- Clinton administration eases Cold war era controls on export of supercomputers to Soviet bloc countries - mainstream article on digital signatures in The Sciences - European secure phone & network advertisement there's a pointer to Islands in the Net by B. Sterling for `offshore data havens' and some other notes there, not included. points: - remember that DEC machine that was taken off the net because of problems with the state department restricting computer access to `foreign nationals'? will anything like this ever happen again? - public comprehension of digital signatures is definitely a necessary stepping stone to digital cash in the collective psyche. A positive sign. - secure phones: was the EC policy recently quoted here affected by this? anyone in Europe threatened by that proposal should look into this. ===cut=here=== RISKS-FORUM Digest 15.03 Date: 27 Aug 93 15:05:53 EDT From: "Mich Kabay / JINBU Corp." <75300.3232@compuserve.com> Subject: Technology export curbs
From Washington Post newswire 08/27
U.S. Acts to Ease Export Controls On Computers; Industry Officials Say Proposed Standard Falls Far Short of Need By Peter Behr, Washington Post Staff Writer "The Clinton administration moved yesterday to ease Cold War-era controls on exports of high-powered U.S. computers to the former Soviet Bloc and other countries, fulfilling a campaign promise President Clinton made to the Silicon Valley executives who supported him last year." The article continues with comments on the lost sales caused by Cold War restrictions on computer exports. The new Commerce Decision rules allow export of microprocessors rated at 67 Mops (million operations per second), a big boost from the previous limit of 12 Mops. However, multiprocessor units are still on the forbidden list. Sales to the former Soviet Union are still subject to approval by COCOM, the Coordinating Committe for Multilateral Export Controls. Apparently some members of COCOM--Germany, in particular--are trying to link relaxation of computer export restrictions with relaxation of telecommunications gear. *** It will be interesting to see if the long-standing assumption that export restrictions prevent the distribution of technology to the interdicted nations. My reading of the DES-restriction debacle is that export controls on high tech are a farce. The U.S. restrictions hurt U.S. manufacturers and are a boon for everyone else. Michel E. Kabay, Ph.D., Director of Education, National Computer Security Assn RISKS-FORUM Digest 15.02 Date: 03 Sep 93 07:52:52 EDT From: "Mich Kabay / JINBU Corp." <75300.3232@compuserve.com> Subject: Electronic documents A recent article deals with several RISKS of depending on electronic documents: Hayes, B. (1993). The electronic palimpsest; Digital documents for all occasions: erasable, correctable, reproducible, forgeable. _The Sciences_ (NY Academy of Sciences) 33(5):10.(Sept/Oct 1993) I enjoyed reading Brian Hayes article in the new issue of this fine magazine. It is not only informative and up to date, but also elegant, amusing and beautifully illustrated with various paintings. Summary follows: "As a writing instrument, the computer is not su much a better pencil as a better eraser." You can eliminate all traces of your early versions at the stroke of a key. This easy erasability leads to difficulties of authentication. How can one prove who wrote an electronic document? Digitized signatures make the problem worse, since anyone can scan a real signature and then print in on any document. However, digital signatures are a good method of authentication. The public key cryptosystem allows you to encrypt a document with your private (secret) key; only the corresponding public key decrypts the message. The encrypted version is as big as the original, though: a nuisance. A refinement, the digital signature, encrypts a digest of only 160 bits and provides the same confidence of authentication. Another problem is forgery. If we pay the rent with an electronic cheque, what stops a crook from using copy after copy of the same cheque? We will need unique serial numbers on electronic cheques. What about proving _when_ a document was created? Here we have to rely on a time-stamping service. Scientists at BELLCORE have invented the time-stamp equivalent of the digital signature. You submit a digest of the document that needs to be time-stamped to a trusted time-stamping computer; it generates a cryptographically-sound certificate which includes the time of receipt. To prevent fraud at the time-stamping computer (where someone might change the system clock long enough to produce fake time-stamps for a specific crime), every certificate is merged mathematically with all the others issued during the same weekly period. The summary time-stamp is then published in _The New York Times_. The legal system will have to adapt to the increasing use of electronic documents. Historians will also have more trouble piecing together the creative process if only the final version is published or physically available. And what about the rapid changes in computing technology and storage devices? Who will be able to read today's diskettes a hundred years from now? Or even ten? Archivists must think about these issues. <<end of summary>> Michel E. Kabay, Ph.D., Director of Education, National Computer Security Assn RISKS-FORUM Digest 15.04 Date: Thu, 9 Sep 1993 18:10:41 +0100 From: Brian.Randell@newcastle.ac.uk Subject: EuroDigital The attached article about a new digital phone service, about to be launched in the UK, is from the Monday, Sept 6, 1993, issue of The Independent. Also in this issue was a two page advertisement for the new service - the text of this is also attached. My understanding is that the new equipment produces emissions that have characteristics that were not considered when the regulations and guidelines (under which existing devices such as hearing aids were designed) were laid down. If this is right, then the statement by the providers of the new service that the problems are the responsibility of the manufacturers of such devices would seem to be highly questionable. I await with interest RISKs readers' reactions to the article (and the advertisement). Brian Randell, Dept. of Computing Science, University of Newcastle, Newcastle upon Tyne, NE1 7RU, UK Brian.Randell@newcastle.ac.uk PHONE = +44 91 222 7923 [...] (Advt.) LIBERTE' The Freedom to make a call in total security We have given you freedom. We have created a secure tomorrow for businessmen and travellers both here and in Europe. New frontiers beckon. Vodafone proudly announces EuroDigital. The most advanced and most secure mobile phone network. So sophisticated that it can even be used to make and receive calls in Europe in total security. EuroDigital represents a revolution in mobile phone technology. A superior digital system that provides a top quality service. A quality that doesn't falter, that doesn't break up. Line rental is 21.50 per month. UK call charges 25p per minute peak, 10p off peak. Only Vodafone can offer this. Liberate yourself. Enjoy freedom of speech and security. Rise above the rest. Call free, 0500 123 123 and ask for more information. All prices are recommended and are exclusive of V.A.T. VODAFONE EuroDigital