New MI5 Code Cracking Unit (Times 00-06-12)New MI5 Code Cracking Unit (Times 00-06-12)
http://www.the-times.co.uk/news/pages/Times/frontpage.html?1124027 The Times [London], Monday, 12 June 2000 New MI5 Unit to Crack Criminal Computer Codes By Michael Evans, Defence Editor A special codebreaking organisation is to be set up inside the headquarters of MI5 to crack encrypted communications and computer discs belonging to suspected organised criminals and terrorists. The new centre, which will begin to recruit expert codebreakers soon, will cost about £25 million over the next few years, and has already been budgeted for by the Home Office. It is one of the elements of the Government's Regulation of Investigatory Powers Bill which is to begin the committee stage in the House of Lords today. Under the Bill's proposals, law enforcement agencies will be entitled to request the code keys for encrypted e-mails and Internet networks from the service providers if an individual or company refuses to hand over a decrypted version of a message. The new facility, to be accommodated inside Thames House, MI5's headquarters near Lambeth Bridge, will be called the Government Technical Assistance Centre. A Home Office official said it would handle all the legally acquired material and would be responsible for looking after the keys to coded messages for the period of the criminal investigation. However, in cases where it was not possible to obtain the keys to the codes, the staff at the centre would be expected to try to break the codes, the Home Office official said. "They will need to be talented codebreakers," the official added. The Bill has been introduced partly to take into account the huge developments in communications technology which will increasingly provide criminals and terrorists with secure methods of sending messages. Most e-mails are not coded at present but new technology will make it easier to hide messages with complex encryption techniques. The Bill also embraces previous interception and surveillance legislation to ensure that all such powers are in line with the Human Rights Act which comes into force in October. The Government has been accused of introducing a "Big Brother" Bill to give the police and other agencies unlimited powers to monitor e-mails and other forms of encrypted communications, and to increase intrusive surveillance. Although this has been denied by ministers, the House of Lords is expected to call for amendments to the Bill to ensure that privacy rights both for individuals and for the growing e-commerce industry are not compromised. The Government Technical Assistance Centre will be run by the National Criminal Intelligence Service but will operate from inside Thames House because of its high security. The recruited experts will have to be given the highest level of security clearance. Under the Bill, MI5 will also for the first time be subject to statutory controls when applying for warrants to eavesdrop on private conversations and for running agents because of the perceived risk that such covert methods of surveillance might breach the Human Rights Act, which will incorporate into British law the European Convention on Human Rights. Although MI5 is obliged to seek a warrant for covert intrusive investigative techniques under existing procedures, these methods are not covered by any statutory control. If the Bill is given Royal Assent by October, MI5's "watcher" branch which follows suspected terrorists, spies and others posing a threat to national security will have to function within the terms of the new legislation, ensuring that during surveillance missions its operatives do nothing that might lead to a challenge under the Human Rights Act. A judge is to be appointed to the new post of Covert Investigations Commissioner to provide oversight of all such operations. The new regulations will cover not only the police, National Crime Squad, the security and intelligence services and Customs Excise, but also a whole range of agencies and Government departments. Copyright 2000 Times Newspapers Ltd.
EFCE Prelim Programme
--- begin forwarded text Date: Mon, 12 Jun 2000 01:11:58 -0400 (AST) From: Ian Grigg [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: EFCE Prelim Programme Cc: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] List-Subscribe: mailto:[EMAIL PROTECTED] EFCE 2000 - Preliminary Programme The First Edinburgh Financial Cryptography Engineering Conference 23-24 June 2000, Edinburgh, Scotland __ / \ /\ |Keynote by Ir. Simon Lelieveldt | | | |Lessons from the history of Dutch Payment Systems | | | | A walk through Dutch payments history, | | including the Amsterdam Exchange Bank | | (1608), the Municipal Giro 1916, and | | on to the most competitive chipcard | | money environment in the world today. | \/ \__/ "E-Commerce is Financial Cryptography" Friday - Day 1 - 23rd June Ir. Simon Lelieveldt - Keynote, see above. Edwin Woudt - Financial contracts with OpenPGP. A format for signed and parsable contracts that is suitable for describing online instruments. Amir Herzberg - IBM Micropayments as a basis for ecommerce interoperability. Neil Garner - MAOSCO. Downloading digital IDs securely onto blank MULTOS cards and then using the ID to complete non- repudiable transactions. (lunch) Invited Financial Cryptography speaker Douglas Jackson - e-gold Ltd, the leading online currency reserved in physical metal, will be shown transacting over POS devices such as WAP phones. Ian Grigg - WebFunds, a Java application that acts as a host and platform for payment systems such as SOX, and user features such as email payments. Saturday - Day 2 - 24th June Rachel Willmer - the Intertrader CashBox. A payment management system which supports Internet loading and spending of a variety of Internet payment types, including the Mondex smartcard. Seen in action controlling Internet access, puchasing mail order goods, gaming, offering currency exchange... Ben Laurie - Wagner blinding in a Java toolkit as a basis for privacy-protected online currencies. Tyler Close - IPOs over E-rights. Listings on the ferex.com exchange, as an example of application design within the E environment. (lunch) Scott Moskowitz - Trusted Transactions: digital watermarking using steganographic ciphering techniques. Victor Dostov - PayCash is a new cash-like software payment system using a blinded formula, all invented and developed in Russia. For any questions on the above programme, or new proposals, please email iang at systemics.com. This conference is an informal gathering of peers, the programme will change dynamically. Please check http://www.efce.net/programme.html for the latest version. WHERE DO I FIND OUT MORE http://www.efce.net/ HOW DO I REGISTER? GBP 200 for presenters of running FC code, GBP 500 for delegates. MORE QUESTIONS? Please mail [EMAIL PROTECTED] SPONSORSHIP The founding sponsors of EFCE 2000 are: Consult Hyperion http://www.consult.hyperion.co.uk/ The Internet Bearer Underwriting Corporation http://www.ibuc.com/ Intertrader http://www.intertrader.com/ Systemics http://www.systemics.com/ --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
EFCE Prelim Programme
--- begin forwarded text Date: Mon, 12 Jun 2000 01:11:58 -0400 (AST) From: Ian Grigg [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: EFCE Prelim Programme Cc: [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Sender: [EMAIL PROTECTED] List-Subscribe: mailto:[EMAIL PROTECTED] EFCE 2000 - Preliminary Programme The First Edinburgh Financial Cryptography Engineering Conference 23-24 June 2000, Edinburgh, Scotland __ / \ /\ |Keynote by Ir. Simon Lelieveldt | | | |Lessons from the history of Dutch Payment Systems | | | | A walk through Dutch payments history, | | including the Amsterdam Exchange Bank | | (1608), the Municipal Giro 1916, and | | on to the most competitive chipcard | | money environment in the world today. | \/ \__/ "E-Commerce is Financial Cryptography" Friday - Day 1 - 23rd June Ir. Simon Lelieveldt - Keynote, see above. Edwin Woudt - Financial contracts with OpenPGP. A format for signed and parsable contracts that is suitable for describing online instruments. Amir Herzberg - IBM Micropayments as a basis for ecommerce interoperability. Neil Garner - MAOSCO. Downloading digital IDs securely onto blank MULTOS cards and then using the ID to complete non- repudiable transactions. (lunch) Invited Financial Cryptography speaker Douglas Jackson - e-gold Ltd, the leading online currency reserved in physical metal, will be shown transacting over POS devices such as WAP phones. Ian Grigg - WebFunds, a Java application that acts as a host and platform for payment systems such as SOX, and user features such as email payments. Saturday - Day 2 - 24th June Rachel Willmer - the Intertrader CashBox. A payment management system which supports Internet loading and spending of a variety of Internet payment types, including the Mondex smartcard. Seen in action controlling Internet access, puchasing mail order goods, gaming, offering currency exchange... Ben Laurie - Wagner blinding in a Java toolkit as a basis for privacy-protected online currencies. Tyler Close - IPOs over E-rights. Listings on the ferex.com exchange, as an example of application design within the E environment. (lunch) Scott Moskowitz - Trusted Transactions: digital watermarking using steganographic ciphering techniques. Victor Dostov - PayCash is a new cash-like software payment system using a blinded formula, all invented and developed in Russia. For any questions on the above programme, or new proposals, please email iang at systemics.com. This conference is an informal gathering of peers, the programme will change dynamically. Please check http://www.efce.net/programme.html for the latest version. WHERE DO I FIND OUT MORE http://www.efce.net/ HOW DO I REGISTER? GBP 200 for presenters of running FC code, GBP 500 for delegates. MORE QUESTIONS? Please mail [EMAIL PROTECTED] SPONSORSHIP The founding sponsors of EFCE 2000 are: Consult Hyperion http://www.consult.hyperion.co.uk/ The Internet Bearer Underwriting Corporation http://www.ibuc.com/ Intertrader http://www.intertrader.com/ Systemics http://www.systemics.com/ --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
