[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: real life problems with ITAR (was Spam the Sign!)

On Fri, 24 Nov 1995, jim bell wrote:

> [email protected] said:
> >   On Thu, 23 Nov 1995, jim bell wrote: 
> > 
> >> I very much agree with the direction you appear to be headed in.  It seems
> >> to me that Netscape should have no problem devising some sort of scenario in
> >> which such a program eventually gets onto the nets, but in a way that is
> >> squeaky clean, at least for THEM.  
> >> 
> >> 
> >> In addition, why should they even need to write the encrytion part of their
> >> software IN the US?  It occurs to me that one way to do this might be to
> >> send one of their programmers to a conveniently-located place, such as
> >> Vancouver BC , Montreal Canada, or a few other nearby places, with a great
> >> deal of fanfare, and tell him to "write some crypto."  He does, and brings
> >> it back into the US with him, leaving a copy of it "outside" the country for
> >> international distribution.
> >> 
> >    <attila sez>  I think they have that one covered --not only is it 
> >violation of ITAR's intent to send a programmer out of the U.S.
> Well, don't assume that because something's a "violation of ITAR's INTENT"
> it is actually a violation of ITAR.    It can't be assumed that ITAR is
> _perfect_:  That it actually prohibits every activity the government that
> wrote it didn't like.
    	<#2 attila sez> the problem with the U.S. government is the U.S. 
    conspiracy laws. If they have insufficient evidence to convict on 
    "actual" violations, they use the concept that you were _part_ of a
    conspiracy to _circumvent_ the laws. 

> , but is 
> >illegal to hire a foreign national to program for your non-U.S. products.
> Sure about this?!?
	<#2 attila> I dont have to push all my data into glimpse to find 
    the article, but it's there. there are other sources, but not open to 
    discussion; sorry.
> >    the test is going to be with someone like Sun who "bought" a group of 
> >Russian crypto programmers and left them in Russia.  Now, the problem 
> >with ITAR is that if you import that code, you can not then export the 
> >code since it is now covered by ITAR.
	<#2 attila> I guess I should have stated it better: what they are 
    trying to do, for instance with Sun, is treat that foreign entity as
    if it was a direct operating unit of the parent U.S. company.  OK,
    fine, you hire your Russian crypto programming team and my take from
    several conversation is that it is a _good_ team, but the U.S. wants
    to enforce the rule that the code produced in Russia for a "parent"
    American company is _a U.S. product_!  --in other words, the foreign
    division can not sell it overseas.  So far, noone has been charged, 
    but my sources say Sun is the most likely. 
	Either way you slice it, Sun is committed to world wide 
    compatability, and with that goes security, including worldwide NFS.
    You figure it out... 
	what is the alternative for Sun, or Netscape? yup, close down in 
    the U.S. and go to Holland --oh, they can keep their sales offices in
    the U.S.  --but they will be paying import duty, or they will end up
    contracting local assembly.  closing down in the U.S. literally means
    off NASDAQ.
	the fact that our government is effectively totalitarian is their 
    paranoia -only paranoia that they might miss something or that they
    are not in total control stimulates the kind of attack on the 
    Constitution that is going on. 
> I didn't say that the code would ever be "re-exported":  A copy would be
> brought into the US for domestic use, and everyone else outside the border
> would get their own copy from an outside server. 
> >    secondly, it appears there is a move afoot to make it an ITAR 
> >violation to hire the foreign nationals to circumvent ITAR --basically, 
> >the Feds want to stop cryptography _everywhere_, including telling 
> >Russians they can not work for U.S. companies!  Just where do they think 
> >they are getting off?
> It is for this kind of problem that I "invented" my concept of
> "Assassination Politics":  If everybody pissed off at this situation was
> willing to donate $10 to a fund to reward the deaths of a few government
> officials responsible for ITAR, I can well imagine that this would shake
> them up a bit.  

Robert East <[email protected]> said
 > What all these postings show is the desire of the federal government to
 > attempt to control crypto.  In the past, they were, virtually, the only
 > source for encryption equipment and/or computer code.  Well, now that
 > isn't true anymore.  They came up with ITAR regulations to attempt to
 > put a lid on crypto and other technological developments but it is like
 > trying to use a sieve to carry water.  There are many programmers and
 > others who will produce code and make sure that it is exported
 > anonymously just to prove that the government isn't "All Powerful."
     	<#2 attila> yes, that is true, but that is not the point --we have
    been doing that ever since I have been involved in crypto. 20 years
    ago when the heat was on me, somebody else dumped it whereever. even
    simple things get the Feds' dander up and they need an example; if I
    had not had a U.S. Senator (and I never even met the gentleman) in my
    corner, I would have gone down for the big one in '76. 
	Look at the problem Phil Zimmerman is having --several hundred
    thousand dollars in legal fees so far --for what; the original
    algorithms were published in Scientific American in Oct 77 --and then
    there was _silence_.  Just try and find a copy of that issue in a
    public library; most were pulled. 
	I may have been really pissed off after a couple thugs in trench
    coats knocked on _my_ door early morning to read me my rights for
    "exporting technology to a foreign power," or being detained in a
    little white room for 36 hours at immigration after speaking at a
    conference in Sweden and another in Copenhagen that was highly
    critical of U.S. policy --and discussing advanced hardware techniques
    for emulating BCD machines in not BCD bit slices --just happened to
    match the old Burroughs 3500s which were in all the missle silos
    --now, whatever gave them that idea? :)
	Ask Phil Zimmerman if he would do it again-- I will, because I
    don't give a shit, am old enough that I can afford to have ethics, and
    I am a Jeffersonian democrat; jefferson must be spinning over the 
    speed of light over what the _conservatives_ would do, let alone what
    the liberal Democrats will bleed and do, like Clinton, or Hillary and
    her lez buddy Thomases, who, unpaid, occupies an office in the front
    row (she was the one who was seen carrying Foster's files upstairs to

 > At some point in time the feds are going to put their collective tails
 > between their legs and go slink away to some convenient hiding place. 
 > I think it's a case of Pandora's box being opened with no way of
 > reclosing it. 
	<#2 attila>  naw. they're too stupid and too paranoid to give up. 
    the U.S. has not had a free election since Lincoln's first term and
    Stanton wrote the War Powers Act which, to this day, has not been
    repealed. Russia has more democracy than the U.S. --even if they are
    totally SNAFU.  The U.S. hasn't degenerated to Hussein or the
    Ayatollah, but if NSA and Freeh have their way, it might. As Will
    Rogers said in the early 30s: "...go to the circus? why would I want 
    to do that when Congress is in session?"  or Mark Twain, who said
    something to the effect:  "...the only natural criminal class in
    America is our Congress...."
	it's all a matter of control, or the appearance of being in 
    control. No, they cant bust all of us, but they can set some pretty 
   painful and expensive example of a few of us.  ...been there, and done

 > Bob