Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

[P]
Preparation for impending U.S. crypto doom.

By DGolden in MLP
Wed Sep 19, 2001 at 10:48:51 PM EST
Tags: Freedom (all tags)
Freedom

It is becoming increasingly apparent that some people currently in power in the U.S. intend to clamp down on cryptographic technology, using the recent terrorist attack on the U.S. as an excuse. While they're busily dismantling the very freedom they claim to defend, it might be a good idea for concerned readers to head on over to cryptome.org, and start mirroring. Cryptome is specifically appealing for widespread non-US mirroring of its and other sites cryptographic and intelligence material, before it's too late.


Sponsors

Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure

Login

Related Links
o cryptome.o rg
o Also by DGolden


Display: Sort:
Preparation for impending U.S. crypto doom. | 15 comments (15 topical, editorial, 0 hidden)
Some people just don't get it. (3.71 / 7) (#1)
by Tezcatlipoca on Mon Sep 17, 2001 at 09:16:53 AM EST

Terrorists can fly planes, surely they will create their own cryptographic solutions. What is the US goverment going to do? Ask them for the back door?

US people, please tell your dear leaders to get a clue.

Somebody was complaining about people pushing agendas here in K5, well politicians are doing precisely that and those agendas are going to affect real people in real situations.


------------------------------------
"They only think of me as a Mexican,
an Indian or a Mafia don"
Mexican born actor Anthony Quinn on
Hol
It only gets worse... (4.16 / 6) (#3)
by rajivvarma on Mon Sep 17, 2001 at 09:51:17 AM EST

Hello:

I'm really scared about the (possible) backlash to open-source software: the government will want to institute back-doors in all the software programs, but they can only reliably do that to closed-source software; if they try to do it on open-source software, anyone can just edit a few lines of code to get rid of the back-door. Could this mean that the US government will want to limit the use of open-source software in the USA?
Rajiv Varma
Mirror of DeCSS.

[ Parent ]
You are correct! (3.87 / 8) (#8)
by pmacko on Tue Sep 18, 2001 at 12:23:34 AM EST

Without warning, the USian government will send out millions of agents across the world. They will creep into the homes and workplaces of all known Open Source Terrorists, and, when the sacred cell-phone of doom is dialed by Dubya, they will descend upon all Open Source Terrorists and kill them, even unto their sons sons, leaving nothing of the great Open Source Movement behind but worn copies of the sacred writings (the book of the camel, and oft-quoted but never opened tomes on design patterns by the big 4), and emptied chai/jolt/starbucks containers.

So run, all you stalwart sons of ESR. Run to the hills, taking all that which you need to survive. For what do you need that the forest can not provide? Craft your FreshMeat submissions in private. You can change the world with a few hundred lines of Perl code (or slightly more lines of Python). Be brave! Your world as you know it will soon come to an end! You must fight the evil oppressive U.S. Guvmint tooth and nail! Rally to the cause. Down with Microsoft! Up with Linux. Linus is god! There is no god but Linus! Rest not on the seventh day, but labor for more efficient MySQL queries. Struggle on, O stalwart soldiers of the Open Source Movement, O great protectors of the sacred OSDN flame, for code transcends all national boundaries, all religions, and in the end, is more important than life itself.

Remember that for every 2,500 clueless CS undergrads pumping out beautifully formatted but totally ineffectual Java code, there will be one saint - one holy being - the kind of being who can easily drink from the font of Knuth without confusion. Out of every 100 of these saints will come such a godlike coder that he/she will be able to convince the various septuagenarians in the USian government of the inherent evilness of closed-source code, and thus, a general pardon will be received for all rogue Open Source zealots who were forced into hiding by the great pogrom of 2001.

There. That's what you and people like you are looking for, right? Some confirmation that your life has some extra meaning (over and above all the 'ordinary' people who don't participate in the same interests as you do). Geeks-of-the-world-unite!

[ Parent ]
Remark: (2.00 / 4) (#9)
by rajivvarma on Tue Sep 18, 2001 at 12:41:36 AM EST

Hello:

Interesting response, pmacko! :) Actually, if you want to know, I am not a CS major, nor have I even installed Linux on my computer; I was just noting a possible problem that open-source software could face in the United States in the future.
Rajiv Varma
Mirror of DeCSS.

