[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lp ?

>"Peter D. Junger" writes:
>>"Perry E. Metzger" writes:
>>: Thaddeus J. Beier writes:
>>: > So, if this person was sending cryptographics codes from Switzerland
>>: > to Israel, the code would have been imported to the US, then exported
>>: > by UUNET.  They can't do that, can they?  Probably nobody would prosecute,
>>: > but it might be something to threaten UUNET with if one of their Northern
>>: > Virginia neighbors ever wanted something the couldn't get otherwise.
>>: It isn't clear that telecoms treaties don't implicitly make this legal
>>: in spite of the export regulations.
>>Once again, what the ITAR forbid is the disclosure of cryptographic
>>software to a foreign person within or without the United States, so
>>it does not make any difference whether the message containing the
>>code passes through the United States or not.
>OTOH, the ITAR explicitly permits "temporarily imported" munitions to
>be re-exported.  Those clauses should entirely eliminate the issue of
>whether UUNET could be held liable under ITAR.  ITAR says otherwise --
>see section 120.18.

What if all traffic routed through the US was automatically modified, say,
by inverting all bits, and then de-inverted after it exited the country. (a
software flag would alert the systems to this).  At the time it was
exported, it would not be runnable code, nor compilable source code.

Sure, somebody would claim that "it's easy to turn it into runnable code,
just by XORing the file with ones."  The response is obvious:  Every 100K
file is only a XOR away from every OTHER 100K file.