[MPUNKS] Cypherpunks 011013 at Stanford: Anti-Terrorism & Security Policy
Dave Del Torto
meetingpunks-admin at cryptorights.org
Fri Oct 12 01:35:46 PDT 2001
IF YOU GET THIS TWICE: Sorry, it's because we're transitioning MLMs.
See <http://cryptorights.org/meetingpunks> for subscription help and
Cypherpunks meeting announcements from around the world.
..........................................................................
SF Bay Area Cypherpunks
October 2001 Physical Meeting Announcement
GENERAL INFO:
DATE: Saturday 13 October 2001
TIME: 1:00-6:00 PM (Pacific Time)
PLACE: Tressider Student Union Courtyard
Stanford University Campus
Palo Alto, California, USA
This Cypherpunks meeting will begin forming around 12:00 PM, and the
structured Agenda will begin at approximately 1:00 PM.
AGENDA:
"Our agenda is a widely-held secret."
As usual, this is an Open Meeting on US Soil, and everyone's invited
...yes, even the Director of Homeland Defense.
......................................................
1. Recent Cypherpunk News
Various Cypherpunks have been on the road recently, and will share
important news updates and colorful stories with us about their
journeys.
CryptoRights Foundation representatives will also have some very
good news about CRF's recent progress.
......................................................
2. Anti-Terrorism
This meeting will feature a discussion on the implications for our
open society of two major legislative proposals resulting from the
recent crimes against humanity in NY, DC and PA. The Mobilization
Against Terrorism Act (MATA) and it's follow-on, the Uniting and
Strengthening America (USA) Act, are dramatic new proposals creating
major arguments in Congress. They include provisions that:
* Define "computer intrusions" as a (federal) Terrorism offense.
* Add convicted krackers to a central federal DNA database.
* Remove wiretap restrictions on email scanning, web surveillance and
voicemail inspections by law enforcement.
* Remove controls on roving (person-specific) wiretaps, implying
wiretap capability in all communications infrastructures.
* Allow LEAs to share wiretap data with any Executive Branch employee.
* Make domestic surveillance easier under FISA (Foreign Intel Surv Act)
* Provide US intelligence agencies with access to Grand Jury documents.
* Let the President designate US Citizens as FISA surveillance targets.
* Create free speech restrictions on "expert advice" to USG-defined
"terrorists".
* Authorize the CIA to "hire terrorists".
In addition to MATA and USAA, the Administration has established a
new (soon to be Cabinet) position heading the Office of Homeland
Defense (OHD) for coordination of law enforcement and intelligence
efforts, including centralization of databases storing information
about US Citizens.
These new initiatives have all been positioned and marketed to voters
as making Americans safer from the scourge of global Terrorism, but
we'll be asking the tough, skeptical questions:
Q: Will these initiatives really make our lives more secure or simply
make the US a Police State?
Q: Assuming these proposals work, are they worth sacrificing our civil
liberties?
We'll also discuss the amendments proposed by Russell Feingold (D-WI)
to the USAA which:
* Bar police from performing court-ordered "secret searches".
* Narrow the ability the bill gives employers, schools and public
libraries to spy on users, rather than allowing spying on
all "computer trespassers".
* Protect medical/academic records by requiring a judge's permission
instead of giving police access to all "tangible" data.
* Modify "roving wiretaps" to permit eavesdropping only when the
target is on specific hardware but not when others use it.
In addition, our resident legal eagles will help us evaluate the
Constitutionality of these measures, and we'll also include a
discussion the Snake-Oil Protection Act (aka the DMCA), and the
wisdom of letting people who do not design security systems write
legislation affecting everyone's security.
Background info:
USAA <http://leahy.senate.gov/press/200110/100401a.html>
MATA <http://www.justice.gov/opa/pr/2001/September/492ag.htm>
OHD <http://www.whitehouse.gov/news/releases/2001/10/20011008.html>
DMCA <http://www.loc.gov/copyright/legislation/dmca.pdf>
EFF Analysis by Lee Tien and Shari Steele:
<http://www.eff.org/Privacy/Surveillance/20010926_eff_wiretap_pr.html>
......................................................
