Re: Let's Say "No!" to Single, World Versions of Software

[jim bell <jimbell@pacifier.com>]

At 03:02 AM 7/31/96 -0700, Timothy C. May wrote:
>Having a U.S. version, without any limits on crypto and without any
>software key escrow (GAK), and then having a "for export" version, with
>keylength limits and/or mandatory registration of keys with the U.S.
>National Security Agency....
>
>Well, what this would do is to basically drive sales of the "NSA" version
>to near zero. Between customer distaste for an NSA version, I can imagine
>many foreign governments not being too pleased to see this product being
>used by its citizens.

For over a decade, the ham radio community has been familiar with the 
phenomenon of handheld, microprocessor-drive "rice radios"  (because they're 
usually Japan-built) which contain an internal limitation keeping them from 
receiving or transmitting out of their band.  These radios are built for the 
world market, and are "programmed" by installing (or not installing) various 
diodes on a PCB.  Removing, adding, or shifting diodes is an easy trick, and 
restores full functionality to the device.

What's to prevent a software writer such as Microsoft (or anyone else, for 
that matter) from writing two versions of a program (domestic and export), 
perhaps containing a difference as minor as a two-byte EQUate representing 
the maximum number of bits that are "allowed" in the key.  Everything else 
is identical.  Making a change would be as simple as bringing up a hex 
editor and changing those bytes.   (okay, admittedly that won't seem simple 
for most people, but a simple single-purpose editor program would probably 
pop up for the purpose.)




Jim Bell
jimbell@pacifier.com