[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

"lack" of export control rules

To: sameer <[email protected]>
Subject: "lack" of export control rules
From: attila <[email protected]>
Date: Fri, 24 Nov 1995 06:07:51 +0000 (GMT)
Cc: [email protected]
In-Reply-To: <[email protected]>
Organization: "home for retired hackers and unrepented cryptophreaks"
Sender: [email protected]


On Thu, 23 Nov 1995, sameer wrote:

 a> The feds have never established a general policy.
 a> 

    in other words, business as usual with the Feds. If there is no "book"
on what is or is not legal v/v ITAR, and the agency responsible will not
communicate, it empirically says:  "...well, be reasonable to meet the
intent of the law, but we will not tell you what is really expected;
however, if, in the futute, we decide what we really want, we will bust
you if you did not fully comply despite your good intentions --and, if
that does not fly, we'll charge you with conspiracy...." 

    having been down the road a couple times including being charged with 
technology export for things which are essentially combinations of common 
knowledge, if nothing else works for the Feds, conspiracy will --and it 
carries the same penalties as the "crime" itself.  No small wonder the 
Europeans, including the British, laugh at our "legal" system.

 a> > if a solid (or reasonably accurate given the feds refusal
 a> > to put anything in writing) FAQ can be assembled, it would be worth
 a> > posting as a resource.
 a> >
 a> >     I had thought the feds were requiring that you at least verify the
 a> > address of the party requesting the code --at least as far as screening
 a> > out the obvious ones like .uk or .de and the like --which is far from
 a> > foolproof.  There has been mention someplace that they also expect some
 a> > screening by verifying numbers, not just names.
 a> >
 a> >     I guess the real question, just how much checking do they expect?
 a> > checking for country domains is easy enough, and the 'foolers' in 
 a> > .edu group can be listed, but there are plenty of other deceptions 
 a> > if you control the machine since communication inevitably works by 
 a> > the numbers which is a whole new ball of wax.
 a> >
 a> > On Tue, 21 Nov 1995, sameer wrote:
 a> >
 a> > > #!/bin/sh 
 a> > > umask 022
 a> > > DIRNAME=`cat $HOME/.usonlydir`
 a> > > NEWDIRNAME=`/usr/local/bin/pseudo-random | /usr/local/bin/md5sum`
 a> > > cd /u1/ftp/pub/US-only
 a> > > mv I_will_not_export_$DIRNAME I_will_not_export_$NEWDIRNAME
 a> > > cd ..
 a> > > sed -e "s/$DIRNAME/$NEWDIRNAME/" < README.US-only > README.new
 a> > > mv README.new README.US-only
 a> > > echo $NEWDIRNAME > $HOME/.usonlydir
 a> >

Follow-Ups:
- Re: "lack" of export control rules
  - From: Matthew James Sheppard <[email protected]>

Prev by Date: Re: Spam the Sign!
Next by Date: real life problems with ITAR (was Spam the Sign!)
Prev by thread: Re: Junk E-Mail - Part 4
Next by thread: Re: "lack" of export control rules
Index(es):
- Date
- Thread