Please Make Stable NON-US Homes for Strong Crypto Projects
by John Gilmore, in Editorials - Thu, Sep 20th 2001 00:00 PDT
"We freedom-loving U.S. citizens have had to rely on the
freedom-loving citizens of saner countries to do the work of making
strong encryption for many years. We had a brief respite, which we
will eventually resume for good. In the meantime, please let me
apologize for my countrymen and for my government for asking you to
shoulder most of the burden again..."
Copyright notice: All reader-contributed material on freshmeat.net
is the property and responsibility of its author; for reprint rights, please contact the author
directly.
It's clear that the U.S. administration is putting out feelers to again
ban publication of strong encryption. See http://www.wired.com/news/politics/0,1283,46816,00.html.
The evil gnomes who keep advancing unconstitutional U.S. anti-crypto
policies know that the current hysteria in Congress and the
Administration will not last forever, so they will probably move very
quickly -- within a week is my guess -- to re-control encryption,
either by a unilateral action of the Administration (by amending the
Export Administration Regulations), or by stuffing a rider onto some
so-called "emergency" bill in Congress.
They maneuvered very carefully in the Bernstein case, so that there is
no outstanding injunction against violating the Constitution this way
-- and even no binding 9th-Circuit precedent that tells them it's
unconstitutional to do so. They know in their hearts that numerous
judges have found it unconstitutional, but they have proven throughout
the seven-year history of the case that they don't give a damn about
the Constitution. That means it may take weeks, months, or years for
civil liberties workers to get a judge to roll back any such action.
Not just days. We won the case, but they squirmed out of any
permanent restrictions -- so far.
The U.S. government has a new mania for wiretapping everyone in case
he might be a terrorist. There are already two bills in Congress to
make it trivial for them to wiretap anybody on flimsy excuses, and to
retroactively justify their precipitous act of rolling Carnivore boxes
into major ISPs this week and demanding, without legal authority, that
they be put at the heart of the networks (see http://www.politechbot.com/docs/cta.091401.html).
Even more than before, we will need good encryption tools, merely to
maintain privacy for law-abiding citizens, political activists, and
human rights workers. (In the current hysteria, mere messages
advocating peace or Constitutional rights might best be encrypted.)
The European Parliament also recently recommended that European
communications be routinely encrypted to protect them from pervasive
U.S. Echelon wiretaps.
Some U.S. developers, who thought such a reversal would never happen,
have built or maintained a number of good Open Source encryption tools
in the United States, and may not have lined up solid foreign
maintainers or home sites.
LET'S FIX THAT! We need volunteers in many countries to mirror
current distributions, CVS trees, etc. We need volunteers to also
act as maintainers, accepting patches and integrating them into
solid releases.
(Note that too many countries have pledged to stand toe-to-toe with
the U.S. while they march off to make war on somebody, though they
can't figure out who it is yet. If you live in one of those
countries, you may suddenly find that your own crypto regs have been
sneakily altered. Take care that each useful package has maintainers
and distribution points in diverse countries.)
I haven't kept close track of which packages are in danger. I suggest
that people nominate packages, that others immediately grab mirror
copies of them as they are nominated, and that some of those who
mirror them keep quiet, in case hysterical governments make a
concerted effort to stamp out all copies and/or all major distribution
sites. If you aren't the quiet type, then AFTER immediately
pulling a copy of the code outside U.S. jurisdiction, announce
your mirror.
We freedom-loving U.S. citizens have had to rely on the freedom-loving
citizens of saner countries to do the work of making strong encryption
for many years. We had a brief respite, which we will eventually
resume for good. In the meantime, please let me apologize for my
countrymen and for my government for asking you to shoulder most of
the burden again. Thank you so much.
P.S.: Companies with proprietary encryption packages might consider
immediately Open Sourcing and exporting their encryption add-ins, so
their customers can still get them from overseas archives, or taking
other actions to safeguard the privacy and integrity of their
customers' data and their society's infrastructure. I also advise
that they lobby like hell to keep privacy and integrity legal in the
U.S.
Author's bio:
John Gilmore can be found at http://www.toad.com/gnu/.
T-Shirts and Fame!
We're eager to find people interested in writing articles on
software-related topics. We're flexible on length, style, and
topic, so long as you know what you're talking about and back up
your opinions with facts. Anyone who writes an article gets a
t-shirt from ThinkGeek
in addition to 15 minutes of fame. If you think you'd like to try
your hand at it, let jeff.covey@freshmeat.net
know what you'd like to write about.
