[FYI] Intelligence agencies and police want to get access to encrypted messages
http://www.heise.de/tp/english/inhalt/te/7571/1.html - CUT --- Dutch government puts Trusted Third Parties under pressure Jelle van Buuren 08.05.2001 Intelligence agencies and police want to get access to encrypted messages Dutch law enforcement authorities are forcing Trusted Third Parties (TTP's) to use key escrow or key recovery techniques, which make it possible for law enforcement to decrypt encrypted messages. The law enforcement authorities want to get access to encrypted Internet messages, according to secret documents revealed by the Dutch digital rights movement Bits of Freedom. Trusted Third Parties (TTP's) are independent organisations, which offer services to enhance the security and reliability of electronic communication. TTP's, for instance banks, accountants, telecommunication companies or public notaries, use cryptography to prove the authenticity of communication and secure the confidentiality of communication. [...] - CUT --- - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
[FYI] (Fwd) Crypto Blamed for US terrorist attack - World Exclusive
--- Forwarded message follows --- Date sent: Wed, 12 Sep 2001 05:15:15 +0100 To: [EMAIL PROTECTED] From: Bruce Tober [EMAIL PROTECTED] Subject:Crypto Blamed for US terrorist attack - World Exclusive Send reply to: [EMAIL PROTECTED] That's the headline I picture on all the tabloids within a fortnight, with the subhead: Government Ministers to Ban E-mail Encryption (except under strict licensing) And that will be in the US, the UK and throughout most of the rest of the world. Comments? -- | Bruce Tober, [EMAIL PROTECTED], Freelance Journalist, | | My Website http://www.star-dot-star.co.uk/ | | Birmingham, UK, EU +44-780-374-8255 (Mobile) +44-1562-638-704 (Landline) | --- End of forwarded message --- - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: How to ban crypto?
On 16 Sep 2001, at 17:26, Peter Fairbrother wrote: Any other suggestions for how to ban crypto? I can't think of anything that would actually work against terrorists. Hmmm... we should be careful not to restrict the discussion of potential (non-)effects of coming restrictive legislative measures with regard to cryptography to pure technical aspects thereof. For example, I am working in Germany as a Patent Attorney. During the past years I managed to convince a handful of clients and colleagues to make use of PGP in order to protect confidential information when sending e-mail messages. Of course, if PGP would be banned in Germany by some legislation I would not be able to recommend any client or colleague to continue with PGP usage. I for myself would have to cease PGP usage immediately. Besides criminal charges, it would be an offence in violation of the applicable professional code of conduct, and I surely would get a lot of trouble if I would exercise non-compliance in conjunction with my professional activities. Maybe that I would lose my professional admission (in Germany, Patentanwalt is a strictly regulated profession). Other professional users would also effectively be forced to cease PGP usage by similar mechanisms. So a ban on strong crypto might indeed very effective among professional users where economical aspects are at stake. Nevertheless, a ban of non-GAK strong crypto would not be a suitable measure to fight terrorism. It would only stabilize the present SIGINT hybris. Axel H Horns - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
[FYI] FITUG urges political leaders to defend citizens' freedoms
http://www.fitug.de/news/pes/fitug-010918.en.html --- CUT - FITUG e.V. Förderverein Informationstechnik und Gesellschaft FITUG urges political leaders to defend citizens' freedoms Tuesday's terrorist attacks were not only targeting human lives, but also the basic values of open societies. In these dark hours of grief and wrath, political leaders are called upon to protect both: Citizens' lives and citizens' freedom. Terrorists' attack on open societies cannot be completed but with help from ourselves, and from our political leaders. This must not happen. In the ongoing debate on how terrorism is best fought, one option proposed by certain circles comprieses strenghtening signal intelligence capabilities. According to these circles, the eavesdropping capabilities available to law enforcement and the intelligence community are insufficient for uncovering and monitoring communication of today's distributed and highly organized groups of terrorists and criminals. Availability of virtually unbreakable encryption products to the general public is perceived as a major obstacle in the current battle against terrorism. This perception is highly misleading. Any legislative activity based on it will inevitably fail to reach its goal. Instead, such activity would undermine basic values of free and open societies, such as citizens' right to privacy and private communication. Such legislative activity would ignore the ample evidence that the problem of today's intelligence is not a lack of