Re: WaPo on Crypto-Genie Terrorism
On 27 Jul 96 at 19:21, John Young wrote:
The Washington Post, July 27, 1996, p. A22. Speaking in Code on the Internet ... [Editorial]
Some bothersome things about this editorial... [..]
security of their data. They also see it as a market in which the United States maintains a comfortable lead, one that is threatened if domestic encryption makers can't sell their products elsewhere. The makers argue that foreign encryption software will rush in to fill the gap, doing nothing about the uncrackability problem -- indeed, making it worse. The administration in turn is pursuing a wider
IMO, the US does not have a comfortable lead. It's already falling behind considering some of the stronger crypto programs available (at least as freeware) are made outside the US. Many of the stronger algorithms were invented outside of the US (IDEA for instance). [..]
with wiretapping. Mr. Freeh, testifying at Thursday's hearing in favor of an optional key escrow plan, noted that the point is not to prevent all copies of uncrackable code from going abroad -- that's clearly impossible -- but to prevent such high-level code from becoming the international standard, with architecture and transmission channels all unreadable to world authorities. To software companies and Internet users who
So why should criminals bother with using standards if they are readable by authorities?
have been clamoring for the right to encrypt as securely as possible, Mr. Freeh and others argue, "the genie is not yet out of the bottle" on "robust," meaning uncrackable, encryption.
Are they going to magically erase all copies of strong software that is already currently available? (Side note: the Pacifica news report on Friday notes that while Freeh gave his testimony, over 100 copies of PGP were downloaded from MIT's site.) [..]
Encryption, if widely used, could conceivably ease some privacy problems concerning who gets to see personal and financial data on individuals -- though such data usually are vulnerable to being dug out of storage rather than intercepted in transmission. But neither is it clear that
And evidence cannot be encrypted. You cannot encrypt an airplane full of cocaine or an unusually expensive car baught by money from drugs, espionage, etc. Nor can you encrypt bomb-making materials, nor conversations in a room (from your mouth to a telephone receiver). Nor will encryption do anything about informants inside the communications loop. etc. etc....
the encryption enthusiasts' desire for free development should take precedence over the tracking of terrorism. At
It's not clear that terrorism can be tracked, even if it's unencrypted. The OK and WTC bombings were apparently not encrypted, and there's some allegations that the authorities had advanced warnings of the latter.
the very least, Congress should be exceedingly cautious about getting out ahead of administration concerns on controls that, once lifted, are hardly reversible.
The controls haven't done much to prevent free software from being exported. They only control commercial sales of software (and hardware). Particularly absent in the WaPo-ed is that many do not trust the authorities (in the US and elsewhere)--particularly the FBI, which has a long history of extra-legal surveillance. Rob --- No-frills sig. Befriend my mail filter by sending a message with the subject "send help" Key-ID: 5D3F2E99 1996/04/22 wlkngowl@unix.asb.com (root@magneto) AB1F4831 1993/05/10 Deranged Mutant <wlkngowl@unix.asb.com> Send a message with the subject "send pgp-key" for a copy of my key.
At 5:55 PM -0700 7/27/96, Deranged Mutant wrote:
On 27 Jul 96 at 19:21, John Young wrote:
The Washington Post, July 27, 1996, p. A22. Speaking in Code on the Internet ... [Editorial]
Some bothersome things about this editorial...
[..]
security of their data. They also see it as a market in which the United States maintains a comfortable lead, one that is threatened if domestic encryption makers can't sell their products elsewhere. The makers argue that foreign encryption software will rush in to fill the gap, doing nothing about the uncrackability problem -- indeed, making it worse. The administration in turn is pursuing a wider
IMO, the US does not have a comfortable lead. It's already falling behind considering some of the stronger crypto programs available (at least as freeware) are made outside the US. Many of the stronger algorithms were invented outside of the US (IDEA for instance).
This, and similar remarks by others, consistently misses the point which I have been making for about a year now, and which Director Freeh finally made explicit in his testimony last week. That is--the government is concerned with mass market software incorporating robust crypto, used overseas, and recognizes that they can't keep niche products off the market, nor stop bad guys from using crypto the government would just as soon they didn't. Since the US has a hammerlock on that mass market, and since few would switch products to let the crypto tail wag the features dog (no slur intended), ITAR follows. Though I've no connection with Freeh, it's interesting that his language is almost word for word the same as what I've been using. Do you suppose some of his staff reads my stuff? Until now we haven't seen such an open public admission of what the government is concerned about--probably because the State Department doesn't like to have an official spokesman admit we're mass monitoring and seining foreign traffic since it is an embarassment to the polite fiction of diplomatic relations (though I'm sure the truth is that every country with the capability does it).
[..]
with wiretapping. Mr. Freeh, testifying at Thursday's hearing in favor of an optional key escrow plan, noted that the point is not to prevent all copies of uncrackable code from going abroad -- that's clearly impossible -- but to prevent such high-level code from becoming the international standard, with architecture and transmission channels all unreadable to world authorities. To software companies and Internet users who
So why should criminals bother with using standards if they are readable by authorities?
See above.
have been clamoring for the right to encrypt as securely as possible, Mr. Freeh and others argue, "the genie is not yet out of the bottle" on "robust," meaning uncrackable, encryption.