[Comments are disabled]
Comments
[»]
Democratic society?
by Caglios - Sep 30th 2001 19:38:49
I always found it amusing when I'd walk into my local technical bookshop
and see a whole shelf on crypto cracking with huge yellow stickers on the
front reading, 'Banned by US censors'. Now I know they were serious.
I picked up technical schematics for the AT&T attempt to build a
machine which would crack the DES algorithm (also banned by US censors)
and the most amusing thing was that after spending a quarter mil, the
thing still didn't work. Got the feeling congress isn't so much
politically motivated to stamping out cryptography as it is towards
preserving the bottom line; And given that i've spent good last 5 years at
university studying cryptographic techniques, i'd like to think I could
come out with a job at the end.
I'll be your mirror man. :)
[reply]
[top]
[»]
Stable NON-US Homes for Strong Crypto Projects
by Albert the Skeptic - Sep 24th 2001 15:02:50
The big hole in the Administration's most recent campaign for e-snooping is
that the attack was so low-tech it could have been stopped by 18th century
defences. A good swordsman with a rapier (on each flight) could have made
skewered the whole bunch, and without endangering passengers with bullets.
--
If it's "incredible" don't believe it.
[reply]
[top]
[»]
Mirror offer for crypto and stego developers and authors
by David Gümbel - Sep 24th 2001 07:49:17
I'd like to offer a (free) mirror (located at Tübingen university in
Germany) to any developer or author of cryptographic or steganographic
software or documents (HOWTOs, books etc.) Eventually there will also be
CVS access for developers. Feel free to contact me. My gpg key can be
found at
http://www-ti.informatik.uni-tuebingen.de/~guembel/key.txt
CU
David
[reply]
[top]
[»]
Have you guys lost your minds?
by Tony Smith - Sep 21st 2001 23:08:52
Do you really think this would happen? Do you think Americans are that
dumb? Do you think banks and finance institutions would let that happen.
Do you forget IBM has just put Linux on the NYSE? I'm almost embarrassed,
I can't believe you guy listen to one dumb ass about crypto. Do you think
the US government doesn't know by changing a law isn't gonna make everyone
just quit using crypto, especially criminals? Geeze, do I belong to a
cult?
[reply]
[top]
[»]
Re: Have you guys lost your minds?
by Steven Feil - Sep 27th 2001 00:11:01
When it comes to betting on whether the legislature would comprehend why
these laws would be ineffective I would say that the dump legislature
would be a safe bet.
I recently changed my jurisdiction for the US house of representatives. I
believe my previous representative would understand the issues involved,
and would possibly be sympathetic to the cause of keeping strong
encryption available. However my current representative is as dumb as a
box of rocks when It comes to technology, I'm sure is long as he can "sell
it" to the masses as something that will "stamp out" terrorist or
law-brakers it will get his rubber stamp no matter how ineffective or
ill-conceived. (I voted for his opponent in the last election, even
thought he was not much better)
PS. I'm thinking about sending a letter to my old representative, I'm not
sure if I should put the return address for my old address or my new
one.
> Do you really think this would happen?
> Do you think Americans are that dumb?
> Do you think banks and finance
> institutions would let that happen. Do
> you forget IBM has just put Linux on the
> NYSE? I'm almost embarrassed, I can't
> believe you guy listen to one dumb ass
> about crypto. Do you think the US
> government doesn't know by changing a
> law isn't gonna make everyone just quit
> using crypto, especially criminals?
> Geeze, do I belong to a cult?
>
--
=======================================================================
Steven Feil | Gram-pa, back at the turn of the .~.
Programmer/Developer | century, why did people use an /V\
sfeil@io.com | operating system, when they were not // \\
| allowed to see the source code? (X_X)
=======================================================================
[reply]
[top]
[»]
I offer a mirror.
by Stomil - Sep 21st 2001 15:46:52
I can mirror a not very large project (say up to 1-1.5 gigabytes) on a
server I own. It is located in Poland, runs 24/7 and has quite good
connectivity. If Anyone is interested, please write me at the advertised
hushmail address, or at any address advertised as VALID user iD of OpenPGP
key 0x21939169 avaliable at certserver.pgp.com. Please use PGP encryption.
Thank you.
<br>
Stomil
--
OpenPGP: 0x46399138
[reply]
[top]
[»]
Encryption laws per country
by aderuwe - Sep 21st 2001 12:08:53
http://www.gilc.org/crypto/crypto-survey.html
lists crypto laws for alot of countries.
ad
[reply]
[top]
[»]
Re: Encryption laws per country
by SemiSpherical - Sep 21st 2001 12:56:45
> http://www.gilc.org/crypto/crypto-survey.html
>
> lists crypto laws for alot of
> countries.
