[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Crypto APIs Considered Harmful
A typo when I wrote:
2. Eliminates a reason for controlling the distribution and export of
browsers, mailers, newsreaders, etc. Imagine the glum reaction of the NSA
when they realize that they can't control these programs, because the
"crypto hooks" are only the hooks to basic message payloads...and they
control these.
^
*can't*
I meant to include the "can't."
A Web browser with no hooks for crypto absolutely will not be
export-controlled. But if users in Slovakia and Beninia can _see_ the
messages, as they of course can, then crypto programs they supply
themselves can of course see and act on the messages. (Copying to a
clipboard, for example, and lots of other ways.)
No way the NSA can control that.
Concentrating on integrating crypto tightly into commercial programs is
playing the NSA's game.
--Tim May
Boycott "Big Brother Inside" software!
We got computers, we're tapping phone lines, we know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May | Crypto Anarchy: encryption, digital money,
[email protected] 408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets,
Licensed Ontologist | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."