|
encouraging PGP use (corrected), Response to Jerry
NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site.
Computer underground Digest Sun Oct 3 1993 Volume 5 : Issue 77
ISSN 1004-042X
Editors: Jim Thomas and Gordon Meyer ([email protected])
Archivist: Brendan Kehoe
Shadow-Archivists: Dan Carosone / Paul Southworth
Ralph Sims / Jyrki Kuoppala
Ian Dickinson
Copie Editor: Etaoin Shrdlu, III
CONTENTS, #5.77 (Oct 3 1993)
File 1--encouraging PGP use (corrected)
File 2--Response to Jerry Leichter in re Moby Crypto
File 3--EFF RESPONDS TO PGP CASE
File 4--Summary of BBLISA meeting (CuD 5.75)
File 5--E-Jrnl of Virtual Culture--Gender Issue Call For Papers
File 6--B. Sterling's Keynote address at EFF/EFF-Austin Crypt Conf
File 7--Summary of EFF/EFF-Austin Cryptography Conference
Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically from [email protected]. The
editors may be contacted by voice (815-753-0303), fax (815-753-6302)
or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115.
Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on the PC-EXEC BBS at (414) 789-4210; and on: Rune Stone BBS (IIRG
WHQ) (203) 832-8441 NUP:Conspiracy; RIPCO BBS (312) 528-5020
CuD is also available via Fidonet File Request from 1:11/70; unlisted
nodes and points welcome.
EUROPE: from the ComNet in LUXEMBOURG BBS (++352) 466893;
In ITALY: Bits against the Empire BBS: +39-461-980493
ANONYMOUS FTP SITES:
AUSTRALIA: ftp.ee.mu.oz.au (128.250.77.2) in /pub/text/CuD.
EUROPE: nic.funet.fi in pub/doc/cud. (Finland)
UNITED STATES:
aql.gatech.edu (128.61.10.53) in /pub/eff/cud
etext.archive.umich.edu (141.211.164.18) in /pub/CuD/cud
ftp.eff.org (192.88.144.4) in /pub/cud
halcyon.com( 202.135.191.2) in /pub/mirror/cud
ftp.warwick.ac.uk in pub/cud (United Kingdom)
COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views. CuD material may be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission. It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified. Readers are encouraged to submit reasoned articles
relating to computer culture and communication. Articles are
preferred to short responses. Please avoid quoting previous posts
unless absolutely necessary.
DISCLAIMER: The views represented herein do not necessarily represent
the views of the moderators. Digest contributors assume all
responsibility for ensuring that articles submitted do not
violate copyright protections.
----------------------------------------------------------------------
Date: Fri, 1 Oct 93 06:55:38 -0700
From: [email protected](Grady Ward)
Subject: encouraging PGP use (corrected)
Jerry Leichter's <[email protected]> comments about me in CuD, Volume 5,
Issue 76 are flatly wrong. I do not and never have encouraged people
to copy or use PGP illegally whatever their jurisdiction.
In this country they ought not to "make, use, or sell" RSA without a
license from PK Partners of Sunnyvale, CA. Similarly, the IDEA cipher
ought not to be used commercially without a specific commercial
license from Ascom-Tech AG of Switzerland.
If they are non North American nationals then they need to obtain a
copy of PGP from one of several foreign sites such as:
black.ox.ac.uk (129.67.1.165)
ghost.dsi.unimi.it (149.132.2.1)
nic.funet.fi (128.214.6.100)
Depending, of course, on their local laws.
I have been assured by two attorneys that source is NOT an infringing
"device" and can be copied or studied as long as its distribution is
not simply a ploy to evade patent law. The whole constitutional idea
of a patent centers on the wide dissemination of the underlying ideas
that can be reduced to practice by a "person of ordinary skill" in the
field. Disseminating the ideas underlying a patent is explicitly a
patriotic act in the United States.
In any event individuals become moral creatures by actively making
their own personal choices and not having the ideas that could lead to
an informed choice restricted by the State.
I support the widespread use of strong crypto in the world for two
reasons: It assists physically separate individuals to freely exchange
ideas in greater safety from State interference. And it
preferentially helps less powerful people since the more powerful
dominating group can simply use the raw force of its state apparatus
to advance its program. It is an equalizer in the quest for coalition
and social justice.
Strong crypto creates communities, not conspiracies.