A lot has changed in 4 years. The UK section in particular is completely
out of date! (We have the RIP act now, where a `legal authority` can
demand keys, under penalty of 2 years in prison (though this will hardly
deter terrorists and hard drugs dealers, who will take the 2 years rather
than 20/life/whatever)
[reply]
[top]
[»]
Shameless plug fore freedom-respecting ISP
by M. Sypkens Smit - Sep 20th 2001 19:58:39
For those who checked out the links to the munitions mirrors might have
noticed the links to the XS4ALL mirrors. XS4ALL (http://www.xs4all.nl/) is
an ISP in the Netherlands and IMO certainly the very best one here by far.
First of all: I'm in no way affiliated with them, aside from the fact that
my parents use them for an ISP. (My own connection is currently supplied by
the University.)
Please read on while I tell you why I like XS4ALL so very much ... They
certainly aren't the cheapest at aprox. $12.50 a month for dialup, but I
don't think a single one of their customers minds.
XS4ALL was started by a couple a "hacker-friends" in 1993,
making it the first ISP in the Netherlands. From the very start they where
devoted to guaranteeing the privacy and rights of their customers. I don't
think they have ever pulled one of the pages of their customers because
someone told them to(*). A couple of years ago (1997?) when there was a
large-scale investigation into child-pornography in the Netherlands they
were the only ones to refuse to have their wire tapped, because they
believed that the law the criminal investigation team based their 'right
to tap' on didn't give them the right to do so. Two years later a judge
decided that XS4ALL had been right. Every other ISP had just obeyed
because the police told them so, but they didn't. Let me stress however
that XS4ALL is no safe-haven for child pornographers. They even assisted
in the foundation of the national online organisation where people can
report child pornography.
XS4ALL is one of the only ISPs here that doesn't sell the privacy of their
customers. They don't monitor their users or sell their addresses to
advertisers. No hidden catches such as having to unclick a check box or
something like that. During the war in Serbia they kept radio B92 in the
air by airing broadcasts over the Internet. They're hosting the site that
has broadcasts of the hearings in the Yugoslav War Tribunal in The
Hague.
Furthermore they have had telnet (and ssh) access for every dialup account
from the very start. (Full access to UNIX systems with fat pipes for normal
people from 1993!) They have one the largest set of ftp-mirrors for things
like FreeBSD, (afore-mentioned) Munitions, CPAN, Linux distro's, GNU,
Xfree, Tucows, Linuxberg, a complete Debian mirror (!), allmactintosh,
Beos, etc.
They're one of the few ISP's that haven't yet felt the need to limit the
traffic of their DSL-users. They don't close ports when things like
virusses such as Back Orrifice of Code Red strike. They never send
unsollicited e-mails to their users and have so many technically
well-managed services such as a very good (huge!) newsfeed, irc, ftp,
bsmtp and dozens of game-servers. Though not officially, they support
OS'es other than Windows or Mac: they have the HOWTO's and packages for
using DSL with Linux on their homepage! You can meet and talk to many of
their technicians on irc or in news://xs4all.*. You just sense the high
level of compentence in every one of their services. It reminds me quite
often of Columbia Internet (UF).
You can imagine the huge worries of many people when in 1998 our national
telecom-provider (KPN) bought XS4ALL. People were very worried that, even
though it was stressed that they would remain independent, freedom and
privacy would decline and XS4ALL would be forced to stop many of their
'extra' activities because of 'cost-effectiveness'. I'm glad that such a
thing didn't happen so far. I certainly hope they are still there
(unchanged), when the University will no longer supply me with
Internet.
I'm sorry if you still feel that this is a shameless plug (don't say I
didn't warn you in the subject!), but I felt the need to tell you all
there's still hope for our freedoms with ISPs like XS4ALL around. I hope
the message came across as I might have been rambling away a bit ;-)
* - Some might consider this as bad, as one of their users for example
mirrored the anti-abortion pages at their servers when every single ISP in
the USA seemed to refuse to host it. It contained a list with doctors that
allegedly practiced abortion accompanied with their addresses. Some of the
names on the list had suggestingly been 'crossed off'.
--
Matthijs Sypkens Smit
[reply]
[top]
[»]
xs4all and munitions.
by Vipul Ved Prakash - Sep 20th 2001 21:42:10
> For those who checked out the links to
> the munitions mirrors might have noticed
> the links to the XS4ALL mirrors. XS4ALL
> (http://www.xs4all.nl/) is an ISP in the
> Netherlands and IMO certainly the very
> best one here by far.
They are indeed. xs4all gratiously donated
a top-of-the-line server and an unmetered
100 mbps link to host the primary
munitions
site.
