John Smith <jsmith58@hotmail.com> writes:
Adam Back <aba@dcs.ex.ac.uk> writes:
You reference Ian Goldberg claiming to have to work on crypto during trips to Canada. I think he was just trying to make a political point. I submit that he could write and publish all the crypto he wants in the US (on one of those "export controlled" sites). It will get illegally exported in no time at all. Where's the problem?
That's easy for you to say, there in England. You don't have these export controls, right?
We have different export controls. You can export what you want electronically right now. And, so I hear, the exporter is defined as the person who downloads from your web site, so lots of hits from Iraq is no problem. Start to talk about tangible things and you require a license. You can get export licenses for strong crypto, 128 bit etc, just the spooks like to know what's going on, who you're selling to etc. I think it probably depends who you're exporting to, etc, etc. Ie I don't know that the results are publically published, nor reasons for rejections, etc. so I don't really know how it works out in practice. Interestingly perhaps all the T-shirts with the .sig on them I have been exporting to Russia, France, Peru, Brazil, etc. (could someone from Iraq order one -- that'd be fun) are probably export violations from the UK too. I mean it has crypto on it, and it is tangible, and I haven't asked for permission. (I'm sure they would grant permission, but I guess technically I'm supposed to ask them).
How can you say what Ian Goldberg should do.
Does do. He wrote a loop back crypto driver for linux. It's available on the cypherpunks ftp site at berkeley. It's also available at the Italian crypto ftp site. I was presuming he wrote it in the US, as his instructions include a for export version with the crypto chopped out and instructions on how to put it back in. Anyway, let's see. Other people write crypto code in the US. They set up a revolving directory or some other check. MPJ had such a site. People do this with no legal problems, even Netscape does it with US government official approval. So clearly it's not illegal. Anyway, for freeware crypto, it gets illegally exported (presumably by third parties) and openly mirrored outside the US. So where is the problem that is holding up freeware crypto? Actually there are less direct problems, such as loss of interactive collaboration from non-US contributors, etc. But you see my point I hope.
William Geiger has PGP on a non-export controlled site, and the export bods haven't said a word, so it's not even clear that they care about freeware at this point.
PGP is a special case because it is already out there everywhere.
So you're going to export it too?
Still the example of Phil Zimmerman is a good one. Even though he got away with it eventually, they showed how they can make your life hard. Probably the only reason he didn't get charged was because they couldn't prove anything.
I think it most likely that it was because it wouldn't have been in their interests due to negative publicity, Zimmermann was a folk hero by then. Course nobody knows the official reason, not even Zimmermann himself. His lawyer knows, but the condition of knowing is not being allowed to tell other people the reason, so PRZ chose not to know.
Not many people are going to be willing to take that chance. William Geiger and a few others may be exceptions, but most people won't openly break a law which has strong penalties like this.
No? This program is officially not exportable according to USG. Prof Peter Junger obtained a written decision stating this to be non-exportable: #!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj $/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1 lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/) I've seen lots of people export it. Actually the export rate has picked up a bit since Junger obtained that excellent result.
A lot of hackers thought they'd be heros but ended up doing time. Read that letter from Jim Bell if you want to see how different things look once the government comes down on you.
Really I agree. Jim Bell is a different case, possibly more to do with these common law courts he was apparently involved in, and various IRS arguments, but perhaps also to do with his essays describing betting pools to remove congress-critters. I wasn't suggesting Ian should violate the export regulations. Rather that it's not a problem because interesting software invariably gets exported anyway. So let someone else do the exporting, or importing, or whatever happens..
But after all the opposition which came out, from practically every interest group there is, I am sure that there is no way domestic controls on crypto are going to pass.
Could be. Hope you're right. The other less favourable example is the phone tapping regs they bought in, and the clipper chip. Clipper chip was the classic, they all voted against it, so Klinton brought it in as a government standard by presidential decree. Adam -- Now officially an EAR violation... Have *you* violated EAR today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`