signal intelligence, but a lack and neglection of human intelligence and intelligent interpretation of the material collected. Even the most sophisticated signal interception technology available will hardly be able to thwart stone age style secure channels used by terrorists, such as human couriers and confidential face-to-face meetings. Cryptography is a key enabling technology for a safe information society. Obstructing the use of practically unbreakable encryption as a means of securing electronic communications will make our modern, information-based economies and societies even more susceptible to cyber criminals' and terrorists' attacks. Stopping the spread of strong cryptography would amount to blasting holes into the civilized world's already-thin defense shield against digital harm. We therefore urge political leaders and policy-makers not to restrict citizens' and businesses' freedom to communicate privately, using the best technology available. Our societies and economies need this technology and its widespread use in order to defend against tomorrow's digital attacks. About FITUG FITUG creates connections to the virtual world of new media and data networks. From our statues: The association's purpose is the fostering of the integration of new media with society, public education about technologies, risks, and dangers of these media, and the fostering of human rights and consumer interests with respect to computer networks. FITUG is a member of the Global Internet Liberty Campaign (GILC). --- CUT - - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
[FYI] Man jailed over Enigma machine
http://news.bbc.co.uk/hi/english/uk/newsid_1609000/1609168.stm CUT - Friday, 19 October, 2001, 16:54 GMT 17:54 UK Man jailed over Enigma machine The Enigma machine was one of only two in the world A former antiques dealer has been jailed for 10 months for handling a stolen wartime Enigma encoding machine. [...] CUT - - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
[FYI] How the terror trail went unseen
http://www.heise.de/tp/english/inhalt/te/9751/1.html --- CUT - How the terror trail went unseen Duncan Campbell 08.10.2001 Scientists and politicians row over whether it was planned using hi- tech or lo-tech Investigations into how the terror attackers managed to evade detection are producing the unusual situation that statements from the FBI have become more trustworthy than those in the press. In two successive briefings, senior FBI officials have stated that the agency has as yet found no evidence that the hijackers who attacked America used electronic encryption methods to communicate on the internet. But this has not prevented politicians and journalists repeating lurid rumours that the coded orders for the attack were secretly hidden inside pornographic web images, or from making claiming that the hijacks could have been prevented if only western governments had been given the power to prevent internet users from using secret codes. The latest evidence from the FBI suggests that the hijackers easily hid under the noses of the American government, not by using advanced technology but by being as American as apple pie. [...] --- CUT - - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
[FYI] Dutch Government wants to regulate strong cryptography
http://www.heise.de/tp/english/inhalt/te/9763/1.html - CUT - Dutch Government wants to regulate strong cryptography Jelle van Buuren 09.10.2001 Action plan to combat terrorism targets modern communication technologies The Dutch Government announced Friday it wants to regulate the public use of strong cryptography. The regulation of cryptography is one of the measures the government is proposing in its action plan to combat terrorism. [...] - CUT - - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: PGP GPG compatibility
On 3 Jan 2070, at 9:41, Nicholas Brawn wrote: What's the state of the game with PGP and GPG compatibility? Interesting question. I'm using PGP 6.5.8 for my professional confidential e-mails and sometimes I get complaints from GnuPG users saying they can't use my Pubkey. Currently I'm preparing an article on Internet security issues related to the businesses of attorneys-at-law and patent attorneys. In this context, it is already a hard job to promote usage of e-mail encryption, and such incompatibilities between various versions of PGP and GnuPG marke it even harder. Is there any URL available where I might get more detailed info? Thanks. Regards, Axel H Horns -- Patentanwalt Dipl.-Phys. Axel H Hornse-Mail [EMAIL PROTECTED] Web www.ipjur.com Voice ++49.89.30630112 Fax ++49.89.30630113 My PGP RSA Key ID = 0xD8433289 http://www.ipjur.com/pubkey.php3 PGP Pubkey Fingerprint C5D2 5E53 D241 4988 17E4 904D 9467 31BC - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
[FYI] Encryption in Company Networks Foiled