[ Parent ]
It is not a matter of self-importance. (3.00 / 1) (#11)
by Tezcatlipoca on Wed Sep 19, 2001 at 07:12:43 AM EST

Nicely written but you missed the point.

If you want to have absolute control of any cryptography scheme (or dreaming you are having control) that means that cryptography can not be implemented as open source. The back door has only a bit of credibility for the ignorant if authorities seem to be in full control, which can't happen if the code is open.


------------------------------------
"They only think of me as a Mexican,
an Indian or a Mafia don"
Mexican born actor Anthony Quinn on
Hol
[ Parent ]
Cryptography for terrorists (4.50 / 4) (#4)
by substrate on Mon Sep 17, 2001 at 09:58:14 AM EST

They don't even have to create their own solutions, they only need to use whats already out there. If cryptome.org is shut down that doesn't mean that other people, even people you really don't want to have cryptography, will no longer have the code.

[ Parent ]
Leaders? Clue? (3.00 / 1) (#14)
by phliar on Fri Sep 21, 2001 at 12:35:57 AM EST

US people, please tell your dear leaders to get a clue.
Some of us have been trying for a very long time! What's that they say about taking a horse to water?

Faster, faster, until the thrill of...
[ Parent ]

Bomb the ISPs? (4.14 / 7) (#2)
by LQ on Mon Sep 17, 2001 at 09:27:02 AM EST

According to this Register story, the UK's Daily Telegraph is suggesting
"The World Trade Centre outrage was co-ordinated on the internet, without question. If Washington is serious in its determination to eliminate terrorism, it will have to forbid internet providers to allow the transmission of encrypted messages - now encoded by public key ciphers that are unbreakable even by the National Security Agency's computers - and close down any provider that refuses to comply.
"Uncompliant providers on foreign territory should expect their buildings to be destroyed by cruise missiles. Once the internet is implicated in the killing of Americans, its high-rolling days may be reckoned to be over."

So everybody, US or not, just hand over your crypto keys to the CIA, or else! All us crazy cyber-anarchists are washed up.

Oh that's smart... (none / 0) (#12)
by bADlOGIN on Thu Sep 20, 2001 at 04:19:24 PM EST

Hmmm.. "transmission of encrypted messages".. there's a lot of small isp, some in shared buildings, so how about we go after some easy targets first:

How about Amazon.com? I transmitted an encrypted message just last week to place an order.

Wells Fargo and Citibank offer secured on-line account access, them too?

Oh I know! Yahoo and thier bill payer system!

Please. Somebody get the pen/microphone/whatever out of the hands of the technical illiterate that made the above statement before any more dammage is done. It's the voicing of ignorant opinions by so-called "journalists" that bring me to believe that periodical mass media is nothing more than a "Disinformation Superhighway". And the media wonder why people dislike them.

Blah.
Sigs are stupid and waste bandwidth.
[ Parent ]

Mirrors (4.40 / 5) (#5)
by Nyarlathotep on Mon Sep 17, 2001 at 10:47:26 AM EST

Can people post mirrors so that we do not need to hit their servers?

Campus Crusade for Cthulhu -- it found me!
It is impossible to ban crypto knowledge (3.71 / 7) (#6)
by Dievs on Mon Sep 17, 2001 at 10:48:33 AM EST

In my country, most of Comp-Sci and Math graduates would be able to implement one of many wide-known crypto algorithms that, given a large enough key, are uncrackable.
Anyone with even the slightest math and coding skills can encrypt/decrypt letters after reading a couple of pages of books that are publicly available at any university library.
And only in movies everything is crackable in a couple of days. There are many methods for which no top-notch cryptologists have found anything better than brute-force. And brute-force is useless against a sufficiently large key.

Enough with the irrational hysteria (4.09 / 11) (#7)
by sigwinch on Mon Sep 17, 2001 at 01:55:55 PM EST

Do you have the even the slightest proof of "impending doom"? Or are you just spewing hysteria that is entirely uninformed by both an understanding of intelligence gathering and any evidence of an actual crackdown?