Speaking of munitions, we are on a mirror
setup drive at the moment. If you are interested
in putting up a mirror, please drop me a
mail at mail@vipul.net. For a web based
mirror,
we need a well connected unix box, running
apache, perl, ssh and rsync with ~3gb of free
space.
Anonymous rsync access died when we shited
the primary to xs4all, but it should be restored by
tonight. If you want to do a files only mirror,
you would be able to snarf the archive with rsync.
More information about mirroring can be found
in this (slightly out-dated) mirroring
HOWTO.
best,
vipul.
[reply]
[top]
[»]
Re: xs4all and munitions.
by Vipul Ved Prakash - Sep 20th 2001 23:13:19
The HOWTO
has been updated and anonymous
rsync servers are available again.
best,
vipul.
[reply]
[top]
[»]
Re: Shameless plug fore freedom-respecting ISP
by SemiSpherical - Sep 21st 2001 11:25:43
"I don't think they have ever pulled one of the
pages of their customers because someone told them to"
Didnt they pull some because of $cientology legal harrassment?
[reply]
[top]
[»]
Re: Shameless plug fore freedom-respecting ISP
by M. Sypkens Smit - Sep 23rd 2001 13:29:07
>
> Didnt they pull some because of
> $cientology legal harrassment?
Could be. I don't know the exact details of every issue concerning XS4ALL.
I do indeed remember something about scientology claiming that the user had
infringed upon their copyrights by quoting (some of) their texts. I don't
know what happened exactly in that case. The fact still remains however
that they are strong defenders of privacy and personal rights.
[reply]
[top]
[»]
Good thing !
by Microwave - Sep 20th 2001 19:45:39
If Im not doing anything wrong, I dont need to be worried about using
strong encription, if the ban helps to catch people that kill thousands of
people.. let them BANN the 128bit encription too...
[reply]
[top]
[»]
Re: Good thing !
by Steven Murdoch - Sep 21st 2001 10:52:50
> If Im not doing anything wrong, I dont
> need to be worried about using strong
> encription, if the ban helps to catch
> people that kill thousands of people..
> let them BANN the 128bit encription
> too...
>
That is a fair point, but as you say it is only valid IF it would
help catch any criminals. However it is obvious that it will not, firstly
strong encryption software is publicly available, anyone who may want it
can get it with little difficultly. Should any ban be put in place it will
only apply to the US so criminals will either stick with their current
encryption software or obtain it from another country. Secondly even if
the software can be restricted there are plenty of copies of books that
would allow a competent programmer to write a simple but strong encryption
program in less than a week. Unless the US Government is advocating
book-burnings they cannot restrict this knowledge.
The only other statement I have heard is that if strong encryption is
illegal then it will stand out from unencrypted and weakly encrypted
communications, but this is clearly not true for any software designed to
hide the fact that it contains strongly encrypted data. Firstly all
encrypted data resembles random noise, in order to check whether it
contains strongly encrypted data it would attempt decryption of every
passing message, whether a court order was present or not, which would be
a massive invasion of privacy, but technically feasible. The main problem
is of that stegnography; software and books about this subject are widely
available so as I have mentioned it is impossible to restrict the
availability to criminals. Using a stegnography program it is possible to
add data to an image or audio file, and since strongly encrypted data is
indistinguishable from random noise it is impossible to show that a data
file contains hidden data without breaking the encryption itself.
In summary, restricting the availability of encryption software will not
help in any way to catch criminals or prevent crimes. It will only succeed
in giving people in government organisations more power over law abiding
citizens than the have at the moment, which given the history of
governments in general and the US Government in particular, would not be a
good idea.
[reply]
[top]
[»]
Re: Good thing !
by Steven Murdoch - Sep 21st 2001 11:03:40
I forgot to add that in my opinion these laws are being proposed as a
knee-jerk reaction to the tragic events of September 11th. They will
appease the majority by persuading them that helpful action if being
taken, since many people do not understand the issues involved, but only
succeed in hiding the true problems. In order to prevent events like this
in the future, effective action could be taken, but all the options are
very expensive. Banning strong encryption is cheap but gives the public
nothing more than an illusion of safety.
[reply]
[top]
[»]
good editorial.
by k0nsl - Sep 20th 2001 19:11:51
I think it was a good editorial.
