Re: Rivest's Wheat & Chaff - A crypto alternative

[Dave Emery <die@die.com>]

	There are two bills before Congress.  One (HR2369) concerns 
radio signal privacy and restrictions on scanners and receiving
radio signals without authority, the other (HR2460 and S493) concerns
use of scanners to capture ESNs for the purposes of cloning cellphones.
Both passed the House, and the anti-cloning bill also passed the Senate.


On Mon, Mar 30, 1998 at 09:36:55AM -0800, David Wagner wrote:

> 
> A bill banning mere ownership (and modification, sale, and so on; no need
> for prosecutors to show any ill intent) of cellular capable scanners has
> passed the House by a vote of 414-1.  A very similar version also passed the
> Senate easily, and the two are being reconciled.  There's no opposition;
> this is fasttrack noncontroversial stuff, on the Hill.  I'm told the bill is
> as good as signed.
> 

	That is not my information.   HR2369 (the Tauzin bill)  does not
ban mere possession of cell capable scanners.  It bans manufacture,
assembly, sale, import, export, or distribution of *any* radio equipment
(not just cellphone capable scanners) "intended" for the unauthorized
receipt, interception, or divulgance of communications in violation of
the amended section 605 (which bans interception or divulgance rather
than the previous *and* divulgance).  This very clearly does not ban
possession, and also very clearly speaks to intent.   What this
draconian language means with respect to a wide band radio receiver such
as a scanner that can tune in certain signals it is not legal to listen
to is not clear at the moment, as it turns on what "intended" means. 
Penalties for violation of this are 5 years in jail and $500,000 fine
per sale... (the law was basicly expanded from one forbidding the sale
of satellite TV piracy gear - and similar language has been the law
since 1988, but less clear).

	According to Thomas and my other sources, HR2369 is still in the
Senate Commerce Committee and has not been marked up - apparently Sen
Hollings of SC has put a hold on it for further study.

	 There is a bill (S493) which establishes 15 years in prison for
"knowingly and with *intent to defraud* uses, produces, traffics in, has
control or custody of, or possess" a scanning receiver "to intercept an
electronic serial number, mobile identification number or other
identifier of any telecommunications service, equipment or instrument. 
This later bill clearly concerns ESN theft for purposes of cloning, but
it is broad enough so it conceivably might be applied to possession of
radio receivers capable of capturing any kind of identifying information
for any radio signal - but I think it is probably true that there would
have to be a specific demonstrable intent to defraud demonstrated before
a conviction under this language could happen.  This bill is tough,
however, and does provide for "forfeiture of any personal property used
or intended to be used to commit the offense".

	S493 does make it illegal to merely possess "hardware or
software, knowing it has been configured to insert or modify
telecommunications identifying  information associated with or contained
in a telecommunications instrument so that such instrument may be used
to obtain telecommunications service without authorization".  No
requirement of intent to defraud need be demonstrated here, but there is
an affirmative defense "(which the defendant must establish by a
preponderance of the evidence) that the conduct charged was engaged in
for research or development in connection with a lawful purpose."

	This bill, is one of the first I know of to outlaw mere *possession*
of software.   And they can take seize your computer, your car, and Lord
knows what else if they find the illegal software on your laptop hard drive.
They need not prove you had any intention of using it to clone cellphones,
just that you knew it was configured for illegal ESN alteration and you did
not have it for "research and development in connection with a lawful 
purpose."

	To quote the Committee report on the bill...

    [S493}  amends section 1029 of Title 18 of the United States Code, relating
    to fraud and related activity in connection with access devices. The
    bill amends subsection (a)(8) of section 1029 by deleting the `intent to
    defraud' requirement which exists under current law in order to prove a
    violation of that section. This section relates to persons who knowingly
    use, produce, traffic in, have custody or control of, or possess
    hardware or software which has been configured for altering or modifying
    a telecommunications instrument. As a result of the amendments made by
    the bill, in order to prove a violation of section 1029, law enforcement
    officials will no longer have to prove that a defendant possessing such
    hardware or software did so with the intent to defraud another person. 

    The amendment to the statute is being made because law enforcement
    officials occasionally have been thwarted in proving true violations of
    the statute by the `intent to defraud' requirement. But as the hardware
    and software in question can be used only for the purpose of altering or
    modifying telecommunications instruments, persons other than those
    working in the telecommunications industry have no legitimate reason to
    possess the equipment. Therefore, requiring the government to prove an
    `intent to defraud' in order to prove a violation of the section for
    possessing this equipment is not necessary. By eliminating this
    requirement from existing law this bill will make it easier to obtain
    convictions against criminals who possess this equipment before they
    actually use it for illegal purposes. 


		.............................



    The statute, as amended, also does not prohibit persons from simply
    possessing equipment that only intercepts electronic serial numbers or
    wireless telephone numbers (defined as `scanning receivers' under
    section 1029, as amended by the bill). For example, companies which
    produce technology to sell to carriers or state and local governments
    that ascertains the location of wireless telephones as part of enhanced
    911 services do not violate section 1029 by their actions. Under new
    subsection (a)(8), however, it will continue to be illegal to use,
    produce, traffic in, have custody or control of, or possess a scanning
    receiver if such act was done with the intent to defraud another person.
    This also is current law, and it remains unchanged by the bill. 



> 
> The law enforcement industry couldn't care less whether the cellphone
> airlinks  are private.  All wiretaps are done at the base station or
> inside the network,  where no scanners are needed.
> 
	Sadly, this is only true of *legal* wiretaps by authorized *US* 
entities.   Ask any of the dealers and manufacturers of cellphone
interception gear and high end scanners who buys this stuff (with cell
phone band enabled).   Lots of LEA types have this gear, some of which
is specialized enough so it could have no other purpose.


> I suspect the cellphone industry wants these laws primarily because they find
> them useful at fighting fraud.  When you broadcast a reusable "password"
> (the MIN/ESN pair) over the air in the clear (as analog phones do), devices
> to snoop on conversations start to look very much like devices to steal those
> valuable "passwords".

	Of course.  They could care less about privacy (or they would have
encrypted years ago), but fraud costs them big money.


> 
> Of course, we all know that these laws are pretty ineffective at protecting
> privacy, though they are effective at making it easier to snow the public into
> thinking their cellphones are secure.  (This is only, what, the fourth such
> law?  It just gets worse and worse.)

-- 
	Dave Emery N1PRE,  die@die.com  DIE Consulting, Weston, Mass. 
PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2  5D 27 BD B0 24 88 C3 18