On Fri, 17 Sep 1999, Greg Broiles wrote:
> What scares me is the possibility that there won't even be an argument
> about whether or not a particular clump of ciphertext decodes to a
> particular bit of plaintext because I don't think it'll be possible to
> cross-examine prosecution witnesses about the way that they came into
> possession of what's purported to be plaintext. They won't need to say
> how they came into possession of the plaintext, because that would
> reveal their methods <. . . .>
On the other hand, if a defendant could show a possibility of a
violation of the 4th Amendment (quoted below), then they've got a
serious case. What we have been fretting about are a bunch of serious
4th Amendment violations. There's no two ways around it:
non-circumspect gathering of encrypted documents, or a keyboard
sniffer, or a processor protection by-pass, are all potential 4th
Amendment violations.
Now, I don't mean to wave a piece of paper and say that it's a magic
token that keeps me safe. However, what we are afraid of is illegal.
We don't have to pass any new laws. All we have to do is ensure that
the existing ones are enforced.
It all comes down to your threat model. Is the entity you're
protecting against capable of subverting your processor? Your
operating system? Your hardware configuration? If so, there's no
crypto that can protect you. You want to get scared? What if your
network controller chip was spying on the keyboard controller
accesses, and leaking the keystrokes in data appended beyond the
length of valid IP packets? Or into ICMP replies? I don't know of
any protocol analyzer that bothers to look at that data. Would you
notice or care if someone was pinging you? Some sites would, but most
wouldn't.
4th Amendment
The right of the people to be secure in their persons, houses,
papers, and effects, against unreasonable searches and seizures,
shall not be violated; and no warrants shall issue, but upon
probable cause, supported by oath or affirmation, and
particularly describing the place to be searched and the persons
or things to be seized.
--
-russ nelson <[EMAIL PROTECTED]> http://russnelson.com
Crynwr sells support for free software | PGPok | Government schools are so
521 Pleasant Valley Rd. | +1 315 268 1925 voice | bad that any rank amateur
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | can outdo them. Homeschool!