--
k0nsl, SysAdmin, system33r@gmail.com
[reply]
[top]
[»]
An alternate opinion
by Scribe - Sep 20th 2001 15:36:54
I work on a project that needs encryption to assure publishers that their
property will not be 'stolen' by software pirates. I also work for an
ecommerce company selling software to various parts of the world that
encourage breaking of US copyright laws. In both of these situations, the
reality is, if someone really wants to decrypt your 'books' or break your
copy protection, they'll do it. We must settle with the reality that the
best we can do is make it difficult such that a reasonable level of
security is obtained; or at least weigh the expense of time and money of
further efforts with the additional percentage of protection we get.
My next point will probably not go over very well... I personally don't
care if the NSA monitors my email. I would encourage them to do such. I
have nothing to hide. And in the wake of September 11th, the price
(whatever that might be; I'm not thinking of anything that troubles me
right now) is well worth it.
Unlike people in many other countries, I really elect my government. I
choose to put people over me and my country and ask them to protect us. I
think intelligence is a vital form of this, and I would love for us to be
able to write 'nearly unbreakable' encryption, and for them to have the
intelligence and other capacity to break it.
SUMMARY: I don't think encryption export laws do anything more than gun
control laws. Criminal will NOT obey the law, as others have already
commented. I understand our SIGINT capacity is NOT where it needs to be,
and this is where my complaint lies. Their call should be, "Fine,
encrypt away. We have the best and brightest and we'll have no troubles
doing our job."
And as an American with nothing to hide from my government, I say,
"Do it well!"
[reply]
[top]
[»]
Re: An alternate opinion
by xercist - Sep 20th 2001 16:15:07
> I work on a project that needs
> encryption to assure publishers that
> their property will not be 'stolen' by
> software pirates. I also work for an
> ecommerce company selling software to
> various parts of the world that
> encourage breaking of US copyright laws.
> In both of these situations, the
> reality is, if someone really wants to
> decrypt your 'books' or break your copy
> protection, they'll do it. We must
> settle with the reality that the best we
> can do is make it difficult such that a
> reasonable level of security is
> obtained; or at least weigh the expense
> of time and money of further efforts
> with the additional percentage of
> protection we get.
What you fail to understand here is that cryptography isn't all the same.
If you're using it to prevent people from making copies of something you
sell them, no, it will not work because that is impossible. Cryptography
is about keeping a secret between two or more parties that want it to
be a secret. If the recipient of the message wants to share it,
there's nothing you can do to stop him.
However, If you're using
cryptography in a case where both people *want* to keep the secret (let's
say a customer is giving his credit card to a reputable business over the
internet), then strong cryptography can be very powerful and extremely
difficult to crack.
> My next point will probably not go
> over very well... I personally don't
> care if the NSA monitors my email. I
> would encourage them to do such. I have
> nothing to hide. And in the wake of
> September 11th, the price (whatever that
> might be; I'm not thinking of anything
> that troubles me right now) is well
> worth it.
Saying "I have nothing to hide" shows only ignorance. Perhaps YOU don't
use email for anything of any importance, but many people do. Would you be
ok with letting government agents come in your house any time they want,
then living with you to watch everything you do, just waiting for
something they can use against you?
And I shouldn't say just the government, because surely when everything is
backdoored you can't believe the government's master secret keys will stay
secret forever. The first time something gets out, everyone's screwed.
> Unlike people in many other countries,
> I really elect my government. I choose
> to put people over me and my country and
> ask them to protect us. I think
> intelligence is a vital form of this,
> and I would love for us to be able to
> write 'nearly unbreakable' encryption,
> and for them to have the intelligence
> and other capacity to break it.
>
> SUMMARY: I don't think encryption
> export laws do anything more than gun
> control laws. Criminal will NOT obey
> the law, as others have already
> commented. I understand our SIGINT
> capacity is NOT where it needs to be,
> and this is where my complaint lies.
> Their call should be, "Fine,
> encrypt away. We have the best and
> brightest and we'll have no troubles
> doing our job."
>
> And as an American with nothing to
> hide from my government, I say, "Do
> it well!"
Again, you're confused about encryption. Strong crypto is extremely
difficult to break when implemented correctly.
And I think most americans would disagree with you if asked "Do you have
the right to keep a secret?"
[reply]
[top]
[»]
Re: An alternate opinion
by xercist - Sep 20th 2001 16:18:13
footnote: Thank you, though, for not backing up the ban of crypto. My above
rant would have been much nastier ;)
[reply]
[top]
[»]
Re: An alternate opinion
by hardatwork - Sep 20th 2001 17:17:17
> My next point will probably not go
> over very well... I personally don't
> care if the NSA monitors my email. I
Why do think this this won't go over very well? Is it because most people
are criminals, or do they fear a government that has no limits?
Don't forget, you can work for the government and be a criminal at the
same time. That goes for legislators as well.
