How to fight GAK by obeying the law
It seems that the best method for fighting GAK is to accelerate wide-spread domestic use of freely redistributable non-GAK crypto. The Lynux automatic firewall concept that John Gilmore is pushing is a great idea, but it is still brewing, and he's shooting for developing an exportable ... er ... importable version. That will take much time to develop, and time is what we don't have much of. We need to work on applications, API's, flexible software modules, etc. and the primary reason we cannot do it so easily is because we cannot redistribute the software so easily. First thing we definitely need is a way to determine with fairly good accuracy, whether a host is in the U.S. This MUST be an automagic mechanism ... no person involved so there is little delay in getting the goodies. The best implementation would automatically set the group of an incoming anonymous FTP session daemon to a special group if there is a high degree of certainty that the originating host is within the U.S. Second thing we definitely need is a convenient way and universal way to clearly notify the recipient of the current export restrictions of such software, so that the recipient knows what he/she is in for. Basically, we have to do our best to NOT violate the law, no matter how much we hate it. What the government wants to happen is that everyone will get hooked on GAK, and it will be too inconvenient to use something else. A good counter-strategy is to get everyone hooked on the good stuff. Right now, the FBI/NSA is looking for an excuse to prosecute anyone not jumping on their bandwagon. We have to avoid give them an excuse to prosecute us while still enabling rapid application development. Communication and distribution are key. Ern
Ernest Hua wrote:
First thing we definitely need is a way to determine with fairly good accuracy, whether a host is in the U.S.
I really don't see how that's possible, given the possibility of me taking my laptop to Ecuador, dialing into a stateside ISP, and being issued an IP address in the ISP's domain. In other words, anything that bases a decision on host location by inference on the domain will inherently be rooted in the notion that hosts in that domain are stuck to the ground "nearby". ______c_________________________________________________________________ Mike M Nally * IBM % Tivoli * Austin TX * How quickly we forget that mailto:m5@tivoli.com mailto:m101@io.com * "deer processing" and "data http://www.io.com/~m101/ * processing" are different!
On Thu, 3 Oct 1996, Ernest Hua wrote:
Date: Thu, 3 Oct 1996 21:57:54 -0700 (PDT) From: Ernest Hua <hua@chromatic.com> To: cypherpunks@toad.com Cc: hua@chromatic.com Subject: How to fight GAK by obeying the law
It seems that the best method for fighting GAK is to accelerate wide-spread domestic use of freely redistributable non-GAK crypto.
The Lynux automatic firewall concept that John Gilmore is pushing is a great idea, but it is still brewing, and he's shooting for developing an exportable ... er ... importable version. That will take much time to develop, and time is what we don't have much of.
We need to work on applications, API's, flexible software modules, etc. and the primary reason we cannot do it so easily is because we cannot redistribute the software so easily.
First thing we definitely need is a way to determine with fairly good accuracy, whether a host is in the U.S. This MUST be an automagic mechanism ... no person involved so there is little delay in getting the goodies. The best implementation would automatically set the group of an incoming anonymous FTP session daemon to a special group if there is a high degree of certainty that the originating host is within the U.S.
Second thing we definitely need is a convenient way and universal way to clearly notify the recipient of the current export restrictions of such software, so that the recipient knows what he/she is in for.
Basically, we have to do our best to NOT violate the law, no matter how much we hate it. What the government wants to happen is that everyone will get hooked on GAK, and it will be too inconvenient to use something else. A good counter-strategy is to get everyone hooked on the good stuff.
Right now, the FBI/NSA is looking for an excuse to prosecute anyone not jumping on their bandwagon. We have to avoid give them an excuse to prosecute us while still enabling rapid application development.
Communication and distribution are key.
Ern
While I think your ideas are certainly good, and will work out well, they are not necisarily the "best" way (although, any means to the same ends are essentially the same, assuming no drastic measures, i.e. Machavelian concepts). Its a shame that in the US, teachers seem to be afraid to teach the term "Civil Disobediance". I think its a shame that people in 20th Century America are afraid to stand up against their government. I'm not saying rebel in the streets, but there are certainly other things one can do when a law is unjust. One idea is simply to give them so many cases that they can't _POSSIBLY_ pros^H^H^Hersicute <g> them all. If _EVERY ONE_ of us went and made it perfectly obvious that we beleived the ITAR is wrong, forceful implementation of GAK is bad, and that we don't give a fuck what they think, or that its "illegal" to export crypto, then they wouldn't stand a chance. Just a suggestion. I'm certainly not a brave enough person to do this, but I wish someone was. --Deviant Blood is thicker than water, and much tastier.
participants (3)
-
Ernest Hua -
Mike McNally -
The Deviant