources)
/pub/atari/misc/pgp/pgp26ui.diffs (Atari diffs for 2.6 sources)
wuarchive.wustl.edu
/pub/aminet/util/crypt
src.doc.ic.ac.uk (Amiga)
/aminet
/amiga-boing
ftp.informatik.tu-muenchen.de
/pub/comp/os/os2/crypt/pgp23os2A.zip (OS/2)
iswuarchive.wustl.edu
pub/aminet/util/crypt (Amiga)
nic.funet.fi (128.214.6.100)
/pub/crypt
ftp.uni-kl.de (131.246.9.95)
/pub/aminet/util/crypt
qiclab.scn.rain.com (147.28.0.97)
pc.usl.edu (130.70.40.3)
leif.thep.lu.se (130.235.92.55)
goya.dit.upm.es (138.4.2.2)
tupac-amaru.informatik.rwth-aachen.de (137.226.112.31)
ftp.etsu.edu (192.43.199.20)
princeton.edu (128.112.228.1)
pencil.cs.missouri.edu (128.206.100.207)
ftp.csua.berkeley.edu
kauri.vuw.ac.nz
nctuccca.edu.tw
/PC/wuarchive/pgp/
ftp.fu-berlin.de:/mac/sys/init/MacPGP2.6uiV1.2en.cpt.hqx.gz
Also, try an archie search for PGP using the command:
archie -s pgp262 (DOS & Unix Versions)
archie -s pgp2.6 (MAC Versions)
FTPMAIL
For those individuals who do not have access to FTP, but do have access
to e-mail, you can get FTP files mailed to you. For information on
this service, send a message saying "Help" to ftpmail(a)decwrl.dec.com.
You will be sent an instruction sheet on how to use the ftpmail
service. It works with messages something like this:
> To: ftpmail(a)decwrl.dec.com
> Subject: Ftpmail request
> Connect ftp.csua.berkeley.edu
> chdir pub/cypherpunks/pgp/pgp262
> uuencode
> get pgp262.zip
> quit
Another e-mail service is from nic.funet.fi. Send the following mail message
to mailserv(a)nic.funet.fi:
ENCODER uuencode
SEND pub/crypt/pgp23srcA.zip
SEND pub/crypt/pgp23A.zip
This will deposit the two zipfiles, as 15 batched messages, in your mailbox
with about 24 hours. Save and uudecode.
For the ftp sites on netcom, send mail to ftp-request(a)netcom.com containing
the word HELP in the body of the message.
To get pgp 2.6.i by email:
Send a message to hypnotech-request(a)ifi.uio.no with your request in the
Subject: field.
Subject What you will get
GET pgp26i.zip MS-DOS executable (uuencoded)
GET pgp26is.zip MS-DOS source code (uuencoded)
GET pgp26is.tar.gz UNIX source code (uuencoded)
For FAQ information, send e-mail to mail-server(a)rtfm.mit.edu with
send usenet/news.answers/ftp-list/faq
in the body of the message.
IS MY COPY OF PGP GOOD?
If you find a version of the PGP package that does not include the PGP User's
Guide, something is wrong. The manual should always be included in the
package. PGP should be signed by one of the developers (Philip Zimmermann,
Jeff Schiller, Viacrypt, Stale Schumacher, etc.). If it isn't, the package
is suspect and should not be used or distributed. The site you found it on
should remove it so that it does no further harm to others. To be really
sure, you should get PGP directly from MIT or check the signatures with a
version of PGP that you trust. The copies of PGP on ftp.csn.net/mpj,
ftp.netcom.com/pub/mp/mpj, and the Colorado Catacombs BBS are direct copies
of the ones on MIT, except that the ones on the BBS include a BBS
advertisement (automatically added by the system when it virus scans new
files) in the outer .zip files.
OTHER PGP DOCUMENTATION
PGP is rather counter-intuitive to a Mac user. Luckily, there's a
guide to using MacPGP in
ftp://ftp.netcom.com/pub/qw/qwerty/Here.is.How.to.MacPGP.
There is a Frequently Asked Questions document in
ftp://ftp.netcom.com/pub/gb/gbe/pgpfaq.asc
For more information on the "time bomb" in PGP, see
ftp://ftp.csn.net/mpj/pgpbomb.asc
More PGP details are at
http://www.pegasus.esprit.ec.org/people/arne/pgp.html
Windows shells documentation
http://www.LCS.com/winpgp.html
LANGUAGE MODULES
These are suitable for most PGP versions. I am not aware of any
export/import restrictions on these files.
German
* _UK:_ ftp://ftp.ox.ac.uk/src/security/pgp_german.txt
* _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp_german.txt
* _US:_ ftp://ftp.csn.net/mpj/public/pgp/PGP_german_docs.lha
Italian
* _IT:_
ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp-lang.italian.tar.gz
* _FI:_
ftp://ftp.funet.fi/pub/crypt/ghost.dsi.unimi.it/PGP/pgp-lang.italian.tar.gz
* _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp-lang.italian.tar.gz
Japanese
* _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp-msgs-japanese.tar.gz
Lithuanian
* _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp23ltk.zip
Russian
* _RU:_ ftp://ftp.kiae.su/unix/crypto/pgp/pgp26ru.zip (MIT version)
* _RU:_ ftp://ftp.kiae.su/unix/crypto/pgp/pgp26uir.zip (ui version)
* _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp26ru.zip
Spanish
* _IT:_
ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp-lang.spanish.tar.gz
* _FI:_
ftp://ftp.funet.fi/pub/crypt/ghost.dsi.unimi.it/pgp-lang.spanish.tar.gz
* _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp-lang.spanish.tar.gz
Swedish
* _UK:_ ftp://ftp.ox.ac.uk/src/security/pgp_swedish.txt
* _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp_swedish.txt
MAILINGLISTE FUER PGP UND VERWANDTES (PGP MAILING LIST IN GERMAN)
Die Listenadresse:
pgp-friends(a)fiction.pb.owl.de
Die *Request*adresse (fuer subscribe/unsubscribe und andere Administra-
tiva):
pgp-friends-request(a)fiction.pb.owl.de
WHAT IS ALL THIS NONSENSE ABOUT EXPORT CONTROLS?
For a detailed rant, get ftp://ftp.csn.net/mpj/cryptusa.zip
The practical meaning, until the law is corrected to make sense, is that you
are requested to get PGP from sites outside of the USA and Canada if you are
outside of the USA and Canada. If you are in France, I understand that you
aren't even supposed import it. Other countries may be worse. Make sure you
follow the laws of your own country. If you want to officially export PGP,
you may be able to get permission in limited cases and for a fee. Contact
the U. S. Department of State for information.
WHAT INTELLECTUAL PROPERTY RESTRICTIONS EXIST IN THE USA?
MIT PGP is only for personal, noncommercial use because of restrictions on
the licensing of both the RSA algorithm (attached to RSAREF) and the IDEA
algorithm. PKP/RSADSI insist that we use RSAREF instead of the mpi library
for reasons that make sense to them.
For commercial use, use Viacrypt PGP, which is fully licensed to use both the
RSA and IDEA algorithms in commercial and corporate environments (as well as
personal use, of course).
Another restriction is due to an exclusive marketing agreement between Philip
Zimmermann and Viacrypt that applies to the USA and Canada only. Viacrypt
has exclusive rights to market PGP commercialy in this area of the world.
This means that if you want to market PGP commercially in competition with
Viacrypt in the USA or Canada, you would have to create a new implementation
of the functions of PGP containing none of Philip Zimmermann's copyrighted
code. You are free to modify existing PGP code for your own use, as long as
you don't sell it. Phil would also appreciate your checking with him before
you distribute any modified versions of PGP as freeware.
"PGP", "Pretty Good Privacy" and "Phil's Pretty Good Software" are trademarks
owned by Philip Zimmermann. This means that if you modify an older version of
PGP that was issued under the copyleft license and distribute it without
Phil's permission, you have to call it something else. This avoids confusing
all of us and protects Phil's good name.
WHAT INTELLECTUAL PROPERTY RESTRICTIONS EXIST IN CANADA?
MIT PGP is only for noncommercial use because of restrictions on the
licensing of the IDEA algorithm. Because the RSA algorithm isn't patented in
Canada, you are free to use the mpi library instead of RSAREF, if you want
to, thus freeing yourself of the RSAREF license associated with the RSAREF
copyright, which is valid in Canada.
For commercial use, use Viacrypt PGP, which is fully licensed to use the IDEA
algorithm in commercial and corporate environments.
The exclusive marketing agreement with Viacrypt also applies in Canada. See
the section on USA intellectual property restrictions for more details.
WHAT INTELLECTUAL PROPERTY RESTRICTIONS EXIST OUTSIDE NORTH AMERICA?
MIT PGP is only for noncommercial in areas where there is a patent on
software implementations of the IDEA algorithm. Because the RSA algorithm
isn't patented outside of the USA, you are free to use the mpi library
instead of RSAREF, if you want to, thus freeing yourself of the RSAREF
license restrictions. The RSAREF copyright holds outside of the USA, even
though the RSA patent does not.
The IDEA conventional block cipher is covered by US Patent 5,214,703 and
European patent EP 0 482 154 B1. IDEA is a trademark of Ascom-Tech AG.
Commercial users of IDEA (including commercial use of PGP) may obtain
licensing details from Ph. Baumann, Ascom Tech Ltd., IDEA Lizenz, Postfach
151, CH-4502 Solothurn, Switzerland, Tel ++41 65 242828, Fax ++41 65 242847.
WHAT IS COMMERCIAL USE?
Use some common sense. If you are running a business and using PGP to
protect credit card numbers sent to you electronically, then you are using
PGP commercially. Your customers, however, need not buy the commercial
version of PGP just to buy something from you, if that is the only commercial
use they make of PGP (since they are spending, not making, money with PGP).
If you are just encrypting love letters or other personal mail (for which you
don't get paid) on your own personal computer, that is not commercial. If
you are encrypting official business mail on your for-profit corporation's
computer with PGP, that is commercial use.
Note that there are some gray areas not covered above, and the patent owners
of RSA and IDEA may differ from my interpretation in the areas not covered
above, so if you are in doubt, you should consider the licensing of Viacrypt
PGP (or outside of North America, direct licensing of IDEA) to be cheap legal
insurance. Indeed, the license fee is probably a lot cheaper than a legal
opinion from a lawyer qualified to make such a judgement. Note that I am not
a lawyer and the above is not legal advise. Use it at your own risk.
WHAT IS THE "TIME BOMB" IN MIT PGP 2.6?
There was a version byte change in MIT PGP 2.6 as of 1 September 1994. See
ftp://ftp.csn.net/mpj/pgpbomb.asc for details.
ARE MY KEYS COMPATIBLE WITH THE OTHER PGP VERSIONS?
If your RSA key modulus length is less than or equal to 1024 bits (I don't
recommend less, unless you have a really slow computer and little patience),
and if your key was generated in the PKCS format, then it will work with any
of the current PGP versions (MIT PGP 2.6, PGP 2.6ui, or Viacrypt PGP 2.7). If
this is not the case, you really should generate a new key that qualifies.
MIT PGP 2.6.2 should be able to use 2048 bit keys. Generation of 2048 bit
keys is supposed to automatically be enabled in PGP 2.6.2 in December, 1994.
By then, hopefully, most people will have had a chance to upgrade to a
version of PGP that can use them, so longer keys won't be a big problem. On
the other hand, 1024 bit keys are probably beyond the reach of most criminals
and spies to break, anyway.
MORE WORLD WIDE WEB URLs
http://draco.centerline.com:8080/~franl/pgp/pgp-mac-faq-hinely.html
http://draco.centerline.com:8080/~franl/pgp/pgp.html
http://draco.centerline.com:8080/~franl/crypto/cryptography.html
http://www.pegasus.esprit.ec.org/people/arne/pgp.html
http://rschp2.anu.edu.au:8080/crypt.html
http://ibd.ar.com/PublicKeys.html
http://www.ifi.uio.no/~staalesc/PGPversions.html
WINDOWS SHELLS
Several shells for running PGP with Microsoft Windows are available at the
same places PGP can be found.
