[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PGP Employee on MKR





Anonymous writes:
> [just remove the CMR key and have your message bounce
> 
> People say, "Oh, but then the government will make everybody run the
> policy enforcer and reject any mail not encryped to the government."

Yep.

> First, if they were going to do this, they could do it with old versions
> of PGP too.  Multiple recipients have been around practically forever.

True.  Doesn't mean I'm going to rush off and implement a policy
enforcer to do the job, nor use the good name of PGP Inc to deploy
such software widely.

> Second, it's a ridiculous idea which ignores how email works.  

Nope, it's not.  Enforcement does not have to be 100%.

People smoke various illicit substances; it's illegal: get caught with
your joint, you go to jail.

> More and more people are running systems at home which could send
> and receive SMTP mail.  The trend is towards home servers which
> support the multiple home computers people will have in the next
> decade.  There's no way to make those people run filters!

I'm on dial up, here.  I'll be going permanent just as soon as the
damn cost comes down.  ($15k for 64k line over here, you've got to be
kidding).

> People say, "Oh, but they'll make it illegal to receive mail at home
> without going through an ISP."  

Most users are going via an ISP right now.

> I'm serious, this has actually been suggested on this list.  It has
> to be suggested, because it's the only way this incredibly stupid
> scenario could be made to work.

Nope.  All that is required is for the sending of non-CMR encrypted
emails to be detectable.  Super-encryption doesn't cut it -- the
government is going to notice that, after they've singled you out for
a spot check.

> If the only way the government can enforce GAK is by making it
> illegal for people to receive email through paths which don't pass
> through government filters we can all rest easy, because it will
> never happen.

Lots of things are illegal which it is easy to get away with most of
the time.  Still doesn't make it a good idea to write software which
makes it easier to do spot checks, does it?

> Even for the cases where filtering is done (like businesses), there are
> easy countermeasures, described by no other than Jon Callas, PGP's chief
> scientist!  Why would he say this if there were a massive conspiracy to
> enable GAK?  He's also the one who explained the point above about the
> self signature.  He has suggested two other easy workarounds:
> 
> Modify the PGP 5.0 source to put a fake recipient block on it.  How many
> companies release their source so that you could do this?
> 
> Or superencrypt to the real end user, like you suggested in your scheme.
> Why is this OK as a privacy workaround for your idea but it doesn't
> count for PGP?

Neither of those cut it.  If your company is sampling your email, and
you've hacked around it, they'll just fire you, or what ever.

If it is the government doing the sampling, they'll just lock you up,
or tack 5 years on to the sentence for "use of non GAKed encryption in
furtherance of a crime".

> Then people say, "Oh, but PGP shouldn't have written the SMTP filter
> anyway (or at least they shouldn't have put that one policy in) because
> it would make it easier for the government to make everybody use it."
> 
> Ignoring all the considerations above about what a stupid idea this is,
> the fact is that a simple filter like this is incredibly easy to write.
> I'm sure a skilled Perl hacker like Adam Back could put together something
> to check that a PGP message is encrypted to a desired key in a few hours.

Sure.  But just because this is possible doesn't mean you should do
it.  The gap between me doing it, and PGP doing it is that PGP are
shipping hundreds of thousands of the things.  Deployment wins.

> The existence of such a filter is totally insignificant in the big
> picture.  If we are ever forced into a GAK system and filtering turns
> out to be a part of the picture, it will be trivial for such filters to
> be created.  PGP's SMTP product will not make any difference one way or
> the other.

Maybe.  The point is that if pgp5.5 didn't include it this extra
deployment hurdle would be the government's problem.  Users would be
using older mail systems for ages.

> The fact is, nobody has come up with a scenario where PGP's CMR feature
> can be turned into GAK in any practical way.  They have to assume that all
> kinds of changes and additions are made - inability to remove CMR keys,

Nope.  Never said that.  You can remove them all you like -- your mail
just bounces when you do.

> forcing everyone to run SMTP filters, 

not required.

> making it illegal to receive email at home, 

not required.

> preventing people from implementing clients with workarounds,

not that much of a big deal; most users have enough problems just
getting out of the box software to work without downloading cypherpunk
patches, knowing what they are etc.  Ie we _know_ that cypherpunk
types will be ok.  That's not the point.

> changing the technology to make it harder to implement workarounds
> using binding cryptography.  

That's an optional.

> Any system can be turned into GAK if you're allowed to postulate
> these kinds of changes.  And the fact is that every GAK system so
> far designed can be trivially defeated.

So could clipper.  Where you defeneding it too?  It was optional (or
so they said), etc.

Think about detection rather than hackign around once things become
laws with associated jail times.

> [source code, non-GAKked freeware]
>
> The existence of these products in source code form will forever stand
> as a barrier to any hope to coax (most) people into using GAK software
> by forcing it into built-in products, leaving the alternative of non-GAK
> software only to a tiny minority.  This in itself should monkey wrench
> any government plans for requiring GAK.

I think you'll find that the majority of users will use the GAKked
stuff.  Most users are using windows.  Most are using 40 bit crypto.

Adam
-- 
Now officially an EAR violation...
Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/

print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`