------------------------------
Date: Thu, 30 Sep 93 17:49:12 -0600
From: "L. Detweiler" <[email protected]>
Subject: Response to Jerry Leichter in re Moby Crypto
Editor: I strongly object to comments by Jerry Leichter
<[email protected]> on the PGP subpoenas in CuD, Volume 5 : Issue 76.
Mr. Leichter appears to be making contradictory points: even though
the ITAR may be casting FUD and chilling people's actions based on
%poorly drafted regulations whose coverage no one can determine, by
threats and insinuations from government spokesmen that some action is
illegal', he on the other hand admonishes G. Ward for his actions to
date in challenging the law. "Ward is deliberately flaunting it.
Stupid, dangerous idea. Being a revolutionary, putting yourself in
direct opposition to the power of the state, isn't fun and games.
People get hurt that way."
Mr. Leichter does not appear to realize that the most egregious laws
created tend only to be overturned by the most dramatic challenges.
Our own American Revolution is a dramatic instance of this fact. I
have praised G. Ward in email previously as a compelling cyberspatial
hero for his actions in publicizing over Usenet the NSA and State
Department molestations he has been subject to over the past weeks.
Very dramatic constitutional issues are at stake.
Another major reality lapse in Mr. Leichter's somewhat desultory
argument (that appears to have the fundamental message of minimizing
the significance of the Zimmermann-Ward affair) is the following.
Citizens in a society do not live by the laws -- they live by the
*effect* of those laws on their everyday life. Some laws are widely
ignored, such as speed limits. Some are revered with the utmost
respect, such as the rulings of the Supreme Court and the directives
of the President.
Even if no case had ever been brought to court on the ITAR, the
fundamental issue is that the law has an extraordinary dampening force
on certain aspects of current cyberspatial development and enterprise
-- in particular, cryptographic technology intrinsic to a wide variety
of transforming technologies such as digital cash and signatures --
all critical to future progress. An analogy might be this: even though
our judicial system has evolved an elaborate protocol for granting
search warrants, that system is meaningless if people voluntarily
allow police to search their homes. We do *not* live in a world
described by government laws, we live in one that interacts with them
in sometimes unpredictable ways.
Now, let me abandon these vague platitudes immediately for some
cutting specifics relevant to this case. What is the effect on the
ITAR on *domestic* cryptographic development? The ITAR supposedly
only deals with import and export and in fact that is all the
authority granted by its enabling law, the Arms Export Control Act, to
cover. But the use of the ITAR in practice by government bureaucrats is
apparently to stifle free speech and free press rights of domestic
U.S. citizens. This situation is transparently clear from Grady Ward's
wretched predicament and other noxious affairs that have escaped the
focused attention of many.
In particular, I would like to draw attention to an outstanding effort
by D. Bernstein to demonstrate the sheer oppressive force of the ITAR
as interpreted by the relevant U.S. agencies. In the anonymous FTP
file
ripem.msu.edu:/pub/crypt/docs/shuffle-export-hassles.
is an extraordinary compilation of letters sent between D. Bernstein
and the Bureau of Politico-Military affairs regarding the ITAR rules.
Mr. Bernstein sought permission to *post* a simple message to the
Usenet group sci.crypt describing a cryptographic technique. The sheer
obstruction he encountered is absolutely appalling. It approaches the
grotesque torture of a totalitarian society in suppressing
information. He required the intervention of his California state
representative merely to get simple mail responses from the
asphyxiating bureaucracy! Moreover, the exchange demonstrates very
clearly that the government *applies* the ITAR not as a law regarding
import and export of material (as the *law* constrains it) but *in
practice* as an instrument to stifle otherwise lawful 1st Amendment
scientific publication. From a letter of 14 July 1993 to A. A.
Henderson:
>Please note that the State Department is engaging in
>unconstitutional censorship of material which I privately
>developed and which I wish to publish. What you are
>witnessing is a battle over the First Amendment. I believe
>that the [Office of Defense Trade Controls, Bureau of
>Politico-Military Affairs] is acting in violation of the
>Bill of Rights. [They] failed to answer this question:
>"Does ITAR exert prior restraint on otherwise lawful
>publication"?
In these paragraphs I seek to emphasize that the debate goes far
deeper than the mere obnoxious classification of widespread,
public-domain cryptgraphic algorithms and techniques as %munitions'.
