NSA's Long Strong Arm

[John Young <jya@pipeline.com>]

>From a series in Network World, July 20, 1998,
"The Long, Strong Arm of the NSA," about the
Agency's methods of enforcing export obedience
with intimidation, delay and obfuscation:

 User manual: Dodging the rules 

 By Ellen Messmer Network World, 

 The National Security Agency (NSA) wrote the export rules 
on encryption. But from the point of view of corporations 
that want to ship U.S. software to their foreign offices, 
getting around the U.S. export rules is a top priority.

 And even for those who used to work at the NSA, it's still 
a challenge.

 "Well, I wrote those export rules when I was at the NSA," 
confessed Russell Davis, now chief of information technology 
security at SBC Warburg Dillon Read, a division of Swiss Bank 
Corp., which operates in 77 countries. Since joining the 
corporate life, Davis has used his knowledge of the NSA to 
find ways to work around the export system on behalf of his 
customer, the bank, which uses a lot of encryption-based 
security gear.

 "It took 17 months to figure out how to get crypto-based 
smart cards to Swiss facilities and elsewhere," Davis said. 
"But I wrote the rules on all this, and I know how to get 
around them." Would he ever consider using government-
approved data-recovery?

 "Never," Davis declared. "My customers come first!"

 "Our customers just aren't going to buy these types of 
products," said Tom Carty, vice president of business 
development for GTE CyberTrust. He agreed the government is 
leading industry down a path to build products few users 
will willingly buy.

---------

More at Network World:

 http://www.nwfusion.com/news/0720nsa.html  (requires sign-up)

Mirror:

 http://jya.com/nsa-lsa.htm

Thanks to MO.