MACPGP KIT
The MacPGP kit is a user interface for the Mac version of PGP.
See ftp://ftp.netcom.com/pub/qw/qwerty
ftp://duke.bwh.harvard.edu:/pub/adam/mcip/MacPGP_icons.sit.hqx
ftp://duke.bwh.harvard.edu:/pub/adam/mcip/MacPGPkit.hqx
ftp://duke.bwh.harvard.edu:/pub/adam/mcip/MacPGPkitSources.sit.hqx
BUGS
See the documentation that comes with PGP in the latest versions for bugs in
the older versions.
The latest versions of PGP may not fully wipe all traces of plain text from a
file when given the -w option.
For more information, see http://www.mit.edu:8001/people/warlord/pgp-faq.html
BETSI - BELLCORE'S TRUSTED SOFTWARE INTEGRITY SYSTEM
For information on this service, send mail to certify(a)bellcore.com with the
subject help, or check http://info.bellcore.com/BETSI/betsi.html
HOW DO I PUBLISH MY PGP PUBLIC KEY?
There are lots of ways. One way is to use a key server. Send mail to one of
these addresses with the single word "help" in the subject line to find out
how to use a key server.
pgp-public-keys(a)pgp.iastate.edu
public-key-server(a)pgp.ai.mit.edu
pgp-public-keys(a)cs.tamu.edu
pgp-public-keys(a)chao.sw.oz.au
pgp-public-keys(a)jpunix.com
pgp-public-keys(a)dsi.unimi.it
pgp-public-keys(a)kiae.su
pgp-public-keys(a)fbihh.informatik.uni-hamburg.de
There is also an experimental public key server at
http://ibd.ar.com/PublicKeys.html
Another way is to upload it to the PGP public keys area of the Colorado
Catacombs BBS (303-772-1062). Another way is to just send it to your
correspondents. You could add it to your .plan file so that finger returns
your key. You could add it to some of your postings. No matter which way you
do it, you should have your key signed by someone who verifies that your key
belongs to you, so that you don't have someone else generating a key that has
your name on it, but that isn't yours.
Here is my public key:
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.7
mQCNAi4PT2QAAAEEAPPCZnrshEJ9PSnV+mXEwjM4kzJF0kyg2MnLMzo83vWI40ei
jogncqdkXT0c2TQWg+Bsu9ckFoXdId0utumYv0aqd8yI/oU/DwJ1zJrqRL2PFbxe
ZLofHoKFjvq1TiNiJq9ps3jW6iYS4IU1SzyKhjmyE+K0+WyrPPX0zg8FAL9FAAUR
tCdNaWNoYWVsIFBhdWwgSm9obnNvbiA8bXBqQGNzbi5vcmc+IG1wajiJAJUCBRAu
G3chZXmEuMepZt0BAZtAA/0Rw5mintlUDgHycNbeoyIiMHoLu8jWaCSaiGSt+dDU
1A/bUCo+gorv5TYxOClRf3XHjD6zSooWyUz3ehotrzPYLunhVOE2YBxPU+OvKFOc
37mcZrnXGBlF5NblnSYxp0186tGaTm7WMWx7NDlHT4GvhzHJQSOoo48ykDkKm/mk
LIkAlQIFEC4PWbs/ZwY8hTPrxQEBKyMD/A7kv91C1ZZIRtkbC9k9lsWOgOnO8wG8
bGMajaco465Z5llWD+Y8QCMdSWcowtOBGfW0Wv1bZ1uebeCpg1L66pJ7C+BOExrk
gPqRVCstLLiVerKGeSOZo3yXtxYKYX7mHQPrHp98ef7fUG4IiKS+S+znmGxpJwrV
sHZRlhJ3hXUsiQCVAgUQLg9ZefX0zg8FAL9FAQFBTAQAh4u4Vun7WhPuL6fsXiXm
paaGfeLtd3biRj/aOMAG1eHuhVdWejx71ormyKTdNB2YV56bpsE3JQ/KhBuYDo0N
SkRnqeM2S+Ef7aZEg6Q44uXG52pqCZUldtCeYfOs3aLCR9SMlc6Y3zmpSwB1wKP0
5+tN9zruNYVKKBLWEIFAY7W0K01pY2hhZWwgUGF1bCBKb2huc29uIDxtLnAuam9o
bnNvbkBpZWVlLm9yZz60IE1pY2hhZWwgSm9obnNvbiA8bXBqQG5ldGNvbS5jb20+
tChNaWtlIEpvaG5zb24gPDcxMzMxLjIzMzJAY29tcHVzZXJ2ZS5jb20+tCtNaWNo
YWVsIFAuIEpvaG5zb24gPG1wam9obnNvQG55eC5jcy5kdS5lZHU+tC1EbyBub3Qg
dXNlIGZvciBlbmNyeXB0aW9uIGFmdGVyIDI3IEp1bmUgMTk5Ni4=
=rR4q
- -----END PGP PUBLIC KEY BLOCK-----
Permission is granted to distribute unmodified copies of this FAQ.
To get the latest version of this FAQ, get
ftp://ftp.netcom.com/pub/mp/mpj/getpgp.asc or send mail to
ftp-request(a)netcom.com with the line
SEND mpj/getpgp.asc
in the body of the message.
There are many other frequently asked questions. Most of them are covered in
the documentation that comes with PGP, and the few that aren't are addressed
in documents referenced above.
___________________________________________________________
|\ /| | | |
| \/ |o| | Michael Paul Johnson Colorado Catacombs BBS 303-772-1062 |
| | | / _ | mpj(a)csn.org aka mpj(a)netcom.com m.p.johnson(a)ieee.org |
| |||/ /_\ | ftp://ftp.csn.net/mpj/README.MPJ CIS: 71331,2332 |
| |||\ ( | ftp://ftp.netcom.com/pub/mp/mpj/README -. --- ----- ....|
| ||| \ \_/ |___________________________________________________________|
-----BEGIN PGP SIGNATURE-----
Version: 2.7
iQCVAgUBLtyzP/X0zg8FAL9FAQFUBAP7BGgnO/ceShksSff/iZ95K2rPgMWBXQ0n
fqryrVHVhZJZ+ITQYYnPCfXEFQd5xhRmTE0MGv0ZB/lt5w5tCXr+R3hlJJ4Be/XV
YdzJlmojYqKK5mixuKkMp19z7eAXWqSGVGCJuuKppJDVeNG3XNHG0Bc/ZFADFMGM
qRuGUZNXUVg=
=2gyb
-----END PGP SIGNATURE-----
1
0
-----BEGIN PGP SIGNED MESSAGE-----
===============================BEGIN SIGNED TEXT=============================
WHERE TO GET THE PRETTY GOOD PRIVACY PROGRAM (PGP) -- ABRIDGED VERSION
(Last modified: 30 November 1994 by Mike Johnson)
WHAT IS THE LATEST VERSION?
|-----------------+---------------------+---------------------------------|
| Platform(s) | Latest Version | Distribution File Names |
|-----------------+---------------------+---------------------------------|
| DOS, Unix, | Viacrypt PGP 2.7 | disk sets |
| Mac, Windows, | | |
| or WinCIM/CSNav | | |
|-----------------+---------------------+---------------------------------|
| DOS, Unix, | MIT PGP 2.6.2 | pgp262.zip (DOS + docs) |
| others | | pgp262s.zip (source) |
| | | pg262s.zip source on CompuServe |
| | | pgp262.tar.gz (source) |
| | | pgp262.gz (same as above on DOS)|
| | | pgp262.tar.Z (source) |
| | | pgp262dc.zip (documentation) |
| | | pg262d.zip (docs on CompuServe) |
|-----------------+---------------------+---------------------------------|
| Macintosh | MIT PGP 2.6 | MacPGP2.6.sea.hqx (binary+docs) |
| | | macpgp26.hqx (same as above) |
| | | MacPGP2.6.src.sea.hqx (source) |
| | | macpgp26.src (same as above) |
| | | MacPGP2.6-68000.sea.hqx (binary)|
| | | mcpgp268.hqx (same as above) |
|-----------------+---------------------+---------------------------------|
| Amiga | PGP 2.6.2 Amiga 1.4 | pgp262-a14-000.lha |
| | | pgp262-a14-020.lha |
| | | pgp262-a14-src.lha |
|-----------------+---------------------+---------------------------------|
| Non-USA version | PGP 2.6.i from | pgp26i.zip |
| to avoid RSAREF | Stale Schumacher | pgp26is.zip |
| license. | | pgp26is.tar.gz |
|_________________|_____________________|_________________________________|
WHERE CAN I GET VIACRYPT PGP?
If you are a commercial user of PGP in the USA or Canada, contact Viacrypt in
Phoenix, Arizona, USA. The commecial version of PGP is fully licensed to use
the patented RSA and IDEA encryption algorithms in commercial applications,
and may be used in corporate and government environments in the USA and
Canada. It is fully compatible with, functionally the same as, and just as
strong as the freeware version of PGP.
Orders may be placed by calling 800-536-2664 during the hours of 8:30am to
5:00pm MST, Monday - Friday. They accept VISA, MasterCard, AMEX and Discover
credit cards.
If you have further questions, please feel free to contact viacrypt(a)acm.org.
WHERE CAN I GET THE FREEWARE PGP?
There are several ways to get the freeware PGP: ftp, WWW, BBS, CompuServe,
email ftp server, and sneakernet (ask a friend for a copy). Just don't ask
Philip Zimmermann directly for a copy.
FTP SITES IN NORTH AMERICA
Telnet to net-dist.mit.edu, log in as getpgp, answer the questions, then ftp
to net-dist.mit.edu and change to the hidden directory named in the telnet
session to get your own copy.
MIT-PGP is for U. S. and Canadian use only, but MIT is only distributing it
within the USA (due to some archaic export control laws).
1. Read ftp://net-dist.mit.edu/pub/PGP/mitlicen.txt and agree to it.
2. Read ftp://net-dist.mit.edu/pub/PGP/rsalicen.txt and agree to it.
3. Telnet to net-dist.mit.edu and log in as getpgp.
4. Answer the questions and write down the directory name listed.
5. QUICKLY end the telnet session with ^C and ftp to the indicated directory
on net-dist.mit.edu (something like /pub/PGP/dist/U.S.-only-????) and get
the distribution files (see the above chart for names).
If the hidden directory name is invalid, start over at step 3, above.
You can also get PGP from:
ftp.csn.net/mpj
ftp://ftp.csn.net/mpj/I_will_not_export/crypto_???????/pgp/
See ftp://ftp.csn.net/mpj/README.MPJ for the ???????
ftp.csua.berkeley.edu (for U. S. or Canadian users)
/pub/cypherpunks/pgp/
ftp.wimsey.bc.ca
/pub/crypto/software/dist/US_or_Canada_only_XXXXXXX/PGP
(U. S. and Canadian users only)
See /pub/crypto/software/README for the characters for XXXXXXXX
WORLD WIDE WEB ACCESS
http://web.mit.edu/network/pgp-form.html
http://www.ifi.uio.no/~staalesc/PGPVersions.html
COMPUSERVE
GO NCSAFORUM, see library 12. Read the instructions there for access.
