Re: Netscape gives in to key escrow

[Adam Shostack <adam@lighthouse.homeport.org>]

Jonathan Zamick wrote:
| > Brian Davis wrote:
| >I they tell you about it and you buy it anyway -- tough luck.
| >
| >
| >Same with the cars.  Would *you* buy Pinto with explosives in it????
| >(leaving aside the "inherently dangerous" argument for the moment on the
| >products liability claim).
| >
| >EBD
| 
| Hmm. The key point is that almost no general users will have a clue what
| actual security is, and what GAK is. They _might_ understand the risks of
| having an explosive in their vehicle (but can just as easily argue it wasn't
| properly designed if it went off improperly.) Regardless of what they'd know
| about their vehicle, they can easily claim to had the risks associated with
| GAK improperly represented, Netscape misleading them with deceptive claims
| of security given this potential hole etc.

	I'd just like to add one bit to what Jonathan said here.  That
is the AT&T Clipper phones don't come with 'Big Brother Inside'
stickers on them.  The phrase 'key escrow' is not used in the manual
(near as I remember.)  The disclaimer is in very small print.

	Its not a reasonable expectation that a product being touted
as 'secure' is known to its makers to be insecure.  Expecting John Q.
Public to know that without warning labels seems like a strech.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume