Re: US Urges Ban of Internet Crypto
At 02:05 PM 7/29/99 -0400, Robert Hettinga wrote: The more money people make with internet commerce, the fewer legs totalitarians will have to stand on when they call for the criminalization of strong cryptography. I wish I could agree with you. I think, however, that your thesis holds only when internet commerce grows beyond a critical mass. This has not yet happened. Why do you think Big Brother is stepping up efforts to jack(boot) in to your life before it's too late ? Udhay -- __ http://www.unimobile.com/ http://pobox.com/~udhay sign up for the Unimobile beta today! In touch. Informed. In control.
Re: US Urges Ban of Internet Crypto
It can only be resolved by software and hardware designers choosing to integrate it seamlessly into their products with or without the permission of their rulers. To some degree this is happening in the Open Source community, but in order to make strong crypto ubiquitous for, e.g., cell phones, you need for some cell phone manufacturer to release the source code for their phone's firmware, and information about how to upload new versions of the firmware, and their phone needs to be competitively priced. To make it work without really screwing up the audio quality, you also need the cooperation of the cell sites, so that you can have a digital connection from phone to phone. This seems impossible, since the people who deploy these things are big companies with deep pockets and no vested interest in rocking the boat on crypto. So while your proposed solution may have some good effect, it is unlikely to result in strong crypto being widely deployed and usable by Joe Average. I don't think it's even likely to be widely-enough deployed that governments will be unable to make use of the fact that a message is encrypted to tell which messages it's important to spend CPU time on. Unfortunately, the average Internet user at this point just isn't a crypto-geek. You *have* to educate people about crypto - you *can't* be elitist. Since the demands of digital commerce seem to require strong crypto, and since governments don't write much software, government opinions on the matter are somewhat meaningless. Banks already have permission to use strong crypto. And they don't care that they have to get permission - they fill out so much paperwork already that one more form is down in the noise to them. In the meantime, hot rhetoric can be entertaining, relaxing, motivating for lurkers, and can serve to notify the opposition that there is at least one more redskin off the reservation. Sows FUD. Making people who are weaker than you afraid is a good way to get them not to attack you. Making people who are stronger than you afraid is a good way to get them *to* attack you. I think that in this case, the USG falls into the latter category. Many of these people have very strong good intentions, but are more worried about protecting Joe Average than they are about making things easy for you or for Digital Commerce as an end in itself. The rest of the people are scarier still. If you want to win out over these people, the way to do it is not by raising their hackles. As to the joy of hot rhetoric, it makes *me* feel more hopeless and impotent to do anything about the problem. It does not give me pleasure. I *know* that stockpiling guns isn't a solution to this problem, at least for me, a U.S. citizen. I *don't* believe that this battle is going to be won by engineers putting their futures on the line, and it's *certainly* not going to be won by publically-traded companies with deep pockets and a lot to lose. So hot rhetoric, to me, makes me just want to unsubscribe from the mailing list and go play piano or something. Is that really what you hope to accomplish? I wonder if you think most people are sitting around reading about stockpiling guns and thinking to themselves, "yeah, I wish I'd said that?" What I think most people would *actually* say, if they read this kind of rhetoric, is "how do I get as far away from these people as I possibly can?" _MelloN_
RE: US Urges Ban of Internet Crypto
Lucky Green writes: [Before a reader replies with an argument based on a claim that strong crypto is in the process of becoming ubiquitous, please take a look at your phone. Does it perform 3DES encryption? Do the phones of the majority of Phone? Why do I need a stupid phone if there's http://www.speakfreely.org/ It's cheaper, too. people you call perform 3DES encryption? Alternatively, you could take a look your email client. Does it support strong crypto? Great! Now what Sure. percentage of emails you send *and receive* each day use strong crypto? If your answer is 95% or higher, you might have a point, if it wasn't for the fact that the Minister hasn't been shown the video tape just yet]. Should strong crypto be outlawed, my mail traffic will consist mostly of Pretty Goofy Pictures, and snowy video feed from the webcam. Most of them will be really just pretty goofy pictures, with a wee bit of nondeterministic noise added. Besides, you can control buddy-to-buddy software distribution exactly as well as prevent people from swapping mp3 warez among friends. What next, outlaw compilers? Outlaw hardware? Outlaw people? Don't think so.
