search / subscribe / upload / contact












RSS-Feed Depeschen

<< ^ >>

Date: 1999-09-19

US-Kryptoexport: Paranoia jetzt

-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-

Irgendwas stimmt in Sachen Lockerung der
Kryptographie/exporte nicht, meint Matt Bleicher, editor bei
tucows.com, wenn auch die NSA Vertreter auf einmal gar
nichts mehr daran fänden und sogar applaudieren.- es ist ein
Plädoyer dafür, nach den Regeln der kritisch/paranoiden
Theorie das Puzzle aus gleichzeitigen Ereignissen irgendwie
herum zusammenzusetzen.

post/scrypt: "para" .gr präfix, grund/bedeutend "dabei",
"daneben", "zusätzlich" / "noi" subst. = "noos" = "nous"
grundbedeutend "Sinn" "Einsicht" "Vernunft"

post/post/scrypt: Die fehlenden Absätze des Dialogs von
Declan mit Janet Reno und anderen Lichtgestalten aus der
Dunstwolke der Dienste hat dankenswerterweise John
Young [cryptome] gefunden - ganz unten als
Schlusslicht/schwänzchen angehängt
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
Be Afraid: Be Very Afraid

Matt Bleicher

If there has been one constant in President Bill Clinton's U.S.
policy (and there probably has been only one) it has been his
policy on exporting products with a high level of encryption.
President Clinton has stated many times that high levels of
encryption should not go over-seas for fear that it would make
international crime, like child pornography, easier to
perpetrate. However, after years of strong speeches and
strong words condemning the idea, President Clinton has
relented and said that U.S. firms can now ship the strong
encryption overseas.

At first this sounds like a great thing. The arguments that
were put forth by President Clinton and the national law
enforcement community against the sale of products with the
high level of encryption were weak at best. U.S. tech firms
desperately want the ability to sell these products overseas.
They claim, rightfully so, that is costs them a rather large
amount of potential revenue by not having the ability to sell
these products to foreign firms. So, this is a great thing,
right?

Ah, but there must be a catch. After all, not one law
enforcement agency in the United States wanted the
encryption to be exported; yet the nation's top cop", Janet
Reno, Attorney General of the United States, supports the
new policy. Back in July she condemned the mere idea of
this; why the sudden change of heart?

Getting suspicious yet? You should be. It seems that the
U.S. government is no longer worried about the tough
encryption because they are going to have access to virtually
every program shipped outside the U.S. with the encryption.
The U.S. can still stop companies from shipping their product
overseas if they want. The catch will be that unless the
company complies with the demands of the U.S. law
enforcement agencies and gives them a "back door" into their
programs the product will not be allowed to go to foreign
shores.

Of course, this is not official policy. There is nothing that
says that they are going to do this. It is just the best
explanation out there for the sudden about-face that the
Clinton Administration just did. This is a drastic spin even for
them. While to some this may sound like nothing more than
another conspiracy theory about Big Government, consider
the facts:

First, the United States has done this before. Back in the
1940's the U.S. pressured Western Union, RCA and ITT into
giving the government control over telegraph traffic. Western
Union was the only one who limited what the U.S. could see,
while RCA and ITT let the U.S. see whatever telegraphs they
wanted to.

That example too old for you? How about this: Microsoft may
have a security hole in it right now. There is a key called
"NSAKEY" in Windows. It is believed to be a backdoor for
the NSA (National Security Agency). This is in all copies of
Microsoft Windows that are shipped outside of the U.S.

Still not enough? What if I told you that a soon-to-be piece of
U.S. law allows for this? While it is not law yet, the backing
of President Clinton is there, as is the backing of Congress.
The "Cyberspace Electronic Securities Act" allows for
Federal law enforcement agencies to crack codes or get
them from the companies and use them in the course of their
job. The deal is that the law enforcement agencies will not
reveal how they cracked the codes. So, if the NSA, for
example, wanted to force Microsoft to give them a code into
Windows then they could do so and not tell anyone.

Worried yet? I know what you may be thinking if you don't
live in the U.S.: "So what? It isn't like all software comes out
of the United States." True. However, more people use
Microsoft Windows worldwide than any other operating
system and this is a U.S. company. Apple has a strong
following. This is also a U.S. company. Linux has many
distributions coming from the United States, like the best
selling Red Hat. Even BeOS is from the United States.

Now it all comes together. Now the NSA or the CIA (Central
Intelligence Agency) or any other spy group can, at any time,
look an see what you are doing. Even if you do not live in the
United States. All this in the name of stopping criminals. Tell
me, do you want to be treated like a criminal, even though
you have done nothing wrong? Are you willing to give up your
right to privacy just for the possibility of increased safty? I
know that I am not. Giving up privacy for any reason is
unacceptable.

I urge all of you that live in the U.S. to write your
representitive and senator and tell them to vote against the
"Cyberspace Electronic Securities Act". If you live outside
the United States then write your government and tell them to
put pressure on the U.S. to stop exporting products with built-
in security holes. This must be stopped now before it
becomes too late and privacy becomes a thing of the past.

