[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: WaPo on Crypto-Genie Terrorism



On 27 Jul 96 at 19:21, John Young wrote:

>    The Washington Post, July 27, 1996, p. A22. 
>    Speaking in Code on the Internet ... [Editorial] 

Some bothersome things about this editorial...

[..]
>    security of their data. They also see it as a market in 
>    which the United States maintains a comfortable lead, one 
>    that is threatened if domestic encryption makers can't sell 
>    their products elsewhere. The makers argue that foreign 
>    encryption software will rush in to fill the gap, doing 
>    nothing about the uncrackability problem -- indeed, making 
>    it worse. The administration in turn is pursuing a wider 

IMO, the US does not have a comfortable lead. It's already falling 
behind considering some of the stronger crypto programs available (at 
least as freeware) are made outside the US.  Many of the stronger 
algorithms were invented outside of the US (IDEA for instance).

[..]
>    with wiretapping. Mr. Freeh, testifying at Thursday's hearing in
>    favor of an optional key escrow plan, noted that the point is not
>    to prevent all  copies of uncrackable code from going abroad --  that's 
>    clearly impossible -- but to prevent such high-level code 
>    from becoming the international standard, with architecture 
>    and transmission channels all unreadable to world 
>    authorities. To software companies and Internet users who 

So why should criminals bother with using standards if they are 
readable by authorities?

>    have been clamoring for the right to encrypt as securely as 
>    possible, Mr. Freeh and others argue, "the genie is not yet 
>    out of the bottle" on "robust," meaning uncrackable, 
>    encryption. 

Are they going to magically erase all copies of strong software that 
is already currently available? (Side note: the Pacifica news report 
on Friday notes that while Freeh gave his testimony, over 100 copies 
of PGP were downloaded from MIT's site.)

[..]
>    Encryption, if widely used, could conceivably ease some 
>    privacy problems concerning who gets to see personal and 
>    financial data on individuals -- though such data usually 
>    are vulnerable to being dug out of storage rather than 
>    intercepted in transmission. But neither is it clear that 

And evidence cannot be encrypted.  You cannot encrypt an airplane 
full of cocaine or an unusually expensive car baught by money from 
drugs, espionage, etc.  Nor can you encrypt bomb-making materials, 
nor conversations in a room (from your mouth to a telephone 
receiver).  Nor will encryption do anything about informants inside 
the communications loop. etc. etc....

>    the encryption enthusiasts' desire for free development 
>    should take precedence over the tracking of terrorism. At 

It's not clear that terrorism can be tracked, even if it's unencrypted.
The OK and WTC bombings were apparently not encrypted, and there's 
some allegations that the authorities had advanced warnings of the 
latter.

>    the very least, Congress should be exceedingly cautious 
>    about getting out ahead of administration concerns on 
>    controls that, once lifted, are hardly reversible. 

The controls haven't done much to prevent free software from being 
exported.  They only control commercial sales of software (and 
hardware).

Particularly absent in the WaPo-ed is that many do not trust the 
authorities (in the US and elsewhere)--particularly the FBI, which
has a long history of extra-legal surveillance.

Rob
---
No-frills sig.
Befriend my mail filter by sending a message with the subject "send help"
Key-ID: 5D3F2E99 1996/04/22 [email protected] (root@magneto)
        AB1F4831 1993/05/10 Deranged Mutant <[email protected]>
Send a message with the subject "send pgp-key" for a copy of my key.