3. CRF Human Rights Security Policy Design Session #1
A good security policy is essential to good security in any
organization and many organizations don't know where to start.
CryptoRights is designing a comprehensive security policy template
for our human rights NGO clients, and we need the active
participation of the Cypherpunk Community. Please send and/or bring
non-proprietary policy documents/doc fragments, FAQs, URLs, papers
you've written or read, books you use and any other resources you can
think of regarding security policy design. We'll spread it all out on
the floor and begin brainstorming and creating the ultimate security
policy document in the first session of many.
This document will be a showplace for Cypherpunk core competency. CRF
and its client NGOs and partners will be able to use it or portions
of it to bootstrap the wide adoption of a variety of communications
security tools, in order to establish their utility for the global
society.
To add to the overall complexity of such a project, we also have to
contend with the new politics in the post-9/11 world. It's going to
have to be an amazingly flexible and comprehensive document built
from many different security professionals' experiences and
contributions.
Our many design challenges include:
* Flexible threat model definitions
* Encryption tool interfaces and training requirements
* Fieldworker security and travel considerations
* NGO security team qualifications and administrator credentials
* Law enforcement issues
* Integration with small/wearable platforms
* Revocation issues
* Authentication guidelines and procedures for online documents
* Physical security considerations
* Interfacing with other NGO security infrastructures
* Surveillance and counter-surveillance
* Protections from terrorists
* Field intelligence and urban counter-intelligence
* Human rights trustgroup trust models
* Evidence authentication and encryption frameworks
* E-commerce and digital cash for human rights NGOs
* Voice encryption and radio/telephony tradecraft
* Human rights public key infrastructure management
* Secret sharing requirements and guidelines
* Keyservers
* Hardware security tokens
* Biometrics
* Privacy policy
* Remailers and identity management guidelines and technology
* IPsec and DNSsec capabilities
* ...and more
Bring, laptops, pads of paper, whiteboard markers and your thinking caps!
Submissions are welcome anytime, even after the meeting (we'll have more):
Email to: <mailto:sec-policy at cryptorights.org> or
Anonymous FTP uploads to: <ftp://cryptorights.org>.
Please support and participate in this important community initiative!
..........................................................................
LOCATION:
The Stanford meeting location will be familiar to those who've been to our
outdoor summer meetings before, but for those who haven't been, it's on the
Stanford University campus (in Palo Alto, California), at the end of
Santa Theresa, at the tables outside Tressider Union, just west of
Dinkelspiel Auditorium.
We meet at the tables on the West side of the building, inside the
horseshoe "U" formed by the Tressider building. Ask anyone on campus
where "Tressider" or the "Student Union" is and they'll help you find it.
If the weather is bad, we'll meet inside.
Food/beverages are available at the cafe and mini-market inside.
Location Maps:
Tressider Union (overview):
http://www.stanford.edu/home/map/search_map.html?keyword=&ACADEMIC=Tresidder+Union
Tressider Union (zoomed detail view):
http://www.stanford.edu/home/map/stanford_zoom_map.html?234,312
Printable Stanford Map (407k).
http://www.stanford.edu/home/visitors/campus_map.pdf
GPS Coordinates: 37d23:40 N 122d04:49 W
..........................................................................
HELP?
If you get lost, or have questions, comments or last-minute agenda
requests, please contact your friendly meeting organizers:
Dave Del Torto <ddt at cryptorights.org> Cell: +1.415.730.3583
Bill Stewart <bill at cryptorights.org> Cell: +1.415.307.7119
..........................................................................
Heads-Up for November!
The November meeting will be indoors, somewhere in San Francisco
(location TBD). Two very special events are being planned:
(1) We hope to have the much-awaited Second Part of Black Unicorn's
presentation at the June meeting of his Analysis of Cocaine
Smuggling. In light of recent events, the national security
implications of his conclusions are more significant than ever.
(2) Eric Blossom may present some very important CRF research and
development work on a Software Defined Radio for evaluating the
security of wireless devices. If you didn't see Eric's talk at
HAL2001, you shouldn't miss this. Early running code will be
demonstrated.
END
More information about the cypherpunks-legacy
mailing list