[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: crypto for porno users
> a) "no one on the net knows you're a dog" implies that police can
> pose as a fellow porn producer or consumer and get away with it
> more easily.
> b) strong crypto for communications between porn users encourages
> them to speak more freely. When one of the two is a police officer
> in disguise, that encourages the other (the suspect) to reveal more,
> making the investigation proceed more quickly. Knowing that the
> crypto is strong enough to keep government eavesdroppers out, the
> sender is given a false sense of security -- is distracted from
> thinking about the trustworthiness of the receiver while thinking
> about the security of the channel itself.
A common way to get around prostitution sting operations is to ask the lady
to expose sensitive portions of her anatomy to prove her sincerity before
the would-be customer commits to any transactions; this sort of thing is
also becoming commonplace on the net for pornography or pirated software,
too. Would-be trafficers often ask a prospective recipient for a small chunk
of fresh files in advance, before passing back anything serious .. partially
out of suspicion, mostly out of greed, but to the same end. A law
enforcement team would be stepping onto shaky ground if they were forced to
transfer illegal images/etc to a suspected trafficer before getting evidence
from him. Entrapment is an ugly concept.
>3. Encryption of porn would work against the kind of porn distribution
> found on the alt.binary.pictures.erotic... newsgroups. Encryption
> requires that recipients be identified.
Not at all .. a porn distributor could generate a key pair, use part A to
encode the images, and dessiminate part B thru a variety of outlets -
publicly posted, sold, passed thru an informal network of like-minded
>4. Personal file encryption encourages individuals dealing with porn to
> encrypt and keep personal diaries which might contain evidence.
> Since PGP is subject to brute force passphrase attacks, this gives
> an attack which will open *some* of these diaries. Without the
> encryption, the suspect is less likely to keep the diary in the
> first place. This isn't a guaranteed opening into all such
> diaries. There is no such guarantee possible. Rather, this
> suggests that strong crypto has a chance to maximize the effective
> "take" by LE forces.
I would argue the exact opposite - strong crypto would tend to minimize the
effective take, since there's no guarantee that /anything/ on a perp's
system will be in the clear. I'll let someone else with a better background
pound on the 'brute force' section.
Jay Campbell [email protected] - Operations Manager
-=-=-=-=-=-=- Sense Networking, Santa Cruz Node
[email protected] got.net? PGP MIT KeyID 0xACAE1A89
"On the Information Superhighway, I'm the guy
behind you in this morning's traffic jam leaning on his horn."