[Clips] US CODE: Title 50,1811. Authorization during time of war

Thu Dec 22 10:33:45 PST 2005

And it is still not impossible, not even improbable, that public use of
crypto was, is, not a disinfo op to red flag communications that need 
to be intercepted.

Not a hell of a lot has been written lately, if at all, how public crypto came
into wide use, the battle to free it from regulation, the rise of belief that
some types were mathematically impregnable.

There was discussion a few years back here about the disappearance
of some able contributors, and wishes they do well in their new, more
comfortable habitats. Whether any are aiding and abetting the latest 
SHAMROCK redux or the SHAMROCK that never died might be
clued by the coincidence of the discovery of PK just at the time Church
Committee hearings were being held to ostensibly defang NSA.

Cypherpunks' role in this dissemination of crypto takeover of the
workld is a good place to start that story. No, not the ones written in 
the early days to prime public interest, cloaked in libertarian camouflage 
of hollywoodish antiauthoritarianism. What could be informative are the 
stories about where the crypto-wizards are now employed. Steven Levy
might do an update, or a host of others who got a boost parlaying
the adventures of the crypto-rebels -- which hooked me via
Levy's NY Times mag piece in 1994.

How public key crypto, for example, got a toehold on climbing out
of GCHQ's and NSA's clampdown. Serendipitous research, says
the legend, perhaps aided with hints from the bowels of NSA, or
perhaps from elsewhere not yet revealed.

It wouldn't be the first time a long-running deception has been used
to encourage trust in reputedly impregnable systems.

Is NSA regularly cracking all encryption or not, whether or with a
foolproof algorithmic tool (again and again discounted by the best
and brightest of the cryptographers) is that what the Times
will not write about. Or via exploitation of faulty implementation.

There are regular calls to trust no infosec system that is not continually
monitored by experts. A lesson taught by the government pros as well.
Who watches who in this backscratch is not well covered, at least
outside classified gatherings -- not that crypto contractors are now
regular participants in these, having embraced NDAs as a way
of survival, and golden opportunity. 9/11 has lifted many small boats
in commerce and education and NGOs.

How many crypto-rebels been brought in from the cold to demonstrate
implementation vulnerabilities absolutely controlled by NDAs. That, too,
would not be the first time. Screaming rebels oft reap the benefits of
calling attention to themselves. Those that somehow never go to
jail and accuse those who do of being bumbling idiots.

There was also discussion years back about who were the most
likely coverts on cpunks. The rubric was that it didn't matter, even
narcs were welcome for mathematics would defeat their bosses.
Impregnable mathematics gradually withered as a protective
rationale with the rise of the threat of faulty implementaion, 
black bag jobs, keystroke loggers, insider betrayal, and the gamut
of traditional security failures, the very same ones used to build
and maintain the most gigantic expensive national defense system
ever, with plenty of contracts to recruit whoever disagreed, well,
disagreed enough to get a special invitation or a hint about how
to build a superduper security method.

Security pros claim you can't be too paranoid, that 100% security is
impossible, that, to be sure, is likely to boost demand for their protection 
racket. Religious faiths have become wealthy preaching that, some
even killing infidels to protect market share.