crypto for porno users

Jay Campbell edge at got.net
Thu Nov 23 00:12:11 PST 1995 

>	a) "no one on the net knows you're a dog" implies that police can
>	pose as a fellow porn producer or consumer and get away with it
>	more easily.
>
>	b) strong crypto for communications between porn users encourages
>	them to speak more freely.  When one of the two is a police officer
>	in disguise, that encourages the other (the suspect) to reveal more,
>	making the investigation proceed more quickly.  Knowing that the
>	crypto is strong enough to keep government eavesdroppers out, the
>	sender is given a false sense of security -- is distracted from
>	thinking about the trustworthiness of the receiver while thinking
>	about the security of the channel itself.

A common way to get around prostitution sting operations is to ask the lady
to expose sensitive portions of her anatomy to prove her sincerity before
the would-be customer commits to any transactions; this sort of thing is
also becoming commonplace on the net for pornography or pirated software,
too. Would-be trafficers often ask a prospective recipient for a small chunk
of fresh files in advance, before passing back anything serious .. partially
out of suspicion, mostly out of greed, but to the same end. A law
enforcement team would be stepping onto shaky ground if they were forced to
transfer illegal images/etc to a suspected trafficer before getting evidence
from him. Entrapment is an ugly concept.

>3. Encryption of porn would work against the kind of porn distribution
>	found on the alt.binary.pictures.erotic... newsgroups.  Encryption
>	requires that recipients be identified.

Not at all .. a porn distributor could generate a key pair, use part A to
encode the images, and dessiminate part B thru a variety of outlets -
publicly posted, sold, passed thru an informal network of like-minded
netizens...

>4. Personal file encryption encourages individuals dealing with porn to
>	encrypt and keep personal diaries which might contain evidence.
>	Since PGP is subject to brute force passphrase attacks, this gives
>	an attack which will open *some* of these diaries.  Without the
>	encryption, the suspect is less likely to keep the diary in the
>	first place.  This isn't a guaranteed opening into all such
>	diaries.  There is no such guarantee possible.  Rather, this
>	suggests that strong crypto has a chance to maximize the effective
>	"take" by LE forces.

I would argue the exact opposite - strong crypto would tend to minimize the
effective take, since there's no guarantee that /anything/ on a perp's
system will be in the clear. I'll let someone else with a better background
pound on the 'brute force' section.

--
   Jay Campbell                edge at got.net - Operations Manager
   -=-=-=-=-=-=-               Sense Networking, Santa Cruz Node
   Jay at Campbell.net            got.net? PGP MIT KeyID 0xACAE1A89           
 
"On the Information Superhighway, I'm the guy 
  behind you in this morning's traffic jam leaning on his horn."

More information about the Testlist mailing list