Having your own computer means never having....

[Richard Johnson]

-----BEGIN PGP SIGNED MESSAGE-----

TimM > (I fear laws telling corporations they *can't* snoop as much as
TimM > I fear Clipper. The reasons are obvious, to me at least, and I
TimM > can expand on this point if anyone's really interested.)

MarkC > The implications in the field of industrial espionage leap quickly
MarkC > to mind.

MarkC > Beyond that, unrestrained encryption is dangerous to
MarkC > corporations, because what's to stop a ticked off employee from
MarkC > encrypting everything in the office as revenge for some imagined
MarkC > slight?

Mark Carter makes the same erroreous simplification many people do when
talking about point security.  I see it most often on the Firewalls list.
There, the standard answer to "Should I prevent ftp connections so
employees can't send our proprietary plans off-site?" appears to be "Do
you search your employees at the exit for floppies and magnetic tapes?" 
Security is a web, the strength of which is only as high as the biggest
gap between threads.

Encryption being available to employees can make industrial espionage
easier only if it opens a new channel (or clears an insecure channel) for
bad apple employees or contractors to get their stolen memos off site. An
encrypted channel is just a channel, and probably not worth it for the spy
(unless higher bandwidth per incident channels like DAT or 8mm tapes risk
exposure).

Mark's rhetorical question about ticked off employees encrypting everything
in sight for revenge shows the same problem.  If an employee can encrypt
the files and lose the key, the employee can instead just delete them or
fill them with garbage.  It is indeed a security risk, but the sabotage can
more easily be performed without strong encryption.

However, strong encryption in the workplace can indeed be used to cause
difficulties.

I'm more worried about situations where a corporate officer or the like
leaves the firm, and "forgets" to let her successor know the pass phrase
for the key used to encrypt the payroll records.  Or, the executive
secretary to the Treasurer could be fired because he was caught trying to
embezzle e-cash, and subsequently refuse to release the key used to
encrypt official financial transactions.  In such situations, a smart
company will have used a secret-sharing scheme to split the key, and will
have escrowed it with their outside counsel and/or a couple of escrow
services.

What other problems can we come up with?


Richard

-----BEGIN PGP SIGNATURE-----
Version: 2.3a-sterno-bait

iQCVAgUBLgPuMvobez3wRbTBAQE7cQQAlvZtNyR06aPMrmm00tByNQ9EP1sHtM20
d3ZlbeFJRzizdd/OvhSN0CaYFDnp+tkoXhRuPtvELOgE+Jp/H2181oyoDM03Z+sP
H+Qsr0kp6pY7EPItzKKaz+8iLPOOPZ3zXnUIzQzbRXYiRjXAOifUzLRmdA8xaFEe
/hLgZV746Js=
=qlOS
-----END PGP SIGNATURE-----