On Monday, August 13, 2001, at 10:14 AM, Trei, Peter wrote:

[I hate to post something that makes it look as if I'm doing further BU bashing (which is not my intention), but:...]

When all you have is a hammer, everything looks like a nail. There are other groups which can apply pressure than lawyers, courts and Men with Guns. Auditors and insurance companies come to mind. Schneier has noted how improvements in safe (as in a secure metal box) technology was driven not by losses, not by customers, nor by lawsuits, but rather by insurance requirements.

'You're running your ecommerce site on IIS? Ok, that's 10% extra on your premiums." (This is already starting to happen).

I've been pointing this out for many years, and did so at very early Cypherpunks meetings. If you say Schneier "has noted" this, I'll take your word. The proper (moral, public choice theory, economically sound) approach is for those who want more security against theft to _pay_ for it. This through either their own choices, such as the choices I myself made for the type of gun safe I have in my house, or through the advice and pricing from their insurance companies. Holding a cheap safe maker "strictly liable" for loses when thieves use tin snips to cut through their safe is NOT the solution to the "strong safe" problem. Unfortunately, as Declan also notes, the "men with guns" tend to go for "do this or we will shoot you" solutions. I count mandatory air bags and seat belt laws in this category. Friedman's recent book "Law's Order" has many good economic analyses of tort situations, showing in nearly all cases that free market (mutually negotiated, noncoerced) produce more efficient results than non free market (imposed by government, coerced) solutions. Not surprising to libertarians, but useful to consider in the crypto context. Bringing strict liability into the world of security and crypto would result in the usual market distortions. As an example, one might expect a "recommended security standard," decided upon by industry committees (with government, probably the NSA, involvement). Like airbags, this would then be mandated to be included in all Net connectivity and related products. Vendors would scramble to meet this requirement. And probably some form of escrow ("to help resolve disputes," "for the children") would be mandated-in. And of course it probably couldn't be "too strong." Liability as currently interpreted can easily suppress innovation: Westinghouse froze the design of their boiling water nuclear reactors at roughly the 1960 level, except for minor changes in instrumentation and construction methods. The theory being that they had been given a kind of "safe harbor" on past designs (often done in conjunction with the Feds, as part of military reactor and AEC-led design projects) and that introducing innovations could alter the risk equation...even if it made the reactors better! Similarly, innovations in automobile design are suppressed by liability concerns. A car maker who improves the layout of gas and brake pedals faces lawsuits over accidents "caused" by the changes. (cf. "sudden acceleration," aka "nitwit stepped on the wrong pedal.") Peter Huber, in "Galileo's Revenge," notes many cases where strict liability law has suppressed innovation. My favorite was the Florida case where a woman claimed a CAT scan made her lose her psychic powers. A jury awarded her $2 million in liability damages. (This also mixes in pseudoscience issues, but the liability laws are still implicated.) And speaking of CAT scans, or NMR, PET, etc. scans, many hospitals now routinely order such scans in nearly all cases of minor injury. My father went in for an exam and the doctor recommended an NMR scan of some sort. My father asked why. The doctor: "Don't worry, your insurance will cover most of it." My father: "I asked why I need this." Doctor: "We really recommend it." To cut to the chase: Hospitals recommend such scans "just in case." To cover their asses in a possible liability suit should some problem happen later in time. Is this "due diligence"? Well, NMR scans are not cheap, so the cost gets passed on in the usual ways. Is the average benefit worth it to the average patient who gets the "we recommend it" advice? Debatable. Except there _IS_ no debate about it, certainly not between the average patient and the average doctor. BTW, my father said "No" to the doctor. The doctor argued, then gave up. Apparently he felt my father was exposing _him_ to strict liability. (Needless to say, a patient's "waiver" is challengeable in the usual ways: "I didn't know what I was signing," "The doctor didn't explain to me that the scan might have detected the tumor I now have," and the other usual Mommy State whines.) Anyway, I think imposing FDA-type oversight and medical industry-type liability laws on the security and crypto industry would be a disaster. Here's one of my articles from 1996 about this issue: * To: cypherpunks@toad.com * Subject: The public sees no need for crypto at this time * From: "Timothy C. May" <tcmay@got.net> * Date: Thu, 21 Nov 1996 10:25:00 -0800 * In-Reply-To: <1.5.4.32.19961121141010.006da9a4@ix.netcom.com> * Sender: owner-cypherpunks@toad.com ------------------------------------------------------------------------ I believe that at this time the differential market value to customers of having strong crypto in telephones is near-zero, and in cell-phones is only slightly greater. My reasons will follow below. I'm explicitly discussing "things as they are" rather than "things as they should be." At 9:10 AM -0500 11/21/96, Clay Olbon II wrote:

I think we need to keep a couple of goals in mind. The first, is to get encrypting phones (or phone add-ons) into Wal-mart, K-mart, etc (where probably most Americans now buy their phones). The prices need to be low enough that people will want to buy them (<$100?). Is this technically feasible? The comsec device from the above URL already demonstrates the needed capability. Is the cost target possible? My guess is soon, given the lowering costs and increasing capabilities of current processors.