BULLETIN BOARD SYSTEMS
Colorado Catacombs BBS, Longmont, Colorado, USA (303) 772-1062
The Freedom Files BBS, DeLand Florida, USA 904-738-2691
Exec-Net, New York, NY, USA (Host BBS for the ILink net) 914-667-4567
The Ferret BBS (North Little Rock, Arkansas)
(501) 791-0124 also (501) 791-0125
Special PGP users account:
login name: PGP USER
password: PGP
CVRC BBS 317-791-9617
CyberGold BBS 601-582-5748
Self-Governor Information Resource, El Paso, Texas, USA, 915-587-7888
In the UK, try 01273-688888
OTHER FTP SITES
ftp.informatik.uni-hamburg.de
/pub/virus/crypt/pgp
ftp.netcom.com
/pub/dc/dcosenza -- Some crypto stuff, sometimes includes PGP.
/pub/gb/gbe/pgpfaq.asc -- frequently asked questions answered.
/pub/qw/qwerty -- How to MacPGP Guide, largest steganography ftp site as
well. PGP FAQ, crypto FAQ, US Crypto Policy FAQ,
Steganograpy software list. MacUtilites for use with
MacPGP. Stealth1.1 + other steganography programs.
ftp.csua.berkeley.edu
/pub/cypherpunks/pgp
Also, try an archie search.
FTPMAIL
You can get FTP files mailed to you. Send a message saying "Help" to
ftpmail(a)decwrl.dec.com. You will be sent an instruction sheet on how to use
the ftpmail service.
To get pgp 2.6.i by email:
Send a message to hypnotech-request(a)ifi.uio.no with your request in the
Subject: field.
Subject What you will get
GET pgp26i.zip MS-DOS executable (uuencoded)
GET pgp26is.zip MS-DOS source code (uuencoded)
GET pgp26is.tar.gz UNIX source code (uuencoded)
LANGUAGE MODULES
German
* _UK:_ ftp://ftp.ox.ac.uk/src/security/pgp_german.txt
* _US:_ ftp://ftp.csn.net/mpj/public/pgp/PGP_german_docs.lha
Italian
* _IT:_
ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp-lang.italian.tar.gz
Japanese
* _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp-msgs-japanese.tar.gz
Lithuanian
* _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp23ltk.zip
Russian
* _RU:_ ftp://ftp.kiae.su/unix/crypto/pgp/pgp26ru.zip (MIT version)
* _RU:_ ftp://ftp.kiae.su/unix/crypto/pgp/pgp26uir.zip (ui version)
Spanish
* _IT:_
ftp://ftp.dsi.unimi.it/pub/security/crypt/PGP/pgp-lang.spanish.tar.gz
* _US:_ ftp://ftp.csn.net/mpj/public/pgp/pgp-lang.spanish.tar.gz
Swedish
* _UK:_ ftp://ftp.ox.ac.uk/src/security/pgp_swedish.txt
WHAT IS ALL THIS NONSENSE ABOUT EXPORT CONTROLS?
The U. S. International Traffic in Arms Regulations claim to prohibit export
of PGP from the USA without a license, except to Canada. Canada has similar
rules. Therefore, if you are outside of North America, please get your copy
of PGP from a site outside of North America.
WHAT INTELLECTUAL PROPERTY RESTRICTIONS EXIST IN THE USA?
MIT PGP is only for personal, noncommercial use because of restrictions on
the licensing of both the RSA algorithm (attached to RSAREF) and the IDEA
algorithm. PKP/RSADSI insist that we use RSAREF instead of the mpi library
for reasons that make sense to them.
For commercial use, use Viacrypt PGP, which is fully licensed to use both the
RSA and IDEA algorithms in commercial and corporate environments (as well as
personal use, of course).
Another restriction is due to an exclusive marketing agreement between Philip
Zimmermann and Viacrypt that applies to the USA and Canada only. Viacrypt
has exclusive rights to market PGP commercialy in this area of the world.
This means that if you want to market PGP commercially in competition with
Viacrypt in the USA or Canada, you would have to create a new implementation
of the functions of PGP containing none of Philip Zimmermann's copyrighted
code. You are free to modify existing PGP code for your own use, as long as
you don't sell it. Phil would also appreciate your checking with him before
you distribute any modified versions of PGP as freeware.
"PGP", "Pretty Good Privacy" and "Phil's Pretty Good Software" are trademarks
owned by Philip Zimmermann. This means that if you modify an older version of
PGP that was issued under the copyleft license and distribute it without
Phil's permission, you have to call it something else. This avoids confusing
all of us and protects Phil's good name.
WHAT INTELLECTUAL PROPERTY RESTRICTIONS EXIST IN CANADA?
MIT PGP is only for noncommercial use because of restrictions on the
licensing of the IDEA algorithm. Because the RSA algorithm isn't patented in
Canada, you are free to use the mpi library instead of RSAREF, if you want
to, thus freeing yourself of the RSAREF license associated with the RSAREF
copyright, which is valid in Canada.
For commercial use, use Viacrypt PGP, which is fully licensed to use the IDEA
algorithm in commercial and corporate environments.
The exclusive marketing agreement with Viacrypt also applies in Canada. See
the section on USA intellectual property restrictions for more details.
WHAT INTELLECTUAL PROPERTY RESTRICTIONS EXIST OUTSIDE NORTH AMERICA?
MIT PGP is only for noncommercial in areas where there is a patent on
software implementations of the IDEA algorithm. Because the RSA algorithm
isn't patented outside of the USA, you are free to use the mpi library
instead of RSAREF, if you want to, thus freeing yourself of the RSAREF
license restrictions. The RSAREF copyright holds outside of the USA, even
though the RSA patent does not.
The IDEA conventional block cipher is covered by US Patent 5,214,703 and
European patent EP 0 482 154 B1. IDEA is a trademark of Ascom-Tech AG.
Commercial users of IDEA (including commercial use of PGP) may obtain
licensing details from Ph. Baumann, Ascom Tech Ltd., IDEA Lizenz, Postfach
151, CH-4502 Solothurn, Switzerland, Tel ++41 65 242828, Fax ++41 65 242847.
WHAT IS COMMERCIAL USE?
Use some common sense. If you are running a business and using PGP to
protect credit card numbers sent to you electronically, then you are using
PGP commercially. Your customers, however, need not buy the commercial
version of PGP just to buy something from you, if that is the only commercial
use they make of PGP (since they are spending, not making, money with PGP).
If you are just encrypting love letters or other personal mail (for which you
don't get paid) on your own personal computer, that is not commercial. If
you are encrypting official business mail on your for-profit corporation's
computer with PGP, that is commercial use.
Note that there are some gray areas not covered above, and the patent owners
of RSA and IDEA may differ from my interpretation in the areas not covered
above, so if you are in doubt, you should consider the licensing of Viacrypt
PGP (or outside of North America, direct licensing of IDEA) to be cheap legal
insurance. Indeed, the license fee is probably a lot cheaper than a legal
opinion from a lawyer qualified to make such a judgement. Note that I am not
a lawyer and the above is not legal advise. Use it at your own risk.
MACPGP KIT
The MacPGP kit is a user interface for the Mac version of PGP.
ftp://duke.bwh.harvard.edu:/pub/adam/mcip/MacPGP_icons.sit.hqx
ftp://duke.bwh.harvard.edu:/pub/adam/mcip/MacPGPkit.hqx
ftp://duke.bwh.harvard.edu:/pub/adam/mcip/MacPGPkitSources.sit.hqx
FOR MORE INFORMATION
Permission is granted to distribute unmodified copies of this FAQ.
To get the longer version of this FAQ, get
ftp://ftp.netcom.com/pub/mp/mpj/getpgp.asc or send mail to
ftp-request(a)netcom.com with the line
SEND mp/mpj/getpgp.asc
in the body of the message.
There are many other frequently asked questions. Most of them are covered in
the documentation that comes with PGP, and the few that aren't are addressed
in documents referenced above.
___________________________________________________________
|\ /| | | |
| \/ |o| | Michael Paul Johnson Colorado Catacombs BBS 303-772-1062 |
| | | / _ | mpj(a)csn.org aka mpj(a)netcom.com m.p.johnson(a)ieee.org |
| |||/ /_\ | ftp://ftp.csn.net/mpj/README.MPJ CIS: 71331,2332 |
| |||\ ( | ftp://ftp.netcom.com/pub/mp/mpj/README -. --- ----- ....|
| ||| \ \_/ |___________________________________________________________|
-----BEGIN PGP SIGNATURE-----
Version: 2.7
iQCUAgUBLtyzV/X0zg8FAL9FAQG1aAP4tukdmfhUqnZh4mE1KdsHaSeSIEySF4Rj
YtFlU2dFQB6EUtohFU+fzRKOsIQ7B8N4Xj4fcaKytUfGsqI4aMQHFPFcSEJYQIfj
x3xFSRUYOKFlH9ouMqj4ePZdl95sLm8lJRVFojXycN7eUxbTb27/R2+qMtZOgGuF
7W6GioDM4Q==
=/lD+
-----END PGP SIGNATURE-----
1
0
Rather than engage in an extended debate (which is interesting I grant,
but seems to be disintegrating into an agree/disagree impasse) I say just
run the experiment and see the effects.
Requiring digital signatures will artificially create the need for better
crypto tools to make the whole process more convenient. This should spur
progress. Another effect - lower list participatio:; fewer posts
(crossposts from other lists, tv show reviews, personal mail sent to the
list, Chomsky arguments, etc.)
1
0
This is a transcript of the FFE's Censorship in Cyberspace forum. This
transcript was made possible by funds from John Young. Major thanks
John.
**** Feminists For Free Expression ****
CENSORSHIP IN CYBERSPACE
St. Peter's Church, New York City
Saturday, October 22, 1994
Moderator: Joan Kennedy Taylor
Panelists: Robert Corn-Revere
Ellen Lafontaine
Gerard Van Der Leun
Philip Zimmermann
TRANSCRIPT
Censorship in Cyberspace
The Panelists:
Robert Corn-Revere is a partner in the Washington, D.C. office of
Hogan & Hartson, specializing in First Amendment and communications
law. He has extensive experience in practice before the Federal
Communications Commission and federal courts. Mr. Corn-Revere
received a B.A. from Eastern Illinois University in 1977 and an
M.A. from the University of Massachusetts-Amherst in 1980.
Ellen Lafontaine is completing her doctoral studies at New York
University in International Education on a Foreign Language Area
Studies fellowship. Her research focuses on the role of
intercultural learning networks in the foreign language classroom.
Ms. Lafontaine is one of the organizers of YouthCaN '95, an
international youth conference for environmental projects via
telecommunications.
Gerard Van Der Leun is formerly with the Electronic Frontier
Foundation. He is a serious hobbyist on the InterNet and has
hosted several on-line conferences.
Philip Zimmermann is the creator of the controversial "Pretty Good
Privacy" encryption software (this "freeware" has spread as far
away as Europe) for which he is now under criminal investigation,
awaiting possible federal indictment. He lives in Boulder,
Colorado.
The Moderator:
John Kennedy Taylor is the author of "Reclaiming the Mainstream:
Individualist Feminism Rediscovered", published in 1992 by
Prometheus Books. Her work has also appeared in, among other
places, The Wall Street Journal, Success, and Reason. Ms. Taylor
was a commentator on the Cato Institute's syndicated radio program,
"Byline," for ten years (1979 through 1989). She is also Vice-
President of Feminists For Free Expression.
INTRODUCTION: Good afternoon, and welcome for joining
us. It's an absolutely gorgeous afternoon, so we're very happy to
see you here. I'm Trish Moynihan Williams. I'm a member of the
Board of Directors of Feminists for Free Expression, and this
afternoon I'm actually the voice of Rachel Hickerson, our Executive
Director, who unfortunately has a bad case of laryngitis. So I'm
speaking for her, but I really hope you won't miss the opportunity
this afternoon to say hello to Rachel even though she may croak
back, and get to meet our wonderful Executive Director.
I wanted to tell you just a little bit about Feminists
for Free Expression for those of you who are just getting to know
our organization. We are a group of diverse feminists working to
preserve the individual's right to read, hear, view and produce
materials of her own choice without the intervention of the State
"for her own good." I encourage you to learn more about us. There
are pamphlets in the entry way as you came in if you haven't picked
one up already. And to join us. We are a membership organization,
and really need your support.
