[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NSA on GAK



| 
|           Senate Subcommittee on Technology and the Law
|  Hearing on the Administration's Key Escrow Encryption Standard
| 
|         Written Questions for Vice Admiral McConnell, NSA

| *Questions from Senator Murray:
| 
| Q:    In my office in the Hart building this February, I downloaded
| from the Internet an Austrian program that uses DES encryption.
[...]

| With at least 20 million people hooked up to the
| Internet, how do U.S. export controls actually prevent criminals,
| terrorists, or whoever from obtaining DES encryption software?
| 
| Answer:  Serious users of encryption do not entrust their
| security to software distributed via networks o bulletin boards.
| There is simply too much risk that viruses, Trojan Horses,
| programming errors, and other security flaws may exist in such
| software which could not be detected by the user.  Serious users of
| encryption, those who depend on encryption to protect valuable data
| and cannot afford to take such chances, instead turn to other
| sources in which they can have greater confidence.  Such serious
| users include not only entitles which may threaten U.S. national
| security interests, but also businesses and other major consumers
| of encryption products.  Encryption software distribution via
| Internet, bulletin board, or modem does not undermine the
| effectiveness of encryption export controls.   

	"Help me understand here.  You say that serious users of
encryption don't use software distributed via network.  In that case,
you would have no objection to PGP being exported, as serious users of
encryption don't use it?"