Source
http://news.tucows.com/windows/tucows09191999.html

-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
relayed by typo@scene.at -tnx
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
Q: What do you look for in a technical review?

UNDER SECRETARY REINSCH: There's a number of things that we look for. I think the main one that I mentioned in this forum is that Secretary Daley said we are putting products essentially into two categories: retail produc
ts, and he provided a definition of what that was, and essentially custom products, if you will, the other kind of product. One of the most important elements of the technical review is simply deciding which it is, becaus
e there are differences in the way it's going to be treated, and it's not immediately obvious simply from looking at the external product which, in the case of software, is just a diskette, what it is.

So one of the purposes of the review is to study it, to examine it, and to find out into which category it falls.

Q: In other words, if it's in a box that you get at CompUSA, you can pretty much assume that it's like a retail thing?

UNDER SECRETARY REINSCH: You can make that assumption, but it's going to be more complicated than that. One of the things we're going to do in our consultation process with industry is to discuss that definition and try t
o get a better handle on exactly what constitutes a retail product and what does not.

We're trying to get out your sort of shrink-wrapped products, but one of the things we've learned in the process of learning more about the market over the last year is that these products take many different forms. They'
re marketed in many different ways, and we want to make sure we have a clear understanding from industry as to what those different models are before we finish drafting the regulation.

Q: Does law enforcement and the intelligence community believe that it can, if it needs to, say, decode a terrorist message that's encrypted

in something higher than 64-bit? And if not, then how could you support this?

ATTORNEY GENERAL RENO: I'm obviously not going to tell you how I think I can obtain evidence under existing authorities, but I -- we have carefully looked at this, and think that it is going to be possible.

DEPUTY SECRETARY HAMRE: But we are going to have a fairly significant research and development program that lies ahead of us. This is a very complex environment; it's going to change every day. It's going to take us a fai
r amount of effort to stay ahead of the problem.

Q: Mr. Hamre or perhaps Mr. Reinsch, can you tell us, what's the main point of a post-export review? If the company's sent something out, why do you care where it's gone if it's already out of the country? What do you hop
e to learn from that?

DEPUTY SECRETARY HAMRE: Again, we need to have some understanding of the environment, both technically and operationally, so that we're able then to undertake the research and development it takes to develop the tools for
us to be able to stay ahead of the problem.

Q: -- cost to do this encryption at the Defense Department?

DEPUTY SECRETARY HAMRE: We're just in the process of building our budget. Some parts of the budget, of which you may be interested, I can't discuss.

Q: Were the President's Export Council Subcommittee on Encryption, which came up with a list of recommendations, I guess it was at the beginning of this month -- were taken into consideration?

SECRETARY DALEY: We have a meeting next week.

Q: Mr. Daley, will there be a time deadline for the technical review?

SECRETARY DALEY: We hope to complete them, probably,
within a month of when they're submitted.

DEPUTY SECRETARY HAMRE: But did you ask about
when this regulation comes out, or the normal technical
review?

SECRETARY DALEY: Technical review.

Q: The technical review of each of --

DEPUTY SECRETARY HAMRE: Can I just say, we
obviously don't -- we're not interested in a lengthy process.
But it does require good insights. And this does mean that
companies have to come in with more than just a brochure. I
mean, too much of what we get is simply marketing
proposals, not real technical information.

Q: What else are you looking for in the technical review,
aside from the distinction between commercial product and
non-mass-market product?

SECRETARY DALEY: That will be developed over the next
number of weeks.

Q: What sort of reaction have you gotten to the CESA
legislation? And when information about that legislation was
first revealed, there was a provision allowing for a delayed
notice of a court order, along for a search. And why was that
taken out?

ATTORNEY GENERAL RENO: That was an original draft. We have had further discussion, and feel like, that under existing authorities, with the technical support center funded by the existing authorities, that we can address
the issue, and ensure our abilities to continue our law enforcement responsibilities.

MR. LEAVY: Okay, thank you. Appreciate it.

END 4:00 P.M. EDT (end transcript)

Source
http://www.usia.gov/cgi-bin/washfile/display.pl?p=/products/washfile/latest &f=99091701.clt&t=/products/washfile/newsitem.shtml
-.- -.-. --.-
Jetzt erst recht!
1000 Sonnen - das Musical zur Wahl
heiter, sauber, ordentlich
DrezninMusik MoechelBuch PoschRegie
Premiere 10. September
http://1000Sonnen.heimatseite.com/
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
edited by
published on: 1999-09-19
comments to office@quintessenz.at
subscribe Newsletter
- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
<< ^ >>

BigBrotherAwards Eintritt zur Gala sichern ... 25. Oktober 2023 #BBA23

	related topiqs
	cryptography



	CURRENTLY RUNNING
	q/Talk 1.Juli: The Danger of Software Users Don't Control Dr.h.c. Richard Stallman live in Wien, dem Begründer der GPL und des Free-Software-Movements

	!WATCH OUT!
	bits4free 14.Juli 2011: OpenStreetMap Erfinder Steve Coast live in Wien Wie OpenStreetMaps die Welt abbildet und was ein erfolgreiches Crowdsourcing Projekt ausmacht.