Re: Canada slaughters civil rights
On Monday, October 15, 2001, at 08:44 PM, Meyer Wolfsheim wrote:
It's convenient that ZKS dropped Freedom from it's product line, nicely dodging the issue of "harboring terrorists."
Hrmm. Tim's been saying this for quite a while, and it's only going to get worse.
Not just this, but they did it with an unacceptable amount of warning. (Seven days, versus the past couple of years of obvious trends. It doesn't take much neural processing to see that their sudden re-focussing on some bullshit product like "cookie management" is a response to the new climate of fear.) I'm surprised there has been little discussion (any discussion?) of the NAI decision this past week to lay off 250 of the 300 PGP employees (*) and to either sell the division to someone or abandon it completely. (* As with ZKS and their couple of hundred employees, just how are 300 PGP employees justified? As the comments on Slashdot point out, just how the hell does a product which has been evolving _very_ slowly conceivably justify 250-300 employees? DilbertWorld, obviously.)
http://www.cnn.com/2001/WORLD/americas/10/15/rec.attack.canada.reut/index. html
OTTAWA, Oct 15 (Reuters) -- Canada unveiled a sweeping security bill on Monday to ban fund-raising by terrorist groups, widen wiretapping authority and allow police to make preventive arrests of people they think will engage in terrorism.
Which, by the way, is _precisely_ the scenario I presented to Austin and Hammie in the late fall of 1998 when we met in Menlo Park. What are you going to do, I asked, when the RCMP says that a terrorist has hijacked the Queen's plane and ZKS is being ordered to reveal the mapping of identities? Can't do it, you say? Fine, then you're out of business as of right now. The notion of a central service, located in a known location and subject to some nation's laws, is ludicrous. ZKS founders said that they Canada was a "crypto haven" compared to the U.S., indicating deep confusion about just what it was Canada was more liberal about (export laws) and what it was Canada was more repressive about (nearly everything else). Most importantly of all, Canada is a second cousin to the U.S. and does what it is told to do, with no constitutional niceties. So, NAI is abandoning PGP (no great loss, actually), ZKS is abandoning Freedom (ditto), and some crypto luminaries are falling all over themselves to support police state measures. And, ironically, it won't make us one whit safer. Ben was right. --Tim May, Occupied America "They that give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- Benjamin Franklin, 1759.
On Mon, 15 Oct 2001, Tim May wrote:
I'm surprised there has been little discussion (any discussion?) of the NAI decision this past week to lay off 250 of the 300 PGP employees (*) and to either sell the division to someone or abandon it completely.
Judging from the trouble that company has had over the course of its history, I wouldn't be surprised if this decision would have happened regardless of the terrorist attacks. NAI has been down-sizing over the past year, and recently moved a good number of its positions out of the Bay Area to places like Maryland and (gasp) Canada.
(* As with ZKS and their couple of hundred employees, just how are 300 PGP employees justified? As the comments on Slashdot point out, just how the hell does a product which has been evolving _very_ slowly conceivably justify 250-300 employees? DilbertWorld, obviously.)
Both the 300 employee figure and the PGP name are misleading. My understanding (and this is based on a conversation I had with a PGP employee over a year ago, so it may not be exactly accurate) is that the 300 employees were of the "PGP Security, Inc." business unit. NAI was restructured into four business units in 1999: Sniffer, Magic, McAffee, and PGP Security. PGP Security was responsible for the traditional "Phil's PGP" products and their off-shoots as well as the TIS products (Gauntlet Firewall, etc.) and NAI's IDS software (Cybercop.) This business unit probably also had its own marketing and sales and support divisions. "PGP Security" was far more than just the PGP product Cypherpunks think of. I suspect the business unit was named this to capitalize on the reputation of the PGP name. Taking this into consideration, however, the employee numbers make a bit more sense.
The notion of a central service, located in a known location and subject to some nation's laws, is ludicrous.
