[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
On Wed, 4 May 1994, Stephen Humble wrote:
> Ed Carp <[email protected]> sez:
> > Consider a successful terrorist attack against a significant
> > group of innocents (the larger the number killed, the greater the horror
> > and shock value). The terrorists were using PGP-encrypted email to plan
> > out the thing.
> > Now, how long do you think it would take before ALL crypto was outlawed?
> > Who would benefit from such a thing? Consider that it's child's play to
> > finance, arm, and train a group of people to conduct a terrorist attack
> > and (conveniently) they all get killed in their attack. No one's going
> > to complain too loudly - after all, they *are* terrorists, right?
> I suspect significant problems implementing a law that criminalizes
> crypto. The government currently spends $billions per year trying to
> eliminate illegal drugs, to very little effect. Drugs should be
> easier to eliminate than crypto since phys-obs can't be copied ad
> infinitum as bits can.
> There's also the matter of recognizing crypto in use. A program that
> transforms its input so that the output can be converted back to the
> input but has maximum entropy is a good compression program and might
> also be an encryption program. If a TLA taps my phone and finds a
> mysterious bit sequence, how can they distinguish reliably and cheaply
> between an encrypted conversation and a download of
Unless you use some sort of stego software, most encrypted stuff is
pretty easy to figure out that it *is* encrypted. grep " BEGIN PGP "
message is a pretty good way to detect PGP traffic, magic numbers will
tell you if it's a compressed file or not, etc. It might not be
necessary to prove what you were using to encrypt, merely proving that
you *were* encrypting might be sufficient.
It's like the FCC: if they catch a ham sending out packets, and the FCC
can't read them, they issue you a pink slip. Doesn't matter what you're
using, the meaning is obscured, and that's enough for them.