Re: WaPo on Crypto-Genie Terrorism
On 28 Jul 96 at 12:59, David Sternlight wrote:
IMO, the US does not have a comfortable lead. It's already falling behind considering some of the stronger crypto programs available (at least as freeware) are made outside the US. Many of the stronger algorithms were invented outside of the US (IDEA for instance).
This, and similar remarks by others, consistently misses the point which I have been making for about a year now, and which Director Freeh finally made explicit in his testimony last week. That is--the government is concerned with mass market software incorporating robust crypto, used overseas, and recognizes that they can't keep niche products off the [..]
Really? The RAR archiver is getting quite popular (DOS and OS/2), and uses a variation of DES in the encryption (according to the authors). An Italian archiver called CODEC also uses DES. PGP gets more publicity than any crypto product around (CNN, NPR, Pacifica, NYTimes, etc.) and will likely get bigger as time goes on and as the arguments over escrow proposals get louder. MS's C[r]API and Netscape also make people more aware of strong crypto...
Though I've no connection with Freeh, it's interesting that his language is almost word for word the same as what I've been using. Do you suppose some of his staff reads my stuff?
Actually, I don't care one whit.
So why should criminals bother with using standards if they are readable by authorities?
See above.
Doesn't counter my question/argument. Serious criminals with a few braincells who care about wiretapping or protecting their files from the authorities will obviously not use anything that the government can read. Even a ban on unescrowed crypto worldwide will not help. Every copy of strong crypto software will not magically disappear upon the signing of such treaties and laws. [..]
Are they going to magically erase all copies of strong software that is already currently available? (Side note: the Pacifica news report on Friday notes that while Freeh gave his testimony, over 100 copies of PGP were downloaded from MIT's site.)
What he's saying is that US-exported copies of the Lotus Lockshens, Microsoft Machayas, and Netscape Niguns of the world still do not contain robust crypto the USG cannot read.
So? People can use alternate programs to encrypt the software, such as PGP. [..]
It's not clear that terrorism can be tracked, even if it's unencrypted. The OK and WTC bombings were apparently not encrypted, and there's some allegations that the authorities had advanced warnings of the latter.
He says it can, and suggests following the banking trail among other things. We know the government has already had good success with this [..]
Apparently not successful enough, as the two examples I posted happened successfully. Banking trails will exist with or without escrow. [..]
Particularly absent in the WaPo-ed is that many do not trust the authorities (in the US and elsewhere)--particularly the FBI, which has a long history of extra-legal surveillance.
So as Netanyahu says at length we need to build in protections against abuses, using both the legislature and the judiciary.
1. The damage is already done if rights are violated, irregardless of the law. If the police listen in on your phone conversations because of your political views, you may have legal recourse.... but they've already listened in. 2. Legislative/judicial protections are meaningless if judges don't follow up on them. Historically they give leeway to the police, and as of late judges that enforce the technicalities are lambasted publicly for letting criminals go free. 3. Israel isn't exactly a prime example of human rights, especially if you're a Palestinian. Rob --- No-frills sig. Befriend my mail filter by sending a message with the subject "send help" Key-ID: 5D3F2E99 1996/04/22 wlkngowl@unix.asb.com (root@magneto) AB1F4831 1993/05/10 Deranged Mutant <wlkngowl@unix.asb.com> Send a message with the subject "send pgp-key" for a copy of my key.
At 11:27 PM -0700 7/28/96, Deranged Mutant wrote:
This, and similar remarks by others, consistently misses the point which I have been making for about a year now, and which Director Freeh finally made explicit in his testimony last week. That is--the government is concerned with mass market software incorporating robust crypto, used overseas, and recognizes that they can't keep niche products off the [..]
Really? The RAR archiver is getting quite popular (DOS and OS/2), and uses a variation of DES in the encryption (according to the authors). An Italian archiver called CODEC also uses DES. PGP gets more publicity than any crypto product around (CNN, NPR, Pacifica, NYTimes, etc.) and will likely get bigger as time goes on and as the arguments over escrow proposals get louder. MS's C[r]API and Netscape also make people more aware of strong crypto...