Are they going to magically erase all copies of strong software that is already currently available? (Side note: the Pacifica news report on Friday notes that while Freeh gave his testimony, over 100 copies of PGP were downloaded from MIT's site.)
What he's saying is that US-exported copies of the Lotus Lockshens, Microsoft Machayas, and Netscape Niguns of the world still do not contain robust crypto the USG cannot read.
the encryption enthusiasts' desire for free development should take precedence over the tracking of terrorism. At
It's not clear that terrorism can be tracked, even if it's unencrypted. The OK and WTC bombings were apparently not encrypted, and there's some allegations that the authorities had advanced warnings of the latter.
He says it can, and suggests following the banking trail among other things. We know the government has already had good success with this strategy. And one of the objectives is to identify sponsors of terrorism and retaliate against them (cf. Netanyahu).
the very least, Congress should be exceedingly cautious about getting out ahead of administration concerns on controls that, once lifted, are hardly reversible.
The controls haven't done much to prevent free software from being exported. They only control commercial sales of software (and hardware).
Exactly.
Particularly absent in the WaPo-ed is that many do not trust the authorities (in the US and elsewhere)--particularly the FBI, which has a long history of extra-legal surveillance.
So as Netanyahu says at length we need to build in protections against abuses, using both the legislature and the judiciary. David
-----BEGIN PGP SIGNED MESSAGE----- On Sun, 28 Jul 1996, David Sternlight wrote:
Date: Sun, 28 Jul 1996 12:59:37 -0700 From: David Sternlight <david@sternlight.com> To: Deranged Mutant <WlkngOwl@unix.asb.com>, John Young <jya@pipeline.com>, cypherpunks@toad.com Subject: Re: WaPo on Crypto-Genie Terrorism
At 5:55 PM -0700 7/27/96, Deranged Mutant wrote:
On 27 Jul 96 at 19:21, John Young wrote:
[stuff skipped]
This, and similar remarks by others, consistently misses the point which I have been making for about a year now, and which Director Freeh finally made explicit in his testimony last week. That is--the government is concerned with mass market software incorporating robust crypto, used overseas, and recognizes that they can't keep niche products off the market, nor stop bad guys from using crypto the government would just as soon they didn't. Since the US has a hammerlock on that mass market, and since few would switch products to let the crypto tail wag the features dog (no slur intended), ITAR follows.
Hrmmm... "is concerned" I can understand, but banning it, or what we do with it, is definatly against the First Amendment.
Though I've no connection with Freeh, it's interesting that his language is almost word for word the same as what I've been using. Do you suppose some of his staff reads my stuff?
Until now we haven't seen such an open public admission of what the government is concerned about--probably because the State Department doesn't like to have an official spokesman admit we're mass monitoring and seining foreign traffic since it is an embarassment to the polite fiction of diplomatic relations (though I'm sure the truth is that every country with the capability does it).
yes, I'd say that every country that can does... but what does that have to do with anything?
[..]
with wiretapping. Mr. Freeh, testifying at Thursday's hearing in favor of an optional key escrow plan, noted that the point is not to prevent all copies of uncrackable code from going abroad -- that's clearly impossible -- but to prevent such high-level code from becoming the international standard, with architecture and transmission channels all unreadable to world authorities. To software companies and Internet users who
So why should criminals bother with using standards if they are readable by authorities?
See above.
have been clamoring for the right to encrypt as securely as possible, Mr. Freeh and others argue, "the genie is not yet out of the bottle" on "robust," meaning uncrackable, encryption.
Are they going to magically erase all copies of strong software that is already currently available? (Side note: the Pacifica news report on Friday notes that while Freeh gave his testimony, over 100 copies of PGP were downloaded from MIT's site.)
What he's saying is that US-exported copies of the Lotus Lockshens, Microsoft Machayas, and Netscape Niguns of the world still do not contain robust crypto the USG cannot read.
Which they should, I might add.
Particularly absent in the WaPo-ed is that many do not trust the authorities (in the US and elsewhere)--particularly the FBI, which has a long history of extra-legal surveillance.
So as Netanyahu says at length we need to build in protections against abuses, using both the legislature and the judiciary.
Oh, yes oh wise one. We need protections against free speech. The First Amendment was designed to hurt us. Seig Hiel! --Deviant The first version always gets thrown away. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQEVAwUBMfvwjzAJap8fyDMVAQH3DAf7BXgEFQEYJebKjJAUTdg6y8PtweuyoBGZ SEXDQLrxSTQYc2XGHw917jT3SiYk2+gqD6I7I54dUeGUk1MvSFUsmEDYxdK6WYSs h3vLosEc+g+DPcX2C0mFafI2oImLmN4xmLfTnxaSnLXhCsYfbqze1xSzZeBgWKf9 8Ylf2WL8PoSnF6gCYY1axv4TAuagr/1J3Dz+pP4gC030JJpxAfvNo6cUMFLKV8i/ Jtt3C+TWVG4B9+6qmCiRZ7hEgerqHSKGH94zvQ9zNF5D7FuBR217mmX4bg5ZBcTy 57I54AfKnOCr3ZD9s43EqLL2pwnavMVdW+jvOPIGkHdnNEdc25rwIA== =6DT+ -----END PGP SIGNATURE-----
participants (3)
-
David Sternlight -
Deranged Mutant -
The Deviant