FTP export walls
Mats Bergstrom
asgaard at sos.sll.se
Fri Oct 27 10:26:09 PDT 1995
>Perry E. Metzger wrote:
>> Michael Froomkin writes:
> > If anyone from MIT is reading this, it would be a real public service to
> > put on a web site (a) what the system used for the release of PGP is
> > exactly and (b) what assurances (oral, written, names & dates) was
> > received from State/Commerce that this was legal.
> I don't think they got any sort of approval from State or Commerce --
> I think they just discussed it with their own lawyers.
Last July *hobbit* (hobbit at avian.org) presented to this list a
description of "The FTP Bounce Attack" and stated that it's trivial to
hack past a defense like this (well, it didn't seem trivial to me, but
I'm not a unix wizard). Obviously, there is no real need for such attacks
with PGP and 'everything' else available at non-US sites, and I guess it
would leave traces? But it would be interesting to know if anybody have
successfully tried it at MIT or some other export-restricted FTP site.
Mats
More information about the cypherpunks-legacy
mailing list