None of these are mass market software in the sense I discussed. Mass market products are generally known as "productivity applications". Even PGP, which has a certain following, doesn't do anything but encryption etc. on its own. It's not a word processor like Microsoft Word, mail program like Eudora, or shared data base cum mail system like Lotus Notes. Those are the mass market applications generating huge volumes of readable traffic of value. As for Netscape (and its mailer), it complies with ITAR. Thus your rejoinder is irrelevant and non-responsive. ...
Doesn't counter my question/argument. Serious criminals with a few braincells who care about wiretapping or protecting their files from the authorities will obviously not use anything that the government can read.
Let those who passed basic English use the skills they were taught. Freeh said, and I repeated, that the system wasn't designed to prevent determined criminals from using robust crypto.
Even a ban on unescrowed crypto worldwide will not help. Every copy of strong crypto software will not magically disappear upon the signing of such treaties and laws.
You are either dense or obfuscating. The point has now been made repeatedly that the issue isn't the disappearance of stand-alone niche crypto, but prevention of robust, built-in, unescrowed crypto, transparently usable in exported copies of Microsoft Word, Netscape, Eudora, etc. Read the previous sentence until you understand it. <Rest of repetitive and off-topic matter omitted.> David
On Mon, 29 Jul 1996, David Sternlight wrote:
Let those who passed basic English use the skills they were taught. Freeh said, and I repeated, that the system wasn't designed to prevent determined criminals from using robust crypto.
Yes, and the implication is this: the system was designed to prevent law abiding folk from using robust crypto, and to allow the TLA's and LEA's to snoop on them. Ya just gotta luv ol' Lou Freeh, why it warms my heart to know his intentions, or was that my asshole, I get soo conf00sed sometimes.... NOT!
You are either dense or obfuscating. The point has now been made repeatedly that the issue isn't the disappearance of stand-alone niche crypto, but prevention of robust, built-in, unescrowed crypto, transparently usable in exported copies of Microsoft Word, Netscape, Eudora, etc. Read the previous sentence until you understand it.
Gee, um, is there really that much of a difference? Regardless of whether he misinterpreted or missed your point, without built in strong crypto in such staples as Word, Netscape, Eudora, etc, without easily invoked "Press this button" transparent, but strong crypto, the issue is moot. Joe Sixpack won't be able to protect his privacy effectively, and so out of Joe's lack of geek skills, Lou C. Furr Freeh can read Joe's email and his loveletters, and listen in on Joe's phonecalls whenever he gets the urge. And Lou, like all his kind does have that urge. Too often. It seems you sir have missed THAT point. Was it that you missed it on purpose? Or out of ignorance? One of the majorly useful tactics is to make it hard for someone to use crypto - if you do, they aren't likely to use it, this makes your, I mean Freeh's job much easier. So what if there are some cypherpukes out there, they're only a handfull and surely they're easily dealt with, and easily tracked by regular means, and well, if they get out of line, they can be dealt with. Just have to join the list and watch them. Divide and conquer. Divide the tools Joe Sixpack would use from those that would make them spook-proof and you can conquer Joe's privacy easily. ========================================================================== + ^ + | Ray Arachelian |FL| KAOS KERAUNOS KYBERNETOS |==/|\== \|/ |sunder@dorsai.org|UL|__Nothing_is_true,_all_is_permitted!_|=/\|/\= <--+-->| --------------- |CG|What part of 'Congress shall make no |=\/|\/= /|\ | Just Say "No" to|KA|law abridging the freedom of speech' |==\|/== + v + | Janet Reno & GAK|AK| do you not understand? |======= ===================http://www.dorsai.org/~sunder/========================= Key Escrow Laws are the mating calls of those who'd abuse your privacy!