The second goal needs to be to push a similar product for cell-phones. I think this will be perhaps an easier sell, given the higher initial cost for these phones, and their reduced security. Perhaps a home device could be sold with the cell-phone as a package deal, so that communications with

"home base" (i.e your office, home, etc) would be secure. With the rapid growth in cell-phone sales, selling a package such as this might ensure a larger user-base of home devices.

Given that these goals are met, I think widespread use of crypto over

lines would become almost inevitable. However, the fun part would be

While I would certainly _like_ to see wider use of crypto, and crypto deployed ubiquitously in products like telephones, cellphones, pagers, and, of course, computers and networks, I think any honest appraisal of market conditions must conclude that there is little _average American_ awareness of, or demand for, crypto. One could cite many reasons. Here are some that I see. (Note: I'm not saying these are true for me and thee, nor for everyone else. And these reasons may change with time. But for now, I think they're pretty accurate.) * Most people don't think they're targets of wiretapping. They don't think the FBI is tapping their phones, and they've never even heard of the NSA, let alone GCHQ, NRO, SDECE, etc. * "What have I got to hide?" * Given a choice to use ordinary phone lines or cordless handsets, with attendant ease-of-eavesdropping issues, they'll take the convenience of cordless handsets nearly every time. (And the 900 MHz increase-security cordless handsets are not yet in heavy demand...they'll succeed when they're as cheap as ordinary cordless phones.) * Security always takes some effort. The military can have it only by having elaborate protocols, checks and balances, and essentially full-time "crypto" personnel to go through the rigamarol of setting up secure communications and locking up key material according to elaborate procedures. (I like to cite the evolution of metal safes. Mosler Safe Company says the driving force behind safe design, and deployment to merchants and banks, was the _insurance business_. Instead of preaching about the value of increased security, the insurers--who knew how to take the long view--offered rate discounts if stronger safes were installed. Voila, stronger safes. Until similar incentives exist for data--e.g., insurance for loss of patient records, confidential dossiers, etc.--I doubt most people will listen to the "preaching.") * Look at how few people--myself included--routinely use crypto (digital signatures, etc.) here on this list! It is now "worth it" to me to digitally sign all messages. (Please, don't send me your personal experiences or your scripts for interfacing Pegasus Zapmail to PGP 2.8!) * Even those with secure phones--STU-IIIs and Clipperphones--admit that they rarely use the features. (Recall several stories where advocates of Clipper had to take the books and magazines piled up on top of their Clipperphones, dust them off, and try to remember how to initiate a secure conversation!) * And this raises the problem of: whom do you communicate with securely? If your friends and family don't have compatible hardware, what's the point? Sure, some corporations and enterprises will take the plunge and buy sets of units, but Joe Public will likely not, at least not until a critical mass of compatible crypto is installed...perhaps a decade or more from now. * In short, most people don't see the need. They're not doing things they think would warrant surveillance, and they have no experience with bad effects from wiretaps or whatnot. Just not on their list of things to worry about. And they don't want the additional confusion, learning, and incompatibility with what their friends and coworkers have. As to the larger issue of "edcucating the public," I think this is almost always an exhausting and fruitless task. Do-gooders have been trying this for decades, even longer. (Don't let me stop you, anyone. But I think it's unlikely that a new campaign to educate people about a potential risk that they have never seen any concrete evidence for in their own lives is going to do much.) When crypto is cheap enough, it may be a selling factor for a consumer making a choice. How much extra people are willing to pay is unclear. And there are "sophisticated users" who may pay extra for such features. And certainly there does not have to be "wide acceptance" for crypto to be deployed to the "point of no return" (hint: this is a more important goal to me than acceptance by Joe Public). For example, the SSL and SWAN stuff is incredibly important, because wide encryption of network traffic, even if Joe and Jane Public are not using crypto at home, means surveillance and vacuum-cleaner types of NSA monitoring are made ten thousand times more difficult. Which may be enough to secure for us the blessings of crypto anarchy. P.S. I'll be away at the Hackers Conference in Santa Rosa, CA for the next several days, and then travelling for the American holiday of Thanksgiving Day. So, I'll be mostly away from the list for a while. --Tim May the phone the

introduction of such products. The FUD coming from police, the government, etc. would be amazing to behold.

Clay

******************************************************* Clay Olbon olbon@ix.netcom.com engineer, programmer, statistitian, etc. **********************************************tanstaafl

Just say "No" to "Big Brother Inside" We got computers, we're tapping phone lines, I know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1,257,787-1 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."