As you see listed on your program this afternoon we have
a stunning lineup for our program on Censorship in Cyberspace, and
that program is going to be moderated by FFE's own Joan Kennedy
Taylor. Joan has been [involved with] feminist issues since the
early 1970's. She is the author of Reclaiming the Mainstream:
Individualist Feminist Rediscovered, which was published in 1992 by
Prometheus Books. In 1993 the Hoover Institution commissioned her
to write the essay, "Women's Issues: Feminism, Classical
Liberalism and the Future." Among the places where her work has
appeared are the Wall Street Journal, Success, The Washington Times
and Reason. She is Vice President of Feminists for Free
Expression. So I am delighted to turn the program over to her.
Joan.
* * *
KENNEDY TAYLOR: Can everybody hear all right? There is
no sound system, but I am told the acoustics are excellent. Okay.
This is a very exciting program for me, because so much is going on
and so much is changing so quickly that every day brings something
new. This is a new age in communications, and it also has its
problems. On-line services are becoming gigantic. The InterNet
makes national borders irrelevant, which to some people seems a
real problem. Torrents of information and misinformation can be
received or disseminated by anyone with a computer modem. Security
establishments have lost their virtual monopolies on encryption to
such an extent that an article in the Times compares trying to
enforce a universal coding standard such as the Clipper Chip with
trying to enforce prohibition.
The U.S. Congress just before it adjourned passed the
controversial Digital Telephony Act, a wiretapping bill that
requires phone companies to keep their networks accessible to law
enforcement wiretaps as they install new technologies. What does
this all mean in the age old fight between those who want to
control how ideas and expression are communicated and those who
believe in the literalness of the First Amendment, that Congress
shall make no law abridging the freedom of speech or of the press?
We have asked a number of experts who also believe in
civil liberties and the First Amendment to explain why we do not
have to abandon these principles as we enter this confusing and
exciting communications age. Our guests will speak in alphabetical
order, and I hope you all have programs, which give you the back-
ground of all our speakers. They will speak for twenty minutes
each. Then there will be a brief period for any questions they may
wish to put to each other and they will then take questions from
the audience.
First we turn to the relationship between law and
technology. Advances in communications technology have always been
greeted with suspicion. Should the law control what we do with
them? Can the law control them? Robert Corn-Revere, a Washington
lawyer specializing in communications law, looks at the past and
the future to give us a legal doctrine for the Information Age.
Robert.
1
0
CORN-REVERE: First I'd like to thank Feminists for Free
Expression for inviting me to come and speak at this today. I
think that the topic is one of the most important that at least
those of us who care about communications are dealing with right
now and it's one that's going to be developing very quickly.
Although I have to say -- I'll apologize in advance. I'm from
Washington. I used to work at the FCC, and so to be talking about
these issues may seem to be a bit ironic. And to compound that, to
have a lawyer to be the first person to speak in a discussion on
Censorship in Cyberspace is a bit like having a hall monitor be the
keynote speaker at a writer's conference. But it is an area that
I have been writing about for some time and have some concern
about, and hopefully discussions like this one will help move
toward a greater understanding that can actually do some good.
Being in Washington I'm always hesitant to say that, but it is
possible sometimes.
First of all I know it isn't in the program, it doesn't
mention the term, but I'm going to just say that I hate the
expression Information Superhighway. If there is a single thing
that we could do to make some sense of what's going on we would
eliminate that forever. I mean not only does it spawn just this
avalanche of horrible metaphors -- on ramps, off ramps, toll
booths, traffic cops. Name it, they're out there. It's just going
to get worse, to the point where the Washington Post finally had a
front page story that talked about the Information Superhypeway,
which is pretty much what it's becoming. And in a way it I mean it
really doesn't convey any information. In a way it's a lot like
teenagers and sex. I mean, you know, everyone is talking about it.
Everyone's convinced that everyone else is involved in it. The
people who are talking about it don't really know much what it's
about but are convinced that once they're doing it too it's going
to be great! That's a lot of what is going on in the policy
discussion in Washington, D.C.
But I have a particular reason for disliking that
expression, and that is that it tends to focus or it tends to
direct peoples' attention to the means of transmission by calling
it a highway. So we'll need traffic cops. And when you look at
the method of transmission historically, that's been the hook, the
jurisdictional hook, for governments to get involved in speech.
For that reason I really think we would move a long way toward
clarity if we could shift metaphors.
As most of you I'm sure know, this year the Congress
failed to pass telecommunications legislation wanting to be in the
forefront of developing the Information Superhighway, talking about
all the vital national policies that are involved. And while I
don't discount the importance of the issues, I tend to think it's
a little bit dangerous to start the debate and start from the
proposition that Congress needs to be fashioning this for us, and
I think that that's simply going to lead to more trouble.
In really underscoring that, I think it's useful to talk
about communications systems and talk about the development of
these things from something of a historical perspective, because
technology has always been an intimate part of the struggle for
freedom of expression. It's no accident for example that the first
official censorship bureau emerged shortly after the development of
the printing press. None existed before then because none were
necessary, and to that extent censorship was the bastard child of
technology. You didn't need a central official authority to keep
track of scribes. The Church did that very nicely, thank you. And
the communications that they produced didn't really pose any kind
of a threat to the State. First of all they were produced in small
numbers, not mass produced, and in the second place you didn't have
the ability to produce multiple volumes of a uniform copy, of a
simultaneous transmission of exactly the same words. There were
minor errors between them and it took a long time to copy addi-
tional copies.
But once you had because of the printing press the
ability to crank out multiple documents that could all be trans-
mitted simultaneously, then the communication tended to pose a
threat to official authorities and for that reason you then had
this drive to establish social policy, policy that would constrain
or in some way control that communication for what were considered
by those in power beneficial ends.
And so you see that sort of history repeating itself over
and over again, and ultimately in the end the technology tends to
win. You can look at the successive means of censorship in the
16th and 17th centuries, whether they were official censorship
bureaus or the Court of the Star Chamber or the Stationer's
Company, and government monopoly licensing and those sorts of
things. Each of them failed. Each of them went out of fashion
because the technology of the printing press was superior to the
ability of the bureaucrats to exert control -- up until the point
when you get to the formation of the United States and the adoption
of the First Amendment, where the United States became the first
nation to embrace new technology as an essential component of its
political system. That's what the First Amendment is about. It
specifically identifies the press, that new technology of its day,
or relatively new to the framers of the Constitution, as an
essential component of what this country was about.
So technology for the first time rather than just being
a hindrance to official authorities became an essential part of
what free expression is to be and came to be in this country.
Despite that hopeful beginning, and despite the fact that it really
took a couple of hundred years, well, 120 years anyway before the
courts started to define what the First Amendment was about,
technology continued to be something of a problem as new technolo-
gies for communications were developed.
The Supreme Court first faced this problem in 1915 when
it was asked to rule on whether or not the cinema was protected by
the First Amendment. And this was before the Supreme Court had
actually addressed the issue of the First Amendment and what it
meant in any way, but it was presented in this case about a
licensing board, a trilogy of cases actually about a licensing
board in Ohio. And in that case the Court simply said, "This is
not speech. We're talking about film here. It's commerce. And
besides, it's dangerous." And so they decided that the First
Amendment simply didn't apply to the technology of film. Now
thirty-seven years later the Supreme Court reversed itself and film
was protected the same as the printed word. But it took thirty-
seven years and actually longer than that for the pronouncement of
the law to become disseminated through the country, where it wasn't
until 1972 that the last film licensing board, municipal film
licensing board, in Dallas, Texas, was abandoned. So it does tend
to take a long time.
The same thing has happened of course with television,
and again, as with the Information Superhighway, the focus is on
the means of transmission and the government's argument
historically has been that we have this medium. It's scarce
because you have a certain number of frequencies. If the
government doesn't regulate it you'll have people speaking over
each other, and so the government has to get involved. And by the
way, we're not just going to be traffic cops to decide people don't
run into each other in the air waves. We also need to control
pretty much what's said in the broadcasting as well.
And so again focussing on the way the communication was
transmitted created the jurisdictional hook by which broadcasting
has had second class rights under the First Amendment. Now that's
changing. It's changing because the courts have come to be more
sensitive to the First Amendment issues involving broadcasting.
Most thoughtful observers recognize that the whole notion of
scarcity (a) was created by government in the first place, and
(b) if, to the extent it was ever true, because government of
course decided how many of those frequencies would be used for
communications, to the extent it ever was true it no longer is,
again because of increases in technology, both because of digital
compression, the ability to get a lot more out of the same band-
width spectrum, and also because there are so many other techno-
logies that can transmit the same information and more than just
broadcasting. Whether it's cable television, whether it's fiber
optic transmission, whether you're talking about videodiscs,
videotapes, there are any number of ways you can transmit the same
information.
And so the courts are moving more toward an appreciation
of the First Amendment status of broadcasting, to the point where
the Supreme Court this summer in a case involving cable television
essentially said that the government has no business dictating the
content of broadcasting. Again, that was just language that the
court used, but it tended the signal the direction they're heading.
And I think ultimately again the technology will win.
My concern though is at each stage where we're confronted
with new technology we have to go through this process yet again.
It happened with the printing press. It happened with film and
then took four decades and longer for practical application, for
that to get reversed. With broadcasting it first was regulated in
1927 as a scarce medium and then again that law was rewritten in
1934 and hasn't been rewritten since. We're on the verge of a
rewrite, and that's what some of the telecommunications legislation
is about, but it doesn't abandon these concepts of government
control. In fact it strengthens them and would extend them to the
newer technologies, whether it's fiber optics or something else, or
direct broadcast satellites for that matter.
So I think that it's time to recognize that all speech is
the same under the First Amendment, and that the means of transmis-
sion don't make any difference whatsoever. The fact that some
communications may have social force or power to change things
isn't a reason again for government to get involved. That's why
the printing press was controlled. That's why we adopted a First
Amendment in the first place. And so the method of transmission
shouldn't make any difference whatsoever.
The other thing that I think is fairly dangerous when
it's handled in the way that it's currently being considered is
that if things have moved slowly in the past wait until they become
the subject of a regulatory agency. Having worked at the FCC I can
tell you a lot about that. Things move much more slowly in the
regulatory state. We are controlled by endless numbers of defini-
tions, and once you fit into a regulatory pigeonhole, a defini-
tional pigeonhole, you will stay there either until the courts turn
it over, knock it down, or until some sixty years later or however
many years later someone decides that that may have been a bad idea
in the first place.
So I'm very concerned about carving these things into the
stone of legislation and then using that as the model for extending
government control over communications. The whole idea of having
this network, this notion of instantaneous communication, is to
free up speech and not to create jurisdictional reasons to exert
greater control. For that reason I am particularly concerned about
the Digital Telephony Bill that was just passed. It was passed by
both houses of Congress in early October, and it does require tele-
phone companies to cooperate and assist law enforcement authorities
in wiretapping and issues like that.
In some ways it doesn't change the preexisting state of
the law. In 1986 there was a rewrite of the Federal Wiretapping
Law that essentially brought that into, recognized, digital
communications. It did require that kind of cooperation. This
really more clarifies that rather than imposes a new obligation.
The other clarifying part of it thankfully is that it says that
federal authorities have to get a warrant before they can do it.
But it still maintains the essential premise of governmental
control, and I think that what we need to working toward is an
understanding that the First Amendment and the Fourth Amendment,
because they work together, must be recognized for all technologies
as we move on into the future.
I'll just say one or two more things because I know I've
taken a bit of your time, just to say that if nothing else, because
again I've been talking legal structures because that's the world
that I work in, but if nothing else it would helpful if people
could get an understanding that when they're approaching a new type
of communications they're not approaching something fundamentally
different, and I'll give you two examples that I think tend to
underscore that.