The debate surrounding the ITAR cuts to the core of many democratic
issues. The ITAR is updated with alarming frequency and changed with
disturbing ease. Its revision seems to occur in complete defiance of a
regular and open legislative process. Even top *experts* on the law
cannot keep up with all the modifications. As a frightening example of
this, take the case of U.S. vs. Martinez, where Elizabeth Martinez
and her fiance were convicted of violating the Arms Export Control Act
by exporting %cryptographic hardware' -- a satellite TV video
descrambling device, %Videocipher II'. Apparently, by some magic
bureaucratic whim, it is now *legal* to export such equipment under the
ITAR! I doubt Mrs. Martinez is consoled by this news, after being
consumed and rebuffed even on appeal.
I consider the ITAR one of the most totalitarian documents our
government has ever produced. G. Ward and P. Zimmerman are modern
cyberspatial heroes for their bold, direct challenges of it. In
classifying %disclosure of information to foreign nationals' as
*export* we find the same institutional paranoia and cyberspatial
ignorance seen in the Cold-War era Soviet Union in e.g. restricting
Xerox machines. The irony is that in both cases, the paranoia is
entirely justified, even necessary, within the context of preserving
the illegitimate status quo. This oppression forms the basic
foundation of support for the two most totalitarian systems of the
20th century -- one defunct, the other with the initials N.S.A.
------------------------------
Date: 30 Sep 1993 14:30:18 -0400
From: [email protected] (Mike Godwin)
Subject: EFF RESPONDS TO PGP CASE
EFF TO DEFEND CRYPTO RIGHTS LEGALLY
Washington, D.C. -- The Electronic Frontier Foundation has committed
itself this week to legal defense efforts in response to what is
apparently a U.S. government campaign against the use and export of
cryptographic technology.
EFF's response to the anti-cryptography campaign, which has been directed
initially against the "Pretty Good Privacy" (PGP) encryption program
written by Phil Zimmermann, is three-fold:
o EFF and EFF board members will immediately contribute
funds to Phil Zimmermann's current legal expenses as they relate
to constitutional issues, and will encourage others to make donations
for this legal effort.
o EFF will continue to vigorously investigate the facts of the PGP case
and other cryptography-related cases that may arise, in order
to spotlight the constitutional issues raised by such cases.
o EFF is now planning to launch in the near future a First Amendment
campaign aimed both at raising funds to support legal work on the
Constitutional issues raised by these cases, and at educating policymakers
and the general public about need to reform our outmoded export control laws .
The basic facts of the PGP case(s) are as follows:
The Customs Bureau has interviewed Phil Zimmermann and others involved in
PGP. A San Jose grand jury, convened by Assistant US Attorney William
Keane, subpoenaed documents relating to PGP from Zimmermann, as well
as ViaCrypt and Austin Code Works, two companies who intend to offer
commercial products related to PGP. Finally, the State Department has sent
a letter to the Austin Code Works requiring them to register as an arms
dealer, even if they don't plan to export cryptography.
In light of these developments, the Electronic Frontier Foundation
Board of Directors met in Austin on Sept 22-23 to plan EFF's response.
EFF's Board of Directors believes that this case may involve
fundamental issues in the application of the U.S. Constitution to
digital media. At stake is the right of privacy, public access to
secure cryptography, the right to publish digital writings, and the
right of equal protection under the law. We are resolved to take this
matter very seriously.
For this reason, EFF will undertake a vigorous investigation of the
facts in this and any other PGP related cases which might arise.
If the Grand Jury issues indictments that would, in the view of EFF,
threaten the future of digital liberty, we are prepared to assist in
the case and any others which might have similar adverse effects. We
are also prepared to seek to amend the export laws to protect
constitutional speech and the right to disseminate and use encryption
to protect the citizens' right to privacy and to the security of their
communications.
In the short run, EFF will assist Phil and others involved with PGP to
find criminal defense attorneys, explore ways to get any cases handled
pro bono publico, or for expenses only, and contribute funds to Phil
and other possible defendants for preindictment constitutional
research, and we encourage others to do the same. As of this
announcement, several thousand dollars have been pledged by EFF and
EFF board members including John Gilmore, Mitchell Kapor, John Perry
Barlow.
In the near future, EFF will launch a national campaign designed to
provide legal and financial support for cases or legislative efforts
that would promote the Constitutionally guaranteed rights to develop,
discuss, and use cryptographic technology.
We urge you to help Phil Zimmermann in preparing his constitutional
defense by contacting Phil's lawyer, Philip Dubois ([email protected], +1
303 444 3885, or 2305 Broadway, Boulder, CO 80304, USA). He is
accepting legal defense contributions relating directly to Phil's
defense as an individual.
Board of Directors
Electronic Frontier Foundation
------------------------