-----BEGIN PGP SIGNED MESSAGE----- Preface: Having weathered the storm of personal attacks, I've concluded that most of what is on this list _right now_ is of insufficient interest to what I'm currently working on to continue, so I've unsubscribed (there's too much traffic to let it be). I will see the occasional posts copied to me and respond, Posts allegedly from me, if not signed, are forgeries until I post a signed notice that I have rejoined the list. Thanks for listening; David At 12:37 PM -0700 7/30/96, Ray Arachelian wrote:
On Mon, 29 Jul 1996, David Sternlight wrote:
Let those who passed basic English use the skills they were taught. Freeh said, and I repeated, that the system wasn't designed to prevent determined criminals from using robust crypto.
Yes, and the implication is this: the system was designed to prevent law abiding folk from using robust crypto, and to allow the TLA's and LEA's to snoop on them.
Close. For "designed to prevent" read "not make available from the US", and for "folk" read "foreigners". There's no earthly reason the US should assist foreigners in thwarting US intelligence efforts. As readers know, I am opposed to mandatory domestic key escrow. David -----BEGIN PGP SIGNATURE----- Version: 2.6.3 Charset: noconv iQCVAwUBMf58VkwgH+NYrQ81AQHyKQP+LLt0G6HQ3D7S27QqCntxSi2F7/UGHJXj JXZLrLaw5/7gWa/vC/caO34ZX+MNhH6r3gjC61iYTlyKxz2Y14CIM1bJQJgfKfiF hpTCZkbQRcq6cuRkpWibeoGWHjh/m0uvexgZlNUrzxX4cwibakKZZvyWKdTqRHTH c2jX1YTP0/s= =6vhi -----END PGP SIGNATURE-----
Oh, how utterly cool. This being my 1st reply to Sterndark and in the same having managed to move him off the list. Wheeeee! :) Come on, you could do better than to run off... On Tue, 30 Jul 1996, Da5id Sterndark wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Preface: Having weathered the storm of personal attacks, I've concluded that most of what is on this list _right now_ is of insufficient interest to what I'm currently working on to continue, so I've unsubscribed (there's too much traffic to let it be). I will see the occasional posts copied to me and respond, Posts allegedly from me, if not signed, are forgeries until I post a signed notice that I have rejoined the list.
Thanks for putting up with my spamming flame-bait; Da5id
At 12:37 PM -0700 7/30/96, Ray Arachelian wrote:
On Mon, 29 Jul 1996, David Sterndark wrote:
Let those who passed basic English use the skills they were taught. Freeh said, and I repeated, that the system wasn't designed to prevent determined criminals from using robust crypto.
Yes, and the implication is this: the system was designed to prevent law abiding folk from using robust crypto, and to allow the TLA's and LEA's to snoop on them.
Close. For "designed to prevent" read "not make available from the US", and for "folk" read "foreigners".
There's no earthly reason the US should assist foreigners in thwarting US intelligence efforts.
Right, but there's plenty of earthly reason for the government of these same United States to thwart the development of strong crypto, cause the loss of monies that would be made by software companies, cause security breeches in multi-homed companies by not allowing their offices to communicate securely over a strongly encrypted link. This causes another equivalent of the Berlin wall in terms of crypto exporting. Notice however that I didn't say Joe Sixpack was a foreigner or a criminal. You twisted this around to make it seem like he is. Joe Sixpack is as American as apple pie and patriotic to boot. So then if the laws are NOT designed to deter criminals (or foreginers) from using strong crypto, WHY ARE THEY BEING PUSHED ON US? Could this be somehow a stupid idea on Freeh's part? Nah, couldn't be. Freeh's the head of the Feebs. That would be indication that the Feebs hire brainless folk. Nope. Can't be. Clearly it is because Freeh wants to snoop not on criminals, but on the law-abiding citizens who pay his paycheck "voluntarily" via taxes. As wonderful as the postal inspector mailing kiddie porn to an unsuspecting victim, then arresting said victing when s/he opens up the package. Gee, how nice it is to meet your arrest quotas, no? But I digress. Back to the ITAR and the proposed anti-crypto laws... Nevermind that should a foreign agent wish to export RSA or PGP could easily do so >LEGALLY< in a nice OCR'able font, or just have cheap labor type it. Sure, tie the hands of the software developers so that they can't get their bread and butter from the foreign markets, while the foreign markets can easily do so here since they can import and sell crypto-software. The ITARs only serve to cripple the USA ecconomy. There's no informed NSA or FBI that can believe otherwise because the other side does have all the tools. All they serve to achieve is to keep Joe Americancitizen Sixpack away from his privacy, and Nancy Cryptowriter from her bread and butter. What a wonderful law! Don't you just love it?