RE: US Urges Ban of Internet Crypto
Of course the German government will submit to US demands. Understand that at present, crypto isn't an immediate thread to USG's interests, despite the claims to the contrary by both crypto advocates and the government. The US and its allies have made certain that virtually every piece of mass-market infrastructure has a tappable section built in. Do a search on "crypto" at the ETSI standards documents homepage and you'll realize just how severely the communication infrastructure has been corrupted. Other examples abound. At present, the crypto strategy of the USG centers on a lot of persuasion (with limited success), expert navigation of the political process (with significantly better success, see the rubber-stamping of Wassenaar by virtually all European delegates), and comparatively little open intimidation. As crypto becomes more of a real-life problem to information gathering, the US and other governments starting to clue in as to what crypto means to their very existence will lead to the deployment of bigger guns. It may take a decade or more, but the governments will succeed in outlawing the use of strong crypto in mass market products that don't provide tappable communication link segments. Most of you probably know the following, but just in case somebody doesn't, tappable segments include all communications involving at least one heavily-regulated party. If one was to doubt that the German government will become a stalwart supporter of domestic crypto controls, just imaging what will happen once the US representative shows the German Economics Minister the video tape of the Minister and the 6 year old. Oh, you didn't know about the Economics Minister butt-fucking a 6 year old boy while the boy was forced to suck off the Chancellor? Well, chances are neither do the Minister or the Chancellor, but both most definitely know what will happen once that tape hits the media. They also know that nobody but a few extremists would ever believe that somebody faked the tape. Consequently, the German government will lick the boot that kicked them. When it comes down to pure survival, there are no rules. The truth is, which is what Cypherpunks had been about since the beginning, that widespread use of strong crypto is fundamentally incompatible with majority rule, the operations of modern democracies, and the long-term requirements of maintaining a nation state. Either strong crypto has to go or the above forms of government have to go. There are no alternatives. I know that, most old-timers in the field know that, and perhaps most importantly, the more forward-looking governments know that. Case in point, the US government is painfully aware of that fact. Which is why it has been pushing so hard to implement CALEA and GAK. Ideally on a global basis. In the medium term, which most likely includes the lifetime of the readers of this post, the above mentioned facts will cause strong crypto to not become widely deployed for general purpose end-to-end encryption. [Before a reader replies with an argument based on a claim that strong crypto is in the process of becoming ubiquitous, please take a look at your phone. Does it perform 3DES encryption? Do the phones of the majority of people you call perform 3DES encryption? Alternatively, you could take a look your email client. Does it support strong crypto? Great! Now what percentage of emails you send *and receive* each day use strong crypto? If your answer is 95% or higher, you might have a point, if it wasn't for the fact that the Minister hasn't been shown the video tape just yet]. They will not. Especially the ministry of economy is well aware that the US spies on the german industry, that strong crypto is the only protection against it, and that an open-source development model for security infrastructure is the only one providing a high enough confidence in the security of a product (and providing a Wassenaar-loophole though the public domain exemption on it's way, which they also are very aware of). Andreas -- "We show that all proposed quantum bit commitment schemes are insecure because the sender, Alice, can almost always cheat successfully by using an Einstein-Podolsky-Rosen type of attack and delaying her measurement until she opens her commitment." ( http://xxx.lanl.gov/abs/quant-ph/9603004 )
Re: US Urges Ban of Internet Crypto
In [EMAIL PROTECTED], on 07/27/99 at 09:17 PM, John Young [EMAIL PROTECTED] said: use of the Internet to distribute encryption products will render Wassenaar's controls immaterial." The bitch is getting a clue. :) -- --- William H. Geiger III http://www.openpgp.net Geiger ConsultingCooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP MR/2 the only way for secure e-mail. OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html Talk About PGP on IRC EFNet Channel: #pgp Nick: whgiii Hi Jeff!! :) ---
Re: US Urges Ban of Internet Crypto
[Forwarded because no one has brought up this notion in a while. My problem with it is that most people don't seem to like the 2nd amendment any more so this can hardly help to popularize the cause. My feeling is that the 4th and 5th amendments have more potential protection in them. --Perry] John, et al., In a moment of logic, as if that mattered, WHEREAS By the declaration of the state, cryptographic capacity is a weapon, and WHEREAS By the facts of use, cryptographic capacity is a personal weapon, and WHEREAS The (US) Second Amendment denies the (US) federal government the authority to restrict personal weapons, THEREFORE The right to bear crypto is a (US) constitutional right. Of course, logic has nothing to do with it because the very definition of politics is the art of making decisions based on the manipulation of emotion, but I am, whether by choice or by genotype, a man of logic and not of emotion, though I am pissed off... --dan
Re: US Urges Ban of Internet Crypto
I recognize that this issue is controversial, unless we address this situation, use of the Internet to distribute encryption products will render Wassenaar's controls immaterial." Gee, I thought Reinsch said it didn't matter that encryption software was distributed on the Internet because nobody will trust anything they download off the Internet... :-) Trying to debate these people rationally is like trying to nail Jello to a wall. Phil