One is a recent action by an export office in the
Department of State that denied an export license for the disk
version of a book on encryption, while the print version is freely
available and as a matter of fact 20,000 copies have been sold
worldwide. Now the justification is that when you put it on a
computer disk it is somehow different and can be disseminated
differently when of course anyone can take the print version and
key it in and you have the same thing. But that's one example of
where the understanding of what the communication is, what the
information is, is treated differently under the law because it is
in a different technological form.
Another has to do with a recent case involving a regional
office of the Department of Education's Office for Civil Rights, an
action that ended closing down a men's only and women's only
computer bulletin system at Santa Rosa Junior College because of
allegations of sexual harassment and people saying generally not
nice things on this computer bulletin board. But as part of this
ruling, and it's still being worked out, it isn't final yet, the
Office of Civil Rights took the position that a computer bulletin
board is not subject to the same free speech rights as if you were
talking about a physical bulletin board or if you were talking
about the campus newspaper. It is somehow different.
I think these are very dangerous beginnings, very
dangerous trends, and unless we address these questions both in
terms of our understanding of what's going on and in terms of the
law then what we've seen in history will be perpetuated and it will
take a far longer time, decades, if we're lucky, for that to be
sorted out. So that's why I think this is one of the most
important topics that we could talk about today, because I think
that communications has been historically a vital force in society
and it's only going to get more important. Thank you.
* * *
1
0
MODERATOR: What about the children? Our new technolo-
gies expose children to information and ideas from all over the
world. Some of it is information. Some of it is misinformation.
Should we take steps to restrict this access? Ellen Lafontaine
will explore this area with examples of educational alternatives to
censorship.
LAFONTAINE: Thank you, Joan. I have a little cold, so
I hope that you can hear me. I hope I won't cough halfway through.
As we all know, cyberspace or the InterNet is a very
popular subject today. When one adds the issue of censorship it
becomes even more compelling and controversial. Today you will be
presented with the legal, political and technical viewpoints of the
censorship debate. However, I contend that while these perspec-
tives are illuminating there is the danger of missing the far more
important issue of the right to free speech for students in its
application to this medium of technology.
This issue of censorship is not solely one of a technical
nature, for instance how to block access to pornographic material
and banned books. A cursory glance at the variety of news groups
and conferences on the InterNet may seem, depending upon your point
of view, as either provocative or offensive. For example, it is
possible to obtain an erotic article from the news group
ALT.REC.SEX.WITH.OTHERS, or a few passages from Huck Finn, a banned
book in some school districts. Indeed many educators and parents
spend a lot of time worrying over whether Susan or Jimmy will
accidentally read material that's not appropriate for their age.
However, restricting access to news groups and
conferences dealing with objectionable content matter is simply a
subtractive strategy, subtractive in the sense of a withdrawal.
The real issue instead involves the much great social challenge of
placing in our schools this technological medium that has the
potential to encourage student dialogue on any number of controver-
sial issues.
Increasingly our schools have greater access to the
InterNet. We can expect that some educators and parents will
perceive its introduction as dangerous as rolling a Trojan Horse
into the classroom. Therefore a different and far more interesting
approach to the issue of censorship is to focus upon the students
themselves and their right to free expression in the classroom. To
us this is an additive strategy, allowing our students to confront
difficult realities both on a local level and a global scale and to
successfully engage in the necessary conflicts that will inevitably
result.
The questions that we need to ask are: Can we tolerate
and actively promote the desanitizing of the curriculum by allowing
this new form of communication and inquiry into the classroom? Can
we encourage our students to pursue the right to free expression
and not turn their backs on controversy when it ensues? And
lastly, can we create a critical literacy among students so that
they are not only better prepared to confront the issues of
tomorrow but also can be instrumental in changing or improving
today's world for the better?
To illustrate my point I would like to tell a story drawn
from a paper that I coauthored with Professor Dennis Sayers of New
York University. The research was originally compiled for his
forthcoming book, Brave New Schools. The story concerns the use of
a global learning network in an English class at a high school in
Long Island. The network, supported by the Copland Family Fund, is
called IERN, which stands for International Educational and
Resource Network. The IERN network allows students to use telecom-
munications to carry out projects with students from other parts of
the world. The students at Cold Spring Harbor use the network to
collect articles written by students from many different countries
for a magazine called The Contemporary. Although produced at the
high school, The Contemporary is so much a part of the IERN network
that it is considered an official publication of that network. As
its editors write, "The Contemporary is a student news magazine,
international in scope, that aims to provide teenagers with a way
to learn about issues of national and global importance as the
first step toward understanding how youth can have an impact on the
direction taken by our world." And one point I'd like to make.
These are 14 to 17-year-olds that write, so I think you're all
going to be very impressed by the level of their writing.
Even though at times these issues of national and global
importance were controversial in nature, this didn't stop the
student editors from writing about them. However they were soon to
find out that encouraging a debate on one of these controversial
issues would lead to not one but two conflicts and near losses of
their right to free expression, and surprisingly from two entirely
different directions.
It all began with the Middle East section of the January
1994 issue, which contained writings from Palestinian and Israeli
teachers and students. Kristin Lucas, the 11th grade editor of the
special sections, recounts her original motivations for collecting
the writings. "At the start of my project my goal was to inform
students around the world about recent developments in the long
lived Middle East crisis. I set out with the belief that students
from Israel and the occupied Palestinian territories needed to
realize the similarities in their hopes and fears in order to pave
the way for a more peaceful future."
Using electronic mail and video send (ph), Kristin and
the other students editors were able to collect several pieces of
writing from both Palestinian and Israeli students and teachers.
It was their intention to pair these writings next to one another
in the Middle Eastern section for maximum impact. However, as they
were going to press one of the Palestinian teachers, upon learning
of Kristin's decision to intersperse the Israeli and Palestinian
writings, and also objecting to some of the content in Kristin's
introductory article, threatened to pull every one of the
Palestinian writings. Kristin and her fellow editors were
astounded. She spent seven periods of two school days trying to
reach a compromise that wouldn't breach her right to free expres-
sion. At the end they published all of the letters, but in
separate sections of the magazine.
This was a disappointing compromise for Kristin and her
co-editors. In their opinion the initial attempt to foster a
student dialogue on a controversial topic had failed. So they
decided to exploit the technology to an even greater extent.
Instead of relying upon letters and articles sent through elec-
tronic mail, they opened a conference area on the network hoping
this time for a more extensive, true back and forth student
dialogue. Little were they to know that world events would sadly
offer them one more Middle Eastern controversy. As we can all
recall, on February 23, 1994 Baruch Goldstein murdered 50 Arabs and
wounded many others at a mosque in Hebron (ph). This massacre
triggered many Palestinian demonstrations on the streets of the
occupied territories, which led to beatings and killings by Israeli
authorities and reprisal murders by members of extremist groups on
both sides. As a result extensive curfews were enforced and
schooling for the Palestinians was suspended.
Thus the resulting turmoil provoked a flurry of letters
back and forth on many topics, one of which was the Western media
coverage of the events. As one 12-year-old writes, Ranin Kiryan
(ph), "The Western media is always at the scene when both Israelis
and Arabs are killed, and the coverage is much more in favor of the
Palestinian side in the opinion of Israel's. My opinion in general
is that the Palestinians deserve a country." A Palestinian student
disagreed with Ranin Kiryan. "I believe the Western media is not
always at the scene when both Arabs and Jews are killed, and the
coverage is in favor of the Israelis. But it's not important that
the media covers this or that. What is important is that the
killings stop. I respect your opinion that the Palestinians
deserve a State."
These two excerpts out of a handful of many demonstrate
the enormous power of telecommunications to foster student partici-
pation in an open and free dialogue. These students are learning
tolerance by respecting each other's opinions on a very controver-
sial topic. They are communicating in a real fashion about issues
of social justice.
One Israeli student who wished to remain anonymous,
likely because his or her opinion would have sparked debate among
his or her Israeli classmates, disputed the frequent press descrip-
tions of Baruch Goldstein as an insane killer who acted alone. He
or she says, "I believe that the massacre was not the action of a
lone lunatic but one taken by a gunman acting under the influence
of a radical minority group. This group deserves to be condemned,
but the entire Israeli population should not be blamed. Similarly,
the extremists among the Palestinians should be condemned but not
all the Palestinian people." Truthfully, how many adults can
master that concept, the few do not represent the many, as our
anonymous contributor obviously has? Moreover, how many could
acquire this understanding on such a controversial issue so close
to home?
Clearly these excerpts from the students' writings
demonstrate the success of Kristin's original goals, to promote
dialogue on a hotly contested issue in the Middle East with the
hopes of illuminating common ground for peaceful coexistence. The
Contemporary included these and many other letters in the May 1994
issue. There were also letters from students in other countries
sharing their opinions and applying lessons from what they were
reading to their own reality at home. Phoebe McDunna, a student
from Australia, writes: "In my country we have many people from
different backgrounds and we have grown to communicate and to
accept everyone. This all sounds like Australia is a very loving
and understanding country, but the sad truth is our native
Australians, the Aborigines, are the last ones to become accepted
and to be treated equally."
Thus the debate that Kristin had sparked on the political
turmoil in the Middle East led to students in faraway countries
extrapolating lessons about the expansionist policies at the roots
of their own countries' origins. So in going to press with this
final issue of the school year, Kristin and her fellow students
were pleased that they had achieved the goal of using telecommu-
nications for opening and sustaining an extensive dialogue on a
controversial issue. Kristin writes, "I've had the opportunity to
accomplish what many other students may never have a chance to
attempt. Even though I don't have the influence to reverse the
sometimes harsh sentiments of these people, I would like to come
away thinking that at least I did something to help the peace
process along."
Unfortunately Kristin had no idea of the new conflict for
the May issue, this time much closer to home. Peter Copland (ph)
is the head of the Copland Family Foundation that has supported the
IERN network since its inception. His vision was to explore the
potential of telecommunications to give youth a voice in shaping
and improving their world. To this end he established IERN,
providing funding from the Copland Family Foundation to underwrite
the network during its formative years until it established a clear
identity and had become self sufficient. This support took many
forms, ranging from assisting in covering the cost of telecom-
munications for some schools in North America and in other
countries to assure cultural diversity in the networking projects
and to contributing to special projects such as the Holocaust
Genocide Project, with a range of funding demands including
publications and study trips to Poland and Israel.
So when Peter Copland asked to meet with the editorial
staff and the faculty adviser at Cold Spring High to voice objec-
tions to their coverage in the Middle East sections they were all
very surprised. In his view, however, the coverage was biased
toward the Palestinian point of view. He also felt that the
writings from the adult contributors was a major departure from the
original mission of the student magazine. Although he insisted
that he didn't want to limit their editorial freedom he felt that
The Contemporary's designation as an official annual IERN project
should be reconsidered, and the controversial nature of the topics
it covered might generate disagreements within IERN and jeopardize
the willingness of some schools, for example in Israel and the
U.S., to continue participating in the network.
So the student editors met and drafted a response to
Copland's concerns, and I'll quote a few passages. It was a very
long letter, but I think this is very important:
We sought to give all interested parties a chance to
state their views and respond to each other. Did the
contributors hear one another? Well, most seemed to
listen but a few seemed to hear very well. Did we try to
make the Middle East section a safe place to conduct such
a discussion? Yes, but we realize that when feelings run
as hot as they do in the Middle East there may be no such
thing as a safe place to discuss any subject. Does this
mean that we did not make a contribution to the resolu-
tion of the problems discussed? No. We feel progress in
this instance ought to be measured simply by the fact
that the contending parties at least talked to each other
and read what each other was feeling and thinking.
Finally, dialogue, no matter how contentious it may seem,
is the first step toward resolving any problem.