From a strategic point of view, if the FBI can snoop a router at an ISP, so can the enemy, and the US economy these days depends heavily on the Internet. ISPs are *not* some magic domain of ultra-security that is being invaded by the FBI, they are reeking cesspools of 0WN3D boxes and poorly configured routers. If the FBI can invade your privacy, so can some 16 year old kid in Poland. The third or fourth wave of attacks in this war, if it continues that long, will be against the information infrastructure, and everybody in the business knows this. Expect to see mandatory cryptography for gov't contractors and selected strategic enterprises in a few years.

Crypto is a red herring anyway. The real value of Carnivore isn't the interception of conversations, it's *TRAFFIC ANALYSIS*. Traffic analysis lets you illuminate the entire enemy command structure from a single lead. Just sit back and watch people talk to each other; you don't care what they're saying. This means that so-called "onion routers" and anonymous remailers *WILL* be banned, but not plain old crypto.

Go look at the NSA homepage. What's that you see halfway down the page? Security-enhanced Linux. That's right, the spookiest of US gov't spook agencies is distributing open source security to the world from its home page.

--
I don't want the world, I just want your half.

Anonymous remailers (none / 0) (#13)
by phliar on Fri Sep 21, 2001 at 12:30:01 AM EST

Sigwinch writes:
The real value of Carnivore isn't the interception of conversations, it's *TRAFFIC ANALYSIS*. Traffic analysis lets you illuminate the entire enemy command structure from a single lead. Just sit back and watch people talk to each other; you don't care what they're saying. This means that so-called "onion routers" and anonymous remailers *WILL* be banned, but not plain old crypto.
The analysis is sound; but how will they ban anonymous remailers?

There will always be countries that - either because they don't want to toe the US party line, or have strong privacy attitudes, or harbour terrorists - that will have remailers. Scandinavian countries, Switzerland, Burma, Libya...

And then there's steganography. Person A sends a message with a JPEG file (pr0n, perhaps) to address B which is actually a remailer but looks like a regular address; it recovers the encrypted message, re-hides it in a different JPEG, sends it to Person C. When there is no message, random bits are sent so traffic volume remains relatively constant. This can be done right now, with no additional code required.

Faster, faster, until the thrill of...
[ Parent ]

Remailers (none / 0) (#15)
by sigwinch on Fri Sep 21, 2001 at 02:42:34 AM EST

The analysis is sound; but how will they ban anonymous remailers?
Like anything else: pass a law and arrest everybody who gets caught violating it. In fact, they can probably get ISPs to do their dirty work for them by threats.

And remember: the danger isn't that the bad guys will operate 500 anonymizers, it is that the good guys will operate 500,000 public legal anonymizers.

There will always be countries that - either because they don't want to toe the US party line, or have strong privacy attitudes, or harbour terrorists - that will have remailers.
Privacy != anonymity. And if it becomes a problem, those nations will be considered to support terrorists and will find themselves utterly without support should they come under terrorist attack. "We could've told you in time if only the terrorists weren't using your own perfectly legal anonymizers."
And then there's steganography.
Blantantly obvious if the subjects are under intense surveillance, at which point you come down like a ton of bricks on whoever is operating the remailer.

--
I don't want the world, I just want your half.
[ Parent ]

Information is free!! (4.50 / 2) (#10)
by yuri on Tue Sep 18, 2001 at 02:44:00 AM EST

Nevermind the "info wants to be free" chant, Information is free! Nothing can stop the free exchange of information. For those who truly want crypto, they will always be able to get it. Fact is that 99.9% of internet users do not need real crypto nor know how to implement it. Any laws passed will not be able to stop anyone from implementing their own system. Any laws reqiring back doors in commercially available browsers/communication devices will be met with secure devices/software/hacks. If you are concerned just start reading up on it.

Sorry but -1 from me. This is nothing to get your knicker in a twist about.

Y

Preparation for impending U.S. crypto doom. | 15 comments (15 topical, 0 editorial, 0 hidden)
Display: Sort:

kuro5hin.org

[XML]
All trademarks and copyrights on this page are owned by their respective companies. The Rest 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.

Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!