http://www.heise.de/english/newsticker/data/anw-26.02.02-007/ CUT - Encryption in Company Networks Foiled The encrypting of e-mails in company networks is foiled if it is done in a Microsoft Exchange/Outlook 9x/200x environment. In a POP3/IMAP4 environment this is not the case. In answer to a question by heise online Microsoft confirmed that appended files encrypted with crypto plug-ins are transmitted in an unencrypted form from client to server even when the encryption function of the plug-in has been activated. [...] CUT - - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
[FYI] (Fwd) FC: Senate Democrats love SSSCA -- but GOP says not so fast
See also http://www.theregister.co.uk/content/54/24262.html --- CUT Senator brutalizes Intel rep for resisting CPRM By Thomas C Greene in Washington Posted: 01/03/2002 at 14:41 GMT Entertainment industry lapdog Senator Fritz Hollings (Democrat, South Carolina) lashed out at Intel executive VP Leslie Vadasz who warned that the copy-protected PCs Hollings is obediantly promoting on behalf of his MPAA and RIAA handlers would stifle growth in the marketplace. We do not need to neuter the personal computer to be nothing more than a videocassette recorder, Vadasz said in testimony before the Senate Committee on Commerce, Science and Transportation Thursday. [...] --- CUT --- Forwarded message follows --- Date sent: Fri, 1 Mar 2002 11:23:11 -0500 From: Declan McCullagh [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject:FC: Senate Democrats love SSSCA -- but GOP says not so fast Send reply to: [EMAIL PROTECTED] Politech archive on Sen. Hollings' SSSCA: http://www.politechbot.com/cgi-bin/politech.cgi?name=sssca Letter from SSSCA opponents: http://www.politechbot.com/docs/sssca.opponents.letter.022702.html Intel letter to Hollings: http://www.politechbot.com/docs/intel.hollings.letter.022802.html Draft text of the SSSCA: http://www.politechbot.com/docs/hollings.090701.html --- http://www.wired.com/news/politics/0,1283,50754,00.html By Declan McCullagh ([EMAIL PROTECTED]) and Robert Zarate 2:00 a.m. March 1, 2002 PST WASHINGTON -- A Senate debate over embedding copy protection controls in all consumer electronic devices took a sharply partisan turn on Thursday. During a packed hearing before the Senate Commerce Committee, Democrats appeared far more eager for the government to intervene in what has become a highly visible tussle between Silicon Valley, which advocates a laissez-faire approach, and the Hollywood firms lobbying Congress to step in to prevent piracy. When Congress sits idly by in the face of these activities, we essentially sanction the Internet as a haven for thievery, committee chairman Fritz Hollings (D-South Carolina) told a panel of witnesses that included Walt Disney chairman Michael Eisner, News Corp. President Peter Chernin and Intel Executive Vice President Leslie Vadasz. [...] We might need to legislate, said Sen. John Kerry (D-Massachusetts), though he emphasized that he would prefer the private sector reach an agreement on how to protect copyrighted electronic content. Unfortunately, one issue seems close to an impasse -- how do we keep files from being illegally shared and distributed over the Internet? complained Sen. Barbara Boxer (D-California). Republicans appeared much more skeptical of the SSSCA -- which is, after all, championed by a Democratic committee chairman -- and argued legislation would be too interventionist. In the 2000 election cycle, the entertainment industry gave Democrats a whopping $24.2 million in contributions compared to $13.3 million to Republicans, according to figures compiled by opensecrets.org. [...] -- --- POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. Declan McCullagh's photographs are at http://www.mccullagh.org/ To subscribe to Politech: http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ -- --- --- End of forwarded message --- - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
[FYI] How we can save PGP - Zimmermann
http://www.theregister.co.uk/content/54/24336.html -- CUT --- How we can save PGP - Zimmermann By Andrew Orlowski in San Francisco Posted: 08/03/2002 at 07:44 GMT PGP inventor Phil Zimmermann says PGP can be saved, and has outlined how in an interview with The Register yesterday. PGP is an institution that's bigger than any single company, or codebase, or product, says Zimmermann. It's in limbo right now, and limbo is a bad place to be. Network Associates Inc wrote to customers last week informing them that it was ceasing development on PGP Desktop, and while promising to honor existing support contracts, said no bugfixes or updates would be issued. PGP staff were being transferred to Network Associates other business units. The company, which bought PGP Inc in 1997 for $36 million announced it wanted to find a buyer for PGP last November, but hasn't found an acceptable offer yet. Zimmermann said he wanted NAI to release the source code, suggesting a Berkeley-style license, and hoped to encourage development around the Open PGP standard: The demise of the PGP business unit at NA is not the demise of the open PGP standard; there are other companies that implement the product that use the standard. Go to OpenPGP.org and you'll find a lot of concerned people that want to fill this