These responses demonstrate the remarkably high level of
critical thinking generated by engaging in such projects on a
global learning network over the InterNet. The students developed
a working knowledge of how to confront the possible loss of their
right to free speech. Once again they negotiated a compromise by
relinquishing the annual IERN project status for The Contemporary
and incorporating a disclaimer for each issue. The final result
was a conceptual awareness of the relationship of free expression
and of the media of telecommunication that went far beyond the
issue of keeping objectionable material out of young peoples'
hands.
In closing I will quote one student's real understanding
of the individual right to free expression: "I think free and open
communication is a wonderful thing. Perhaps with this experience
some students will prize dialogue more dearly in the future. Hope-
fully if we try to understand each other more we might be more
willing to talk things out instead of going to war over them."
Thank you.
* * *
1
0
MODERATOR: Thank you very much, Ellen. Now. Can we
imagine what it would be like if there were no traffic cops in
communication? Well, we don't really need to, because no laws
control the InterNet and no one owns it. How does it work? Gerard
Van Der Leun, who was the first Communications Director of the
Electronic Frontier Foundation, finds that free speech and civil
liberties are, as he puts it, "the default state of the global
InterNet," and he will tell us why and how.
VAN DER LEUN: Hi. My name is Boswell at BELL.COM (ph),
and I'm a Cyberholic. I started out chipping with an RCA dumb
monitor at 300 baud, and now I'm looking to start mainlining off a
slip connection. There's just never enough for me.
I first sort of became I guess aware of the potential of
this when I was a book editor in the mid 1980's at Houghton-Mifflin
in Boston. Through a series of events I no longer recall I bumped
into this woman named Elizabeth Ferrarini (ph) who was verging on
a functional illiterate but wanted to write a book about her
experiences on the fledgling nets then. I think she was one of the
early members of The Source. And she used to log on with the
handle "THIS IS A NAKED LADY." So those of you with any experience
on the Net know what kind of E-mail and sends this starts to draw
to you while you're on the Net. Her keystroke cup will runneth
over in no time.
Actually knowing nothing about this I ended up
(a) commissioning the book, (b) rewriting it, and (c) publishing
it. It became a book called Infomania: Life in the On-Line World.
I think it was sort of the first book about this subject, and
dutifully sank into obscurity by being the first in about 1987.
A couple of years later in another incarnation I was at
a tag sale and I bought a box for $60. It was an RCA dumb monitor
with a 300 baud modem, and you could put about ten phone numbers in
it. And I took it home, sort of figured it out from the manual, I
went to Computer Shopper, found a BBS with my area code on it and
bingo -- I was in Dave's Cave, a Fidonet (ph) node, looking for
filthy stories and other things. And then it came to me one night
in an epiphanous moment that you could actually with a telephone
connection basically get things onto the disk of your computer you
didn't have to type in yourself. Ah, revelation. This was nice.
And from then, you know, just like Topsy the addiction simply grew
until I sort of found myself floating around the InterNet for many
years now, and actually in different years I've become one of the
rarer breeds of people on the Net. I actually manage to make a
modest living out of it rather than just shoveling lots of connect
time dollars back into it.
In the course of this I guess I stumbled into a system on
the West Coast, if anything can be said to be anywhere in cyber-
space, called The Well. Most people that have been on the Nets for
some time have a vague idea that the Well is actually one of these
systems whose impact is bigger than its userbase, and while on The
Well I bumped into other denizens of cyberspace such as Mnemonic,
who is actually Mike Godwin, one of the legal beagles for the
Electronic Frontier Foundation in Washington, and also into this
very strange, slightly seedy cowpoke named Barlow, who had with his
palaver actually talked Mitch Kapur (ph) into parting with some
hard change to fund and found the Electronic Frontier Foundation,
which at its inception was actually a very exciting organization to
be involved with since they basically wanted to defend young hack-
ing kids against big crackdowns by Feds. I'm always looking for a
good game of Feds and Heads in my life. I like to play with the
Heads.
You know, the EFF later devolved into what's now sort of
a wonk tank and luncheon society down in Washington, D.C., but that
was after my time, or I should say my time ended when it evolved
into lunching with lobbyists. But since then I've gone on to be I
guess a gadfly around the Net and on The Well to people. On The
Well I run a conference that's called, well, I run two conferences.
One is called Z (ph), which is basically a digest of all the other
conferences, the best and the worst, what have you. And then the
conference I'm proudest of is called The Weird Conference, and The
Weird Conference's rule is that we don't have any rules, and you
can say anything you want and nothing is forbidden. And nothing is
ever censored except sometimes by me in a purely arbitrary fashion
to keep people aware of what censorship feels like. It's true.
Boswell will sometimes just log on and say, "Well, I'm going to
erase your comment because I just don't like it." Checheche cht --
gone. What? What? There it is.
Anyway, I was just sort of looking at the Net and I've
been thinking about censorship, and I've been through Operation Sun
Devil and I've seen Hacker Crackdown and I have Digital Telepathy
and I'm aware -- I'm sure Mr. Zimmermann will enlighten you of what
can happen to someone who goes out to play on the Nets when it's an
essential Net tool. I mean you need to pack a lunch and have a
legal fund. Nevertheless, I would say to you today, not just to
this small group but almost to anyone, that my basic state is one
of really intense optimism. I think the war against censorship is
effectively over and we've won. I think what we're going to be
dealing with now in policy areas and programming areas is what I
would call mopping up operations and attempts by local and global
authority to put the genie back in the bottle. But it's gone. I
mean it's out there. The Net is out there.
The Net has, in my mind at least, the Net has no center.
It has no owners, none that I know of. It respects no borders. I
mean, you know, Australia is just a domain name to the Net. It
doesn't really matter where you are. English is pretty much its
default language, much like air traffic control.
I'm sure there's going to be a lot of waves of efforts to
limit and otherwise control this medium. I would think, if you
look at the growth statistics on the Net, if you look at the number
of people coming on and you look at the kind of minds you're
dealing with when you're dealing with the Net, I mean you are not
dealing with the left side of the Bell curve when you're hitting on
the Net. I mean you are dealing with people who are bright enough
to get there, because it isn't easy. You're dealing with people
who are really sharp about this new technology, because some of
them write the programs that it runs on.
You're also dealing, way at the bottom of the InterNet
you're dealing with software, you're dealing with Send Mail, you're
dealing with Read This, you're dealing with a lot of assorted
software that all nodes have to have to talk to each other, and if
you really look at that code and say, "Who wrote this code? Who
wrote the thing that -- who created the water in which all this
information swims?" Well, I think if you look at those original
people a lot of them were basically anarcho-crypto heads that
happened to be programmers and just wanted to, you know, send jokes
to each other and talk about computers.
I think it's --, you know, the default state of the Net
is absolute freedom. In fact it's to such an extent that a large
part of the Net is sort of set up to recognize attempts at censor-
ship as system damage and simply route around it. I want to send
pedophile memoirs from site A to site C. Well, you know, it's
supposed to take the most efficient route and that's through site
B. Well, this happens to be Jerry Falwell's machine. He decides
what he wants on his machine in his "home." That's fine with me.
So down it goes. Whup! Sorry. We don't take any pedophile stuff
through this site. Boom! We'll kick it to D. D doesn't care.
Boom! You know. I don't care if Jerry -- you know, it's fine with
me what people have in their home.
It's more complicated than this obviously and there's
going to be a lot of argument and a lot of, you know, shouting back
and forth and a lot of federal regulations passed and all of that,
but I think what's happening here is we -- you know, what is the
Net? The Net is basically the medium, and the Net reminds me of
this book that was published at the end of the '70's where a man
said, "Well, my idea for a really great book is a book of 350 pages
and there's nothing on any of the pages. So I'm going to call it
the Nothing Book." And everyone said, "What a terrible commercial
idea." Well, of course he published the Nothing Book and now you
go into any bookstore there's, you know, a big case of blank books.
What we've got with the Net is we have, fundamentally we
have the linking of millions and millions of hard drives. This
fulfills the dream of every computer junkie in the world, that you
have infinite drive space. You basically have infinite drive
space. The Net is really -- what it is, is what we make it, every-
body individually. It's like sort of the largest group hack in
history. I think second to the phone company it's certainly the
largest machine that's ever been built. Some people will get
rather mystical. Under certain chemicals I'll get mystical and
tell you it's the emergence of the World Mind. And like anything
in the World Mind, it's got a lot of dark areas in it. Well, we'll
just have to live with our dark fantasies as we live with our
better deeds. To deny them is not really a good idea.
I think one of the things that we're feeling right now
with the immense growth is we're feeling three fundamental tensions
within the Net, and I would also propose to you that for each ten-
sion the Net also has the capacity to alleviate that tension. I
think the first tension is between the concepts which can exist in
a single human mind, in a single human society, that on the one
hand ideas, ideas, need to be free. They need to be exchanged.
They need to have no limit to the ability to make them baroque or
make them fresh or make them new. But at the same time the same
mind that has ideas that need to be free, we also hold within
ourselves beliefs that need to be protected. Censorship is bad.
I believe that. I need to protect that idea. That's central to
something important to me. As an idea, censorship is bad? That
may not be such a fundamentally true idea. Maybe there are some
cases that people can make that censorship is good. All right.
But my belief needs to be protected, although my ideas need to be
free.
Well, how does the Net deal with that? The Net, or
UseNet, which is sort of this large machine, this large sort of
Mother Ship of interest groups that rides upon the vast InterNet
ocean, basically just creates infinite areas in which all beliefs
can exist and all ideas can be free. And if you wander into an
area with a certain belief -- say you wander into -- oh, the sex
areas are always good because that's where everyone gets excited.
You wander into ALT.SEX.MEMBERS OF THE SAME SEX. MOTSS. And you
say, as we see in that group every month, you enter a message with
the stirring headline, "FAGS MUST DIE." Well, it will be about
four nanoseconds before about thirty other people will flame you
hairless. Your I.D. will be exposed either in its strength or its
weakness by thirty other minds working on that -- whew.
At the same time you might want to say, "I believe that
everyone should worship Jesus. Christ. Christian." Right? Well,
you might sort of wander over to the Muslim and you might not feel
too comfortable in the ALT.MUSLIM area doing that, but the Net has
created, the wonderful alt groups have created ALT.CHRISTNET. They
even have ALT.CHRISTNET.SEXUALITY. So what happens is when people
feel a need to have a belief area in which their beliefs can be
protected they'll just create an area and anybody who wanders in
there that's not quite in the program, just flamed hairless and
thrown out. That's all right, because you can wander over, you
know, to another area or to a "secret moderated (ph) mailing list"
that says, you know, "Kill Catholics Mailing List." Okay? We're
going to talk with six other people on the Net about killing
Catholics. That's a good idea. We'll just all be in that room
together. You know, other people just put you in their Kill file
and you're out of here.
So the Net sort of resolves those two, that particular
tension set. Next tension set, tension set number two, is
information. Hmmmm. Information wants to be free. All right.
Information wants to be free. True. True thing. All information
wants to be free, and we don't really want to pay connect time
charges to get it, either. On the other hand information is
generated by people, and people need to be paid, okay? Because,
you know, the information environment that makes my apartment, the
landlord wants to be paid for that solid piece of information I
live in so I need to get something coming in the other way.
Well, I would propose to you that the way that both we
can have free information and also have information which returns
some kind of money or token back to its creator is probably at hand
within the InterNet within the crypto environment. In other words
I get a little sample of something. If I want to have the whole
thing maybe I have to send $5 down the line on my Master Charge in
order to get the key back. Mr. Zimmermann could probably talk a
little bit more specifically about how cryptography and things like
that probably hold the key to a real kind of commercial series of
transactions over the InterNet. So that is sort of the Net.
