[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

No Subject



Subject: Re: New US regs ban downloadable data-security software

Nelson Minar <[email protected]> writes:

> [email protected] (Lucky Green) writes:
> > Commercial data security software of any kind, regardless if it uses crypto
> > or not, is however prohibited from being distributed via the Internet or
> > being exported by any other means.
> 
> I can at least vaguely understand the rationale behind restricting the
> export of cryptography. But I don't even begin to comprehend
> restricting the export of data security software. What is going on
> here? Whose idea is this, what is the agenda?
> 
> Is the US government really prepared to take on all the producers of
> virus protection software? Symantec and IBM are pretty big players to
> upset. And they don't even have the "drug dealers and terrorists"
> bugbear to defend this particular export restriction.

They don't have to.  They will almost certainly approve almost any
non-crypto data security product for export (well, unless they want to
punish a company for domestic crypto products :-(, but I think the
commerce department can deny actually deny all a comany's exports even
without EAR).

What's really going on here is that the NSA wants to know exactly
what's out there in terms of virus protection and security software,
so that if they need to release a virus or something they know exactly
how to work around the defenses people are using.  You're not going to
too many export applications denied for this kind of stuff.  It's more
just a way for them to know exactly what's going on in that realm.