> Unlike people in many other countries,
> I really elect my government. I choose
> to put people over me and my country and
Yes, but when was the last time you were personally consulted by your
representative before he/she proposed or voted on any public policy?
Voting only legitimizes those that hold office, it doesn't legitimize what
laws they create. That's why there is constitutional review. The
constitution guarantees privacy and with good reason. It's not the
government's right to snoop on it's citizens. Not unless we want to toss
out the constitution. I for one kinda dig it.
[reply]
[top]
[»]
enemy.org starts sw-mirror
by Alec - Sep 20th 2001 14:03:30
enemy.org is starting a software mirror for some
of the crypto-sources at ftp://ftp.enemy.org/pub/crypto.
we are located in austria/vienna.
at the moment we mirror the gnupg and openssl
archives. please comment what else would be important to have
archived.
later,
alec
--
- Paranoid schizophrenics outnumber their enemies at least two to one.
[reply]
[top]
[»]
Re: enemy.org starts sw-mirror
by xercist - Sep 20th 2001 16:00:57
> enemy.org is starting a software mirror
> for some
> of the crypto-sources at
> ftp://ftp.enemy.org/pub/crypto.
>
> we are located in austria/vienna.
>
> at the moment we mirror the gnupg and
> openssl
> archives. please comment what else
> would be important to have archived.
>
> later,
> alec
As I put in an earlier comment, it would be agreat idea to become a Munitions mirror if you want to
help out.
[reply]
[top]
[»]
Non-US Home
by grex - Sep 20th 2001 12:02:51
There's a SourceForge clone in Germany at BerliOS.
[reply]
[top]
[»]
Don't re-elect our politicians
by Bob Plankers - Sep 20th 2001 10:55:57
We live in the U.S. where our politicians are elected. Can we not make it
clear to them that we will not vote for them if they ban encryption? This
might be a good excuse for spam mail -- let the populace know what's
happening to them.
[reply]
[top]
[»]
Re: Don't re-elect our politicians
by rebby - Sep 20th 2001 10:59:28
> We live in the U.S. where our
> politicians are elected. Can we not make
> it clear to them that we will not vote
> for them if they ban encryption? This
> might be a good excuse for spam mail --
> let the populace know what's happening
> to them.
yes, but you have to remember that the majority of the population is
ignorant. if they are told by the media that this is a good thing they
will favor it... i saw a news site the other day (linked from /.) that
said something like 80% of the public favored back doors... of course
nearly 100% of the "geeks" fell in that other 20%...
--
Curt Rebelein, Junior -- http://rebby.com/
[reply]
[top]
[»]
Re: Don't re-elect our politicians
by Ralph Hebb - Sep 20th 2001 11:45:41
Personally, what I'd like to see is an emigration HOWTO. I bet if I put a
draft up on kuro5hin I'd make a bunch of friends..
>
> % We live in the U.S. where our
> % politicians are elected. Can we not
> make
> % it clear to them that we will not
> vote
> % for them if they ban encryption?
> This
> % might be a good excuse for spam mail
> --
> % let the populace know what's
> happening
> % to them.
>
>
> yes, but you have to remember that the
> majority of the population is ignorant.
> if they are told by the media that this
> is a good thing they will favor it... i
> saw a news site the other day (linked
> from /.) that said something like 80% of
> the public favored back doors... of
> course nearly 100% of the
> "geeks" fell in that other
> 20%...
>
[reply]
[top]
[»]
Re: Don't re-elect our politicians
by Christopher - Sep 22nd 2001 04:49:33
> We live in the U.S. where our
> politicians are elected.
Oh? Excuse me. The ultimate rabble-raiser I heard
talking in the the Senate and the House the other
day got himself there by getting his mates in the
Supreme Court to put him there. Government by the
People for the People. Bah, humbug, and frankly -
right now - lies. Big fat ones.
[reply]
[top]
[»]
Re: Don't re-elect our politicians
by Stephan Niemz - Sep 24th 2001 05:59:21
> We live in the U.S. where our
> politicians are elected.
Really? As I recall, the majority of you voted for Gore, not for
George Double-U. He got president because of an extremely outdated
election system and because of a strong army of lawyers behind him and
because of a lot of money to pay them (and the campaign). That is not
what I consider a democratic election. Greetings from
Germany, - Stephan.
[reply]
[top]
[»]
Re: Don't re-elect our politicians
by Uwe C. Schroeder - Sep 29th 2001 12:54:05
>
> % We live in the U.S. where our
> % politicians are elected.
>
>
> Really? As I recall, the majority of
> you voted for Gore, not for
> George Double-U. He got president
> because of an extremely outdated
> election system and because of a strong
> army of lawyers behind him and because
> of a lot of money to pay them (and the
> campaign).That is not what I consider a
> democratic election.Greetings from
> Germany, -
> Stephan.