But on the one hand we have, you have to consider there's
two things going on on the InterNet. One is speech, and people
feel ASCII is speech and if you don't think it's speech say that on
the Net and they'll probably come back to you and hand you your
ASCII on a platter. Which empowers individuals. That's why we
love it. At the same time the other question is how are we going
to maintain copyright? Because people feel that maintaining copy-
right disempowers individuals. Correct. Copyright was not created
by the United States Government back in the dawn of government to
empower individuals. That was a side effect. Copyright was
created because people saw right away that unless people uld
enjoy the fruits of their labor there wouldn't be quite so much
invention within society and it was held to be a good thing to spur
invention within society. I think that's probably the fundamental
reason for copyright. And I think again, you know, the Net will
give us the tools to do that. The Net has been as a global machine
and through a pact that nobody intended and nobody created an
extremely, surprisingly responsive organism to solving its own
problems. They get solved on a pretty fast track.
The final tension is sort of what is going on on the Net
all the time in the way the Net only mirrors what we are and what
we make it and who we are as a society, and that is the tension
between the desire for liberty and the fear of liberty that leads
us to yearn for some kind of authority. You see this polarity move
along on the Net all the time. You see sort of libertarian --
libertarian anarchists are very big on the Net, are here, and then
there's control freaks. They're also here. Anybody who's been out
there for a while sees these people go at each other all the time.
Then of course we have Net Heads, or Heads, whatever, and
of course we have Feds, you know. And Heads and Feds have been
playing games on the Net now for almost a decade. There's no
reason to think they're going to stop. They sort of need each
other. The Christ and the Antichrist in an eternal conflict. But
meanwhile everybody else is just, you know, passing recipes back
and forth and, you know, here's my, you know, here's my secret
pedophile journal over here. Everybody's -- here's how you crochet
something. Here's some code. Here's a filthy E of me and my dog.
Just download, send money, state preferences.
Then of course you have the anarchists, like I am. Hey!
No rules, nothing. Let's just do it. You know, you're there. You
are free. Just assume it and act on it, and -- THE NET POLICE.
"You know, you're really a Nazi for saying it that way." In fact
the famous Mneumonics law on the Net says that the longer any Net
argument goes on, the more, the more ready you are to put us into
-- "as length of the UseNet argument continues, the probability of
a comparison to the Nazis approaches 1." And this happens.
Then of course you have intellectual political explorers,
you know, of all kinds, you know. Now we even have a Nazi,
AMERICAN NAZI.COM on the Net. No longer are we approaching 1; the
Nazis are already on the Net. But we have infinite disk space and
they just go off in their little room. And then we also have PC
people on the Net. PC's are very big on the Net, and very big on
college bulletin boards. These are the people that believe that we
can sort of control people in being nice, wonderful people, and
when everybody's nice and wonderful and has no bad thoughts then
it's going to be the Millenium. Hearts will open. You know, all
will walk naked in the world.
And then you have sort of the hackers and the crackers,
you know, and there's a great deal of confusion about who's hacking
and who's cracking. You know, if I'm cracking and I'm doing it
because it's cool, I'm hacking, right? If someone's hammering on
my password file they're cracking. I don't care how cool they are.
So I think my fundamental statement about the Net is that it is
literally the greatest tool for free speech that has ever been,
ever been invented. Free speech is, you know, freedom of the press
is available to those that own one. Hey. Two grand. We all own
one. That's about the total cash investment. Never have printing
presses with 15 million potential readers been so cheap, all over
the world.
I don't really despair for the future of the Net. I
think the Net is probably the greatest tool for the potential
liberation of the mind and spirit of all human beings that's ever
existed on the planet. I view it as sort of the peoples' publish-
ing company, that rejects no manuscripts, you know, that has all
books available for ten cents each, you know, if that. You know,
please. Read my screen.
And then you're always coming back with the Net tension
people saying, "Yes. But now that the people have the ability to
communicate with each other globally on any issue from any point of
view that they want to and governments can't really stop it that
easily and it just sort of flows through these borders, don't you
think it's time to call for all of us who use the Net to use it in
a responsible manner?"
And I say screw that. I say screw responsibility. Just
do what you want. That's what it is there for. "Well, you have to
telecommunicate responsibly." Well, I don't have to put a condom
over my modem. Enough of this. You know, I mean everybody's
always got to, you know, "We have a vast new medium. We must use
it responsibly." No, I say we use it irresponsibly. I say we just
fool around with it. We hack on it. We hammer on it. We pound
it. We just see what happens. Who knows? You know, it might be
a pi$ata and we crack it open and, you know, a lot of manure falls
out. Or we might crack the pi$ata open and a huge Mardi Gras party
will be wandering out. We don't know, you know. But I think we
have to use it and use it heavily, because, you know, as they say
in aerobics, "Use it or lose it." That's all I have to say.
* * *
1
0
MODERATOR: Well. Getting back to censorship. I'm not
quite sure what Phil Zimmermann is going to talk about, but I have
a feeling that unlike some computer experts that I've talked to who
think that the wide dissemination of encryption software like Phil
Zimmermann's Pretty Good Privacy make the Digital Telephony Act no
big deal because all the government will get is static when they
tap in on these new phones, I have a feeling that he is a little
bit more suspicious of the possibility of restrictive government
action. So perhaps we can now find out what we might loosely call
"the censorship crunch" (ph) and what is going to happen in it.
Phil Zimmermann.
ZIMMERMANN: How many people here know what PGP is?
Okay. How many people don't? Okay. Looks like we've got about
half and half maybe. Well, I'm not here to talk about PGP mostly
but rather government policies, but I'll just talk about it a
little bit.
Cryptography is the art of making secret writing. It's
been around for a long time. The problem is if I want to send you
a message I use a key to scramble that message up and then you have
to use the same key to unscramble it. The problem is how do I tell
you what the key is? Do I tell you over the telephone what the key
is to unscramble the message? If I do that then it can be inter-
cepted, and so that's the problem with cryptography. In fact that
has been the problem with cryptography since the days of Julius
Caesar.
But in the late 1970's some mathematicians at Stanford
and M.I.T. devised another kind of cryptography that solves that
problem of key distribution. It's called Public Key Cryptography,
and the way it works is that there are really two keys. One
encrypts, the other decrypts. As a matter of fact the two keys
have a kind of yin-yang relationship so that either one will
decrypt what the other one encrypts. This means that if you
generate a pair of these keys, everybody generates a unique pair of
keys for themselves, the keys have this mathematical relationship
like this. They're kind of like Siamese twins. And you separate
them at birth and you broadcast one of them to the world and put it
on all your business cards and in your telephone book and, you keep
the other one secret. Then if anyone wants to send you a message
they encrypt it with the key that you published. That's your
public key. But you're the only person in the world that can
decrypt that message with the corresponding secret key.
This solves the problem of key distribution. You don't
need secure channels to distribute keys beforehand. With the old
way that cryptography used to work before Public Key Cryptography
came along, you needed a secure channel for the prior distribution
of keys. Well, if you had a secure channel for the prior distribu-
tion of keys then why do you need to use any cryptography at all?
You know, I remember my Mom used to tell me when I was a kid that
if you sprinkle salt on a bird's tail you can catch the bird. And
for years I wondered about that. You know, maybe there's something
about salt and birds. But I finally figured out why you can catch
a bird if you can sprinkle salt on its tail. So if you could get
a secure channel to distribute keys, then you've got the communica-
tion problem solved. But maybe you could just send your message
through that secure channel.
Well, with Public Key Cryptography you don't need any
secure channels. So if you combine that with the technologies of
the Information Age, modems, personal computers, fax machines,
etc., then you have a really good synergistic combination of tech-
nologies that makes it possible for the first time for cryptography
to affect millions of people in their everyday lives. In the old
days before Public Key Cryptography you would have to do this prior
distribution of keys. Governments didn't mind doing this, because
they could put a guy on a plane to Moscow with a satchel handcuffed
to his wrist carrying keys to the Embassy there. They don't mind
paying the salary of somebody and buying them an airline ticket to
do that. But if you're going to talk to your cousin in Colorado
you're not going to do it by sending a courier carrying keys. So
cryptography never had a chance to affect the lives of millions of
people until Public Key Cryptography was invented and personal
computers and the Information Age came along.
Well, how many people here don't know what the Clipper
Chip is, or haven't heard of it? Or just don't know what it is?
Okay. I see almost everybody does. I'll just say a couple of
words, but I'll abbreviate my remarks about the Clipper Chip. The
Clipper Chip is an encryption device that the government is making
for us that they hope we'll put in all of our telephones. It
encrypts our telephone conversations so we can talk to other tele-
phones that also have the Clipper Chip. The trick though is that
at the time of manufacture the government puts the keys for encryp-
tion and decryption in these chips, and they keep a copy of these
keys for wiretap purposes.
You know, I haven't talked to an audience where it wasn't
immediately obvious to everybody that there's a problem with that
as far as -- you know, I was talking on the phone the other day
with the General Counsel of the NSA. I'm going to be debating him
next week in Los Angeles and so we were talking about what we were
going to do in the debate. And I made the remark that there is a
difference in attitude between people on the inside and people on
the outside. What I was talking about of course was inside the
government, and in particular the law enforcement and the intel-
ligence agencies. He said something like, that I was assuming a
lot to think that it was just people on the inside who were for the
Clipper Chip, and, you know, I just -- I don't remember running
into too many people on the outside that felt differently.
The government is trying to at first not pass legislation
to make us use the Clipper Chip but rather to use government spend-
ing power to make an awful lot of Clipper Chips deployed. They're
using government spending power both to buy Clipper Phones that
have the Clipper Chip in it and then they're going to use govern-
ment spending power to require government contractors to buy
Clipper Phones if they want to talk to the government. Well, this
kind of gets the production lines going and brings the cost down.
It makes it cheap enough so that it can be used more and more by
the general population, the related chips to the Clipper Chip.
It's not just the Clipper Chip. There's a whole series
of chips the government's making. Capstone (ph) is another chip.
They have this little card, a PCMCIA card. It's something that
slips into your personal computer, into your notebook computer,
that they're calling the Tessera Card, and the Tessera Card has got
something similar to the Clipper Chip in it and it can do digital
signatures, and they want you to file your taxes with it electron-
ically. You know, it's funny. They call it the Tessera Card. Now
I looked up "tessera" in the dictionary. I've got one of those
giant, thick dictionaries. And tessera is a name that ancient Rome
had for these little cards that were kind of like that, the size
and shape of a Tessera Card, kind of a tile. And it was an
identity card. And slaves were required to carry it, and if you
didn't they could chop your head off or something awful like that.
And I thought what a brilliant stroke of naming, you know? Who
thought of that?
I was talking to Clint Brooks, the Assistant to the
Director of the NSA, in Los Angeles a couple of months back. We
were on a panel together to argue this point. And he said that he
was the one who named the Clipper Chip, and he was thinking that
for these things, for example the Clipper Chip may not have been
the best choice of names for it because people think of clipper as
clipping the wings of democracy. Of course cryptographers like to
rearrange letters and things because we like to do that, so we kind
of just moved a couple of letters around and called it the Cripple
Chip.
So anyway what they're trying to do is to use government
spending power to change the facts on the ground. Not by legis-
lation, but by changing the facts on the ground. We don't have any
laws requiring us to use 120 volt AC power, but we do. When was
the last time you saw a 48 volt vacuum cleaner? It's the tyranny
of the installed base. That's why, you know, all computers are
Windows or MS-DOS computers or Macintoshes. It's something that,
if it's out there and it's -- deployment wins, in other words.
Well, the government is not the only ones that can change the facts
on the ground. I can change the facts on the ground. I've already
done that to some extent. And I'm going to do it some more.
You know if we wake up one morning with 100 million
Clipper Phones installed it's going to be too late to worry about
changing government policy. It doesn't matter who we elect
President. We could have somebody elected President that says,
"Elect me and I promise to get rid of all these Clipper Phones."