As readers know, I am opposed to mandatory domestic key escrow.
Ah, yet another repeat of the same tired credo you've pushed on this list for days now. I've heard it, and okay, whatever. But it's not the issue, and irrelevant to this discussion. Are you for or against the removal of the ITAR in regards to crypto? ITARs are not key escrow, though perhaps just as or almost as evil. ========================================================================== + ^ + | Ray Arachelian |FL| KAOS KERAUNOS KYBERNETOS |==/|\== \|/ |sunder@dorsai.org|UL|__Nothing_is_true,_all_is_permitted!_|=/\|/\= <--+-->| --------------- |CG|What part of 'Congress shall make no |=\/|\/= /|\ | Just Say "No" to|KA|law abridging the freedom of speech' |==\|/== + v + | Janet Reno & GAK|AK| do you not understand? |======= ===================http://www.dorsai.org/~sunder/========================= Key Escrow Laws are the mating calls of those who'd abuse your privacy!
mpd@netcom.com (Mike Duvos) writes:
David Sternlight writes:
... I've unsubscribed ...
Door. Ass. Bump.
Good riddance. For once, SternFUD did something I approve of. --- Dr.Dimitri Vulis KOTM Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps
David Sternlight <david@sternlight.com> writes:
Preface: Having weathered the storm of personal attacks, I've concluded that most of what is on this list _right now_ is of insufficient interest to what I'm currently working on to continue, so I've unsubscribed (there's too much traffic to let it be). I will see the occasional posts copied to me and
"Stays less than a month" pays evens. "Audibly killfiles at least one person" pays 1 to 7. Stand not upon the order of your going, but go at once... Jim Gillogly Trewesday, 8 Wedmath S.R. 1996, 00:24
"Stays less than a month" pays evens. "Audibly killfiles at least one person" pays 1 to 7.
Stand not upon the order of your going, but go at once...
Jim Gillogly
Ahhem... As I immodestly remember, I called both of these. I should therefore be Really Rich.. Right? However, I'd like to donate my winning to a worthy 'Punk cause -- the Tim May Hot Tub Maintenance Fund.... Call 1-800-TIMS TUB for details.... -- A host is a host from coast to coast.................wb8foz@nrk.com & no one will talk to a host that's close........[v].(301) 56-LINUX Unless the host (that isn't close).........................pob 1433 is busy, hung or dead....................................20915-1433
At 7:12 PM -0400 7/30/96, Mike Duvos wrote:
David Sternlight writes:
... I've unsubscribed ...
Door. Ass. Bump.
He's gone? Cool. Anyone wanna buy a used water-cooled killfile, cheap? ;-) Cheers, Bob Hettinga ----------------- Robert Hettinga (rah@shipwright.com) e$, 44 Farquhar Street, Boston, MA 02131 USA "'Bart Bucks' are not legal tender." -- Punishment, 100 times on a chalkboard, for Bart Simpson The e$ Home Page: http://www.vmeng.com/rah/
participants (9)
-
David Lesher -
David Sternlight -
Deranged Mutant -
dlv@bwalk.dm.com -
Jim Gillogly -
mpd@netcom.com -
Ray Arachelian -
Ray Arachelian -
Robert Hettinga