Sure the election system in the US is somewhat
outdated and IMHO urgently needs an overhaul, but
the german system isn't better either. There you can
only vote for a party and they can post anyone they
like to be "president". So the names on the vote are
the party designated candidates, but no law is there if
the parties changed their minds after the election.
That isn't democratic either. The best out there seems
to be switzerland - the people vote and elect directly.
There are even votes for governement decisions to be
made, i.e. for cryptographics - they let the people vote
and the outcome is done. Now that's democratic.
Regards
UC
[reply]
[top]
[»]
crypto to mirror
by xercist - Sep 20th 2001 10:45:30
Munitions
! This is a great archive, doing exactly what you're talking about. I
suggest if you want to help, start helping them out by putting up more
mirrors.
OpenSSL (OpenSSH too perhaps)
SSLeay
GPG/PGP
Everything under the following freshmeat categories:
Old Appindex :: Console ::
Encryption
Old Appindex :: X11 ::
Encryption
[reply]
[top]
[»]
wtf?
by rebby - Sep 20th 2001 10:42:40
here is what confuses me... what's going to stop a (potential) terrorist
from using an older version of crypto w/out back doors??? i realize that
eventually it will be broken but until then....
--
Curt Rebelein, Junior -- http://rebby.com/
[reply]
[top]
[»]
Re: wtf?
by xercist - Sep 20th 2001 10:47:12
> here is what confuses me... what's going
> to stop a (potential) terrorist from
> using an older version of crypto w/out
> back doors??? i realize that eventually
> it will be broken but until then....
The Law, of course. Terrorists will abstain from using strong crypto
because it is illegal, and they don't want to break the law. Makes sense
to me.
[reply]
[top]
[»]
Re: wtf?
by linuxlizard - Sep 21st 2001 14:01:19
> here is what confuses me... what's going
> to stop a (potential) terrorist from
> using an older version of crypto w/out
> back doors??? i realize that eventually
> it will be broken but until then....
Who needs complicated software? All they have to do is correctly use a
one-time pad and the spooks can't do a thing to decrypt it.
I think I have a perfect compromise for these encryption banning yahoos.
Tell you what folks, let's register all the handguns and THEN I'll let the
government escrow my encryption keys.
[reply]
[top]
[»]
Crypto Programs
by Brother Mordecai - Sep 20th 2001 06:20:49
Where is the list of files to be kept? Things like PGP, GPG are already
mirrored outside of the US... what else should people mirror?
[reply]
[top]
[»]
Re: Crypto Programs
by Mokka - Sep 20th 2001 07:28:50
> Where is the list of files to be kept?
http://jya.com/crypto-free.htm & htttp://cryptome.org/
There you have some url's
--
Cheers,
Raymond
[reply]
[top]
[»]
So what countries are "sane"?
by Rev. Adam Tauno Williams - Sep 20th 2001 06:08:21
What countries do have sane laws about things like crypto? And possibly
even more importantly, laws about such things that don't sway with the
slightest political breeze? What nations don't arrest teen-agers for
writing code to watch legally purchased DVDs? Or programmers for writing
code to process a file format? If not many of the EU nations, and not the
USA, then where? (And who knows, at this point I'm so disgusted with how
little "Americans" care about such issues I might just up and
immigrate).
[reply]
[top]
[»]
Re: So what countries are "sane"?
by Lord of the Files - Sep 20th 2001 09:32:54
> What countries do have sane laws about
> things like crypto? And possibly even
> more importantly, laws about such things
> that don't sway with the slightest
> political breeze? What nations don't
> arrest teen-agers for writing code to
> watch legally purchased DVDs? Or
> programmers for writing code to process
> a file format? If not many of the EU
> nations, and not the USA, then where?
> (And who knows, at this point I'm so
> disgusted with how little
> "Americans" care about such
> issues I might just up and immigrate).
I think Germany is very good that way.
[reply]
[top]
[»]
Re: So what countries are "sane"?
by Jonas Koch Bentzen - Sep 20th 2001 10:02:36
> What countries do have sane laws about
> things like crypto?
Denmark, I think. And probably the other
Scandinavian countries as well.
[reply]
[top]
[»]
Re: So what countries are "sane"?
by Harri Haataja - Sep 21st 2001 05:26:15
>
> > What countries do have sane laws
> > about
> > things like crypto?
>
> Denmark, I think. And probably the
> other
> Scandinavian countries as well.
>
I'm fairly certain Finland is and there's a load of crypto software hosted
on Swedish universities' servers.