It won't do any good at all. The installed base and the technology
infrastructure is more powerful than a government, is more powerful
than government policy. There is no way we could change, you know,
our power standards. There is no way that a government can decide
that we're not going to use PC's anymore or something like that.
So that's what they hope to do with Clipper.
Well right now PGP, Pretty Good Privacy, a program that
I wrote that does E-mail encryption using Public Key Cryptography
and using other algorithms that were chosen from the academic
literature, the most powerful algorithms, the ones that had been
the best peer reviewed, not my own home grown invented algorithms,
because those had not been through the kind of peer review it takes
to stand up to major governments. PGP uses the best algorithms in
the academic literature.
PGP has become the most widely used program in the world
for E-mail encryption, bar none. Nothing else comes even close.
It's used all over the world. It's used in Burma by political
opposition groups in Burma, freedom fighters in Burma. Burma has
an absolutely wretched government. They torture and kill thousands
of people. They have a Nobel Peace Prize Laureate in custody in
Burma. They're being trained to use PGP in Burma in jungle
training camps on portable computers. They take this knowledge to
other jungle training camps and teach them too. I talked to
somebody who's connected with those groups and they tell me that
it's raised morale quite a bit because before PGP came along
captured documents would lead directly to the arrest and torture
and execution of entire families.
I talked with a guy who was a human rights worker in
Central America. This was at the offices of the American
Association for the Advancement of Science in Washington. They
have a human rights group there. And he told me that he was
documenting atrocities, death squads, and he encrypts his files
with PGP. But if the government found his files they would go and
kill all his witnesses, probably not very fast either. PGP is
saving lives there. I gave him a few pointers on good disk
hygiene, how to keep his stuff clean, not just -- using PGP alone
isn't enough.
Well, my next project is a secure voice project. I just
a couple of nights ago spent about a half an hour talking to one of
my lawyers over it. I haven't put the encryption in yet. It does
it all without encryption. But you talk into your personal com-
puter with a SoundBlaster board that compresses your voice, digi-
tizes, compresses and encrypts your voice, sends it out through a
modem, and at the other end it reverses those steps. So we have
this in test now, and I hope to release this through M.I.T.
M.I.T. is the current official publisher of PGP. They
have what is known as an FTP (ph) site. That's something on the
InterNet. It means that anybody can get a file from their computer
by just reaching in and grabbing it. But their FTP site is
structured in such a way that people outside the United States
can't do that. They won't let people in from outside the United
States. And not only that, even if you're inside the United States
it makes you answer a questionnaire saying that you are an
American, that you're not going to export this and promise not to
export it, and if you answer yes to the right questions it will let
you get PGP. It didn't take very long before PGP showed up in
Europe after that, probably the same day. Information wants to be
free. Apparently that applies to free software more than anything
else.
PGP was published in June of 1991 initially. It spread
like dandelion seeds blowing in the wind. It didn't take very long
for it to spread to Europe. Now M.I.T. with their lawyers and
their prestige is standing there publishing PGP in a way identical
to the encryption methods that they have used for publishing other
encryption software without any previous harassment by the federal
government on their doing it improperly, so they haven't gotten any
complaints about the way they're publishing PGP either. All future
versions of PGP for the foreseeable future are going to be pub-
lished that way, so I hope that that will protect it.
You [Corn-Revere] mentioned the Carr (ph) case. There is
a book by Bruce Schneider called Applied Cryptography, and it has
encryption algorithms in it. I liked it. I like the book, the
preface of the book. It's good. He says, "There are two kinds of
cryptography in this world: the kind that can prevent your kid
sister from reading your messages and the kind that can prevent
major governments from reading your messages. This book is about
the latter." You know, I wanted to steal that line for my book
because he stole many lines from my book in his book without an
attribution. But that's okay because information wants to be free
and I like to be quoted even if he doesn't credit. So I might call
up Bruce and ask him if I could put that in my preface for that
book.
A guy named Phil Carr took Bruce Schneider's book and
applied for an export license. Actually he applied for a
commodities jurisdiction grant by the State Department that the
book can be -- that this item can be exported. It was immediately
granted, because it was a book. He then applied for a CJ, commo-
dities jurisdiction, to export a floppy disk containing the same
source code in the book, exactly byte for byte the same source
code, and they said no. He has appealed it. They said no again.
Members of my own legal defense team are helping in his appeal.
This is a multifront war. You know, it's funny. The number of
lawyer jokes that I've told has gone down in the last year. I'm
starting to run into lawyers that are actually men of conscience.
It's great.
I'm about to publish the source code for PGP in a book
through M.I.T. Press. Books may be exported. I'm going to put it
in an OCR font. We're going to apply for a commodities jurisdic-
tion. We're probably going to get it, we presume. If they don't
it's going to be the first time that it was ever declined for a
book and I think the press would probably make much of that. They
probably know that, and they'll probably take that into their
calculations when they decide whether to grant this jurisdiction.
If they do that then I'll also publish the secure voice project I'm
working on in a book through M.I.T. press and see what happens with
that.
The government is -- you know, I found this interesting,
the point about the different media affecting what the government
tries to say, what we have free speech in. When telephones were
first invented there was an attitude in the government that you
could wiretap these things without a court order because they
didn't go into your house to do it. It was not a violation of the
Fourth Amendment of unreasonable search and seizure because they
could just go down the block and attach their alligator clips to
the copper and that would be all that's needed. So it took fifty
years of litigation to come up with the idea, or rather to
establish the idea that you need a court order to do a wiretap.
Well, we're facing the same thing again on the InterNet.
When the Founding Fathers made the Constitution they didn't think
it was necessary to say that we had a right to a private conversa-
tion, because there was no technology at the time that made it hard
to have a private conversation. If you want to just go talk behind
the barn with somebody you can say whatever you want and you don't
have to worry. You don't have to codify it in the Constitution
that you're allowed to do that. But now most of our conversations
are over copper or glass fiber. Most of the people I talk to I've
never seen the face. Maybe I will when they have those AT&T
things. Have you ever had a $10,000 phone bill? I know I don't
plan on installing a videophone in my house, because most of my
East Coast clients think that I wear a suit all the time. They
don't know how I work.
I ought to be able to whisper in your ear even if your
ear is 1,000 miles away. And the government says I can't do that,
and that's what this whole thing is about, removing all of our
communication from vibrating air molecules to photons. As more and
more of our traffic switches to electronic media it becomes more
and more lucrative to tap into it. You can't read all the paper
mail. The government can't read it all. They can read one per-
son's paper mail if they target somebody, but they can't read it
all. It's too much work to read everyone's paper mail. But they
can read everyone's E-mail. A single government computer could
scan every single piece of E-mail in the country, all of it, every
day, constantly.
Now I'm not saying they do that, but the technology
exists that they could. And it could scan for subversive key words
and it could look for political troublemakers. It could look for,
you know, the next anti-Vietnam War protesters or the next civil
rights protesters or the next environmental protesters, whatever
the issue of the day is. Some unpopular war or something like that
could come up again, and they'll be able to find people who are
talking about it. What could Joe McCarthy have done with these
kinds of tools?
What about traffic analysis? What about all these E-mail
headers that say who it's from, who it's to, what the subject is
and so on? I think this means that we should try to encrypt all of
our E-mail, because that's the only way to put it back the way it
was with paper mail. In fact it puts it beyond that. This is not
a black and white issue, because there are some downsides to this.
There's never been a time in our history where it's been possible
to place information beyond the reach of the collective efforts of
society, but with modern cryptography you can.
You know, if you put information in a bank vault you can
always get it out with dynamite or welding torches or something
like that. I remember in Butch Cassidy and the Sundance Kid, you
know, the dynamite, where it's raining money, you know? Used
enough dynamite there, Butch? You can always get that information
when it's physically protected. But it's now possible for the
first time in history to place information beyond the reach of the
collective efforts of society. The Gross National Product is not
enough to get it out. It takes less energy to make a round trip to
the nearest solar system than it does to compute the prime factors
of some large composite number.
I'm going to read you a quote that I got from a guy in
Latvia. I always read this quote, so to those of you who've heard
me speak before I apologize for the repetition. I got this, it was
sent to me by E-mail, on the day that Boris Yeltsin was shelling
his Parliament building in October of '93. It says, "Phil, I wish
you to know. Let it never be, but if dictatorship takes over
Russia your PGP is widespread from Baltic to Far East now and will
help democratic people if necessary. Thanks." That's the best
mail I've ever gotten on PGP.
I want to read you a quote that Louis Fried (ph), FBI
Director Louis Fried, said recently at a conference on global
cryptography, on September 26th. Steven Levy (ph) put a question
to him about what would happen if Clipper doesn't catch on, doesn't
get wide acceptance. What would the FBI do in response to that.
Would they outlaw other kinds of cryptography?
Here's a transcript of this:
At first they didn't understand this question. "You mean
if the software that we write doesn't work?" He said,
"No. If all you get is encrypted forms and you can't
decipher them." "The terms of encryption being a
voluntary standard?" Steven Levy said, "Yes." The
answer from Louis Fried, FBI Director, was, "Oh, yeah,
definitely. If five years from now we solve the access
problem but what we're hearing is all encrypted, I'll
probably if I'm still here be talking about that in a
very different way. The objective is the same. The
objective is for us to get those conversations, whether
they're by an alligator clipped on ones and zeros [it's
kind of garbled, I think] ... whoever they are, whatever
they are, I need them."
It was obvious to everyone there who got a little bit
clearer view of it than the transcriber of the transcript here that
what he was talking about is that he would seek legislative relief,
in other words outlaw other kinds of cryptography. This is the
first time an Administration official has said something along
these lines.
Just a couple of weeks back the FBI Wiretap Bill passed
requiring phone companies to build all their equipment wiretap
ready. The analogy to this is requiring new home builders to put
video cameras wired to a police station, with a promise to only
turn them on with a court order. The assumption is that as we
build a new technology infrastructure we have to guarantee to the
police, to the government, that they will have access to our
private communications.
This is a dangerous precedent. The FBI Wiretap Bill
passed without too much trouble, largely in part because of the
efforts of the Electronic Frontier Foundation I'm disappointed to
say. John Curry Barlow (ph) made the remark that he could have
changed the vote of one of the Senators, and he told him to go
ahead and vote for it because it was in the EFF's view the best
deal they could get. I think that we could have stopped it. Last
year it was introduced and it didn't get a single sponsor. This
year it had money in it for the phone companies to pay for the
infrastructure changes. The phone companies stopped opposing it
for that reason. We can't let some future legislation come down
that will slip by us that outlaws other kinds of cryptography.
Cryptography is our one guarantor of privacy on the Information
Superhighway, the Infoban. I was talking to a Swedish reporter
recently and I used the word "Infoban," and he said, "Oh, I wish
you wouldn't use that word. It sounds too German. So I understand
the new word is I-way. I saw that in Wired. It's a little too hip
for me.
We have to stop this. There's only one chance to fill
with this technology niche. You see, your voice is going to be
digitized at your telephone not down at the office, so there's
going to be a computer in your phone. And once it's digitized it's
practically free to encrypt it. It will be encrypted. The
question is will it be encrypted with technology that we control or
technology the government controls.
If we build a technology infrastructure that some future
government might inherit, a future government that could be a bad
government -- you know, sometimes economies change. Germany in the
1930's, Russia in the 1990's, we don't know where our economy will
be twenty years from now, thirty years from now. A government
could emerge with fascist tendencies. If they inherit a technology
infrastructure that allows them to monitor every movement of their
political opposition, every transaction, every conversation and
every communication, every bit of travel, then they'll be able to
hold onto power. It could very well be the last government we ever
elect. I think if you're trying to analyze technology policy you
should ask yourselves what kinds of technologies would strengthen
the hand of a police state, and then don't deploy those technolo-
gies. This is a matter of good civic hygiene.
So that's about all I have to say. I guess we can have
our question and answer period.
* * *
1
0