Declan McCullagh <declan@well.com> writes:
The relevance? Another example of Singapore's loony politics. Strict social controls and relative economic freedom. I find it fascinating in light of Net-filtering and other attempts at restricting information flow; if you don't, well, you can always delete it. :)
The net-filtering and social control aspects of Singapore are very interesting. Seems that somewhere like Singapore might be an earlier adopter of mandatory GAK -- social ills have hugely disproportionate treatment over there. I hear (and our Singaporean contributer confirms) that chewing gum is illegal, jay walking too. (Hey you have the jay walking laws in the US too don't you?) (I missed the social control aspect of the vote for kewlest public toilet story). We all suffer this kind of mind numbing stupidity on part of our governments to some extent. Outlawing of `rambo' knives, laws defining pi = 3, etc., etc.
[CMR topic:] My position is something along these lines: corporations have a right to go down the CMR path; it is unwise to restrict them through the coercive power of the state.
The question is really what _is_ the CMR path? PGP Inc are arguing that it is merely a recovery procedure to recover stored data in event of disaster (stored emails in mail folders, and files encrypted to yourself). However the design seems itself much more suited to message screening, or message snooping. I have yet to see any PGP Inc representative admit to the message screening design motivation. In fact they have fairly clearly denied this. Either you believe that, or you figure they are being careful not to admit to this. I don't know what to believe. The CDR approach (http://www.dcs.ex.ac.uk/~aba/cdr/) is more secure, less politically dangerous, and equally privacy respecting.
At the same time, we need to speak out against crypto-foolish practices. If corporations start building CMR products, the political consequences could be devestating. It's like building a gallows for your own hanging.
Yes, I think it is potentially dangerous.
From my perch in Washington, I see PGP 5.5/CMR as an existence proof that key recovery can be done. So far the crypto-advocates have been able to wave around the Blaze et al white paper that says we don't know how to do it. Even Dorothy Denning agreed. But now when a mandatory GAK bill goes to the House floor, all Rep. Solomon etc. have to do is wave around a shrinkwrapped copy of PGP and say: "I bought this for $19 at the Egghead shop at 21st and L." Details will be lost in the fearmongering.
This is one example of why CMR may be dangerous. Another is the danger that we have a couple of years of mass CMR enabled software deployed. Tim has been using the acronym GMR, which nicely says what a well deployed CMR software base can be converted to with an over night presidential decree. Lethal.
I suspect that there's not that substantial a market for CMR. The apparent market demand now is an artificial one created by the Clinton administration.
Again, what _is_ CMR? I do think companies if they are storing lots of data in encrypted form will want to assure themselves that they can get it back. Sort of like unix/windows NT passwords; if every time users forgot their password, you had to start over with an empty account, people would get annoyed. The problem is that pgp5.x is both an email encryption system and a file encryption system. So PGP Inc argue that they need the recovery features for files. Well OK, but for emails in transit? The way to treat emails in transit is to encrypt with recovery info after receipt, if the employee feels that particular email is worthy of saving for company records. Adam -- Now officially an EAR violation... Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`