Decentralization has been discussed extensively here in the past, so I'm not going to comment on that. However, I haven't seen any really plausible suggestions on how to go about hiding the location of network infrastructure providing a service. Sure, some components of the system can be hidden, such as middleman remailers operating behind nym.alias.net accounts, but this still requires some remailers to be "out in the open." And, of course, if a physical component is required, then the service will be subject to some nation's laws. The best we can do is ensure that there is no nation whose laws affect all components of this system. (Example being the decentralized network of mixmaster remailers scattered around the globe.) This isn't a solution, however. Every nation in which remailers currently reside could pass a resolution banning them, and that would be curtains. So, back to my point. The problems I see with achieving the ideal environment for such services are: 1) How does one avoid being in the jurisdiction of any nation? 2) How does one hide the physical locations of any part of an entire network? The first problem is pretty unsolvable. (Starting your own country is not a feasible solution, in my opinion. For instance, Sealand exists because Britain tolerates it. As soon as it is branded "a terrorist bunker in cyberspace" there would be plenty of justification for bombing it.) I'm interested in hearing thoughts on the second problem, or pointers to work done on this. -MW-
Tim May wrote:
I'm surprised there has been little discussion (any discussion?) of the NAI decision this past week to lay off 250 of the 300 PGP employees (*) and to either sell the division to someone or abandon it completely.
Probably because PGP isn't that important to us. Aside from an Outlook plug-in (for those who use Outlook) does it offer any advantages over GPG? PGP on Windows might be easier for a non-geek than GPG; I'm not in a position to evaluate. -- Steve Furlong Computer Condottiere Have GNU, Will Travel 617-670-3793 "Good people do not need laws to tell them to act responsibly while bad people will find a way around the laws." -- Plato
Tim May wrote: [...]
I'm surprised there has been little discussion (any discussion?) of the NAI decision this past week to lay off 250 of the 300 PGP employees (*) and to either sell the division to someone or abandon it completely.
(* As with ZKS and their couple of hundred employees, just how are 300 PGP employees justified? As the comments on Slashdot point out, just how the hell does a product which has been evolving _very_ slowly conceivably justify 250-300 employees? DilbertWorld, obviously.)
Maybe they are like those money-losing airlines that laid off people they would have laid off anyway and blamed it on the attack. Except in this case they are claiming they would have done it anyway, knowing that everyone will suspect they are lying and therefore assume they wouldn't have because they know that we know that they know that we know... Well, maybe not. (Kudos to Ryan Air, the low-price Irish airline which cut its prices and kept flying, in fact they have opened new routes. They had a 20% increase in passengers the week after, while the likes of Swiss Air & Sabena were stranding travellers in remote parts.) Ken Brown
On Mon, Oct 15, 2001 at 09:05:15PM -0700, Tim May wrote:
Not just this, but they did it with an unacceptable amount of warning.
Right. Terrible customer focus, to use some buzzword phrase. Even putting political issues aside, I'd have a very tough time recommending their products to anyone after this week-or-two discontinuation. It would be like the Well abruptly deciding to kill my well.com address with a week's notice, after I've had it since 1995, and rely on it for professional and personal reasons.
(Seven days, versus the past couple of years of obvious trends. It doesn't take much neural processing to see that their sudden re-focussing on some bullshit product like "cookie management" is a response to the new climate of fear.)
Maybe, maybe not. I've had numerous reports from reliable sources who have said that the change was in the works before Sep.11. Maybe the attacks speeded it up.
So, NAI is abandoning PGP (no great loss, actually), ZKS is abandoning Freedom (ditto), and some crypto luminaries are falling all over themselves to support police state measures.
Some possible good news, for a change. Sen. Judd Gregg, who said he was introducing legislation to restrict crypto, seems to have a change of heart. My article will be up at wired.com tomorrow. -Declan
participants (5)
-
Declan McCullagh -
Ken Brown -
Meyer Wolfsheim -
Steve Furlong -
Tim May