GNU Privacy Guard license question
-BEGIN PGP SIGNED MESSAGE- from the documentation for GnuPG: http://www.gnupg.org/gph/en/pgp2x/t1.html | Note: Using the extension modules idea.c and rsa.c without licensing the | patented algorithms they implement may be illegal. I do not recommend | you use these modules. If you have PGP 2.x keys, I suggest you revoke | them in favor of new keys and encourage correspondents who use PGP 2.x | keys to do the same. Is this right? If one obtained PGP 2.x legally, and used RSA and IDEA in conformance with the original license for personal use, would that license permit the use of the older PGP keys with Gnu Privacy Guard? I don't have a copy of the old PGP license around. I presume one could continue to use PGP 2.x indefinitley under the old license. Will this change in a couple of months when the RSA paptent expires? -BEGIN PGP SIGNATURE- Version: PGP 6.5.3 Comment: RSA 1024 key iQCVAwUBOUT8DF3wG27m1aM1AQEVOQQAn/M9+HfuKqRTJMA9LHlNhxizWndUdVFB lImSGWmd8rqEqyPCS6KlyLF0IK9Hz+Sz9+6LywaTcpibTDZWhzQqoefg4ty3vbYB AGZ2upZBOlVB7NKFN33w/g8EA3OszRfzVEKKWVEmWvZvcgm6WxbMBdLr+ax0lxKr HF0I1y98DN4= =Afey -END PGP SIGNATURE-
Easy Listening (for Big Brother)
Forwarded from Interesting People -- Perry E. Metzger[EMAIL PROTECTED] -- "Ask not what your country can force other people to do for you..." --- Start of forwarded message --- Date: Mon, 12 Jun 2000 17:12:26 -0700 From: Dave Farber [EMAIL PROTECTED] Subject: IP: Easy Listening (for Big Brother) Date: Mon, 12 Jun 2000 18:06:48 -0600 To: Dave Farber [EMAIL PROTECTED] From: Brett Glass [EMAIL PROTECTED] Subject: Easy Listening (for Big Brother) EDITORIAL: The opinion of the Mercury News EASY LISTENING: Government must rewrite cell phone eavesdropping rules to provide judicial oversight and incorporate privacy concerns SIX years ago, Congress approved a bill to help law enforcement keep pace with the digital world. The purpose was straightforward: Make sure that the FBI and police hold onto the same kind of wiretapping capabilities they had before cellular phones complicated electronic surveillance. Skip ahead to this month. Within weeks, the government will have new powers to eavesdrop on you that go beyond maintaining the status quo. That's when the first set of defective rules crafted by the Federal Communications Commission is scheduled to be implemented. Others take effect next year. The rules need to be revised. If not, law enforcement agencies will be able to follow and monitor cellular phone users in ways that Congress never envisioned. Here's one example: Investigators will be able to track the physical locations of cellular phone users, pinpointing your whereabouts at the beginning and end of every call. In essence, wireless phone systems will be transformed into giant tracking networks http://www.mercurycenter.com/premium/opinion/edit/CELLPHONES.htm --- End of forwarded message ---
Re: GNU Privacy Guard license question
At 11:30 AM 06/12/2000 -0400, P.J. Ponder wrote: from the documentation for GnuPG: http://www.gnupg.org/gph/en/pgp2x/t1.html | Note: Using the extension modules idea.c and rsa.c without licensing the | patented algorithms they implement may be illegal. I do not recommend | you use these modules. If you have PGP 2.x keys, I suggest you revoke | them in favor of new keys and encourage correspondents who use PGP 2.x | keys to do the same. Is this right? If one obtained PGP 2.x legally, and used RSA and IDEA in conformance with the original license for personal use, would that license permit the use of the older PGP keys with Gnu Privacy Guard? RSA and IDEA are totally separate issues. I don't know when the IDEA patent expires (probably randomly different in Switzerland, the US, and elsewhere), but you're bound by whatever limits the old license used. RSA patent expires this summer (Yay!) But code that's based on RSAREF is covered by copyright, so it's still limited by the RSAREF license. If you're using non-RSAREF code, it goes free when the patent expires. So use the non-RSAREF versions. As far as the older keys go, you'll be able to use RSA keys after the patent expires, so if you don't need IDEA, e.g. for signatures, or for non-IDEA encryption, you're fine. Also, remember that MD5 is pretty dodgy these days, so you'll want to convert to SHA-1 forms as soon as possible. I don't have a copy of the old PGP license around. I presume one could continue to use PGP 2.x indefinitley under the old license. Yup. Thanks! Bill Bill Stewart, [EMAIL PROTECTED] PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639