niche. Anyone interested in helping should contact me, he added. Zimmermann said he'd welcome a big name sponsor - we suggested an Apple, or an HP - to back OpenPGP development. Right now, he admitted, the free software versions needed a slick GUI to bring them up to the fit and finish of the PGP equivalents. PGP's Desktop, a slick and well-regarded personal privacy suite which included an encrypted file system for Windows and the Macintosh, and integration with ICQ, is no longer available for download, and you can't find anything except the enterprise products at PGP's evaluation page. This leaves Mac OS X and Windows XP users in a fix, as the current PGP products aren't compatible with the new operating systems. And what's scandalous is that NAI has OS X and XP-ready versions, but won't ship them. Zimmermann first published Pretty Good Privacy in 1991, and left Network Associates a year ago. He declined to comment on NAI's stewardship of the software, although Register readers, including many PGP users, haven't been nearly so diplomatic. It's a good time to remind NAI of its responsibilities to its customers, to the PGP community, and remind potential purchasers of the value of privacy software. ® -- CUT --- - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
[FYI] The implications of the UK Export Control Bill
http://www.heise.de/tp/english/inhalt/te/12191/1.html CUT Knowledge Transfer Controls and Academic Freedom Ashley Benigno 28.03.2002 The implications of the UK Export Control Bill A controversial bill that extends export controls on armaments from hardware to intangible goods is currently before the British Parliament. The Export Control Bill has been viewed by some quarters as carrying serious implications for academic freedom, by curtailing research and collaboration through the adoption of transfer controls and the introduction of a licensing regime. The aim of the Bill, as outlined in its introduction, is to make provision enabling controls to be imposed on the exportation of goods, the transfer of technology, the provision of technical assistance overseas and activities connected with trade in controlled goods; and for connected purposes. As defined in the Export Control Bill, 'technology' means information (including information comprised in software). In fact, one of the primary objectives of the Bill is to extend current export control laws that cover only physical goods to include intangibles such as software. While the Bill is seen by the Government as an additional tool in its fight against international terrorism, some academics view the proposed law as being so widely drawn that it would provide ministers with the power to review and suppress any scientific paper prior to its publication, and to license foreign students (not just at British Universities, but students taught by UK nationals anywhere in the world). According to Ross Anderson, a Cambridge University professor and chairperson of the Foundation for Information Policy Research, the effects of the Export Control Bill would be felt across the fields of science and technology, impacting both research and education: The new law would cover most of our research in computer science (fast networks, high performance computing, neural networks, real- time expert systems, hardware and software verification, reverse engineering, computer security, cryptography) and could even force a rewrite of lecture course and project material. The Department of Engineering would be hit by the listing of numerically controlled machine tools and fibre winding equipment, robots, optical amplifiers, software radios and aero engine control systems, as well as many lasers, gyros, accelerometers and similar components. The restrictions that previously only applied to physical hardware objects will be extended to the software used to design, test, control or operate them, or to integrate them into larger systems. The proposed law would also negatively impact transnational collaborative projects. A simple action such as sending an email to a foreign collegue relating to a research issue could end up requiring a special licence. Just like the teaching of many subjects to foreign students would fall under a licensing scheme. It is easy to envisage the administrative nightmare this would entail, the damaging effects on the overseas student contingent and on the development of academic work in general. In Anderson's opinion, opponents of the Bill may argue that while one may well decide to curtail long-established academic liberties because something bad has happened, it is excessive to do so because a bad thing might happen, but hasn't. (Al-Qaida isn't an excuse, unless even basic aerospace engineering is to be reclassified as a technology relevant to weapons of mass destruction). In the meantime, the Cambridge professor has proposed an amendment to the proposed law exempting research and teaching, which has received the backing of Universities UK and the Association of University Teachers. CUT - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]