I suppose Canada would be as well, given the success of OpenBSD back in
the even worse days.
[reply]
[top]
[»]
Re: So what countries are "sane"?
by Chris Norris - Sep 20th 2001 15:44:31
> What countries do have sane laws about
> things like crypto? %endquote%
Canada. Infact some Canadain companies have exported strong encryption to
China.
Canadian
cryptography export summary
[reply]
[top]
[»]
Re: So what countries are "sane"?
by CowboyFromHell - Sep 20th 2001 21:03:00
That's why I like my country so much. we don't have any laws about it
yet!!! Welcome to Argentina!
>
> % What countries do have sane laws
> about
> % things like crypto?
>
> Canada. Infact some Canadain companies
> have exported strong encryption to
> China.
>
> Canadian cryptography export summary
>
[reply]
[top]
[»]
Re: So what countries are "sane"?
by miranda - Sep 20th 2001 19:28:31
> What countries do have sane laws about
> things like crypto? And possibly even
> more importantly, laws about such things
> that don't sway with the slightest
> political breeze? What nations don't
> arrest teen-agers for writing code to
> watch legally purchased DVDs? Or
> programmers for writing code to process
> a file format? If not many of the EU
> nations, and not the USA, then where?
> (And who knows, at this point I'm so
> disgusted with how little
> "Americans" care about such
> issues I might just up and immigrate).
Have you ever heard of Sealand? They're a country
(albeit very, very small) which is independent from
almost every digital law currently in effect in other
countries. A quote from their site: "Sealand has no
laws governing data traffic..." Check out their site at:
http://www.sealandgov.com/
as well as the ISP that resides on the island
(HavenCo.):
http://www.havenco.com/
[reply]
[top]
[»]
Re: So what countries are "sane"?
by Egil Moeller - Sep 21st 2001 11:55:42
Unfourtunately, it isn't anywhere near gratis to
host something there. So hosting Free
Software/Open Source Software there is more or
less out of the question.
Sweden seems to be at least partly OK - kerberos
lives at kth.se...
Any suggestions for software packages to mirror
anyway (no one have sugge4sted any higher up in
the thread anyway)?
--
PGP Public key
[reply]
[top]
[»]
Re: So what countries are "sane"?
by miranda - Sep 21st 2001 12:14:16
> Any suggestions for software packages
> to mirror
> anyway (no one have sugge4sted any
> higher up in
> the thread anyway)?
>
Well, besides the base stuff (PGP, OpenSSL, SASL,
kerberos, SSH (what libs does it use?), etc.), I'm not
100% sure. I don't usually follow cryptography-related
info that much, unless I need crypto libraries or
packages for use with other software. I've heard, once
or twice, about a kernel-level filesystem encryption
package before, so you might add that to the list.
[reply]
[top]
[»]
Too late ...
by Xavier Bestel - Sep 20th 2001 05:13:06
I would *love* to help, believe me, but ...
... I live in France, where real crypto is considered as a war weapon. So
it's not legal here too.
[reply]
[top]
[»]
Re: Too late ...
by Yann (Meuh!) Droneaud - Sep 20th 2001 07:23:50
> I would *love* to help, believe me, but
> ...
>
> ... I live in France, where real
> crypto is considered as a war weapon. So
> it's not legal here too.
There was a law project to free encryption (currently limited to 128bits
algorithm),
but with the new position in USA, i wondering what will happen to
this.
Add to this the software patent, and you will found a nice place for
freedom ...
Liberté Egalité Fraternité
==> Freedom Equality Fraternity
--
Meuh!
[reply]
[top]
[»]
freedom
by nikon - Sep 20th 2001 00:17:01
freedom for all...
[reply]
[top]
[»]
Re: freedom
by Derek J Witt - Oct 26th 2001 21:29:14
> freedom for all...
I am appalled by my own Senator from Kansas (Sam Brownback). He supports
another bill that would give large corporations the power to monopolize
certain industries. I do not know the exact bill number, but I have put my
response to this atrocious attack on OpenSource and computer security at my page.
The Computer Securities Act (the latest episode)will hurt many computer
programmers that program under Linux and other open OS's. This will
virtually make crypography illegal within the U.S.
This is clearly in strong violation of the Constitution. This can possibly
violate the 1st (Cryptography is cosidered free speech in my opinion) and
5th (Potentially incriminating oneself even if innocent-- that be the 4th
Amendment though) Amendments.
I urge everyone to contact their Congressmen to bring this bill down.
Thank you for your time.
--
"Houston, the Eagle has landed and laid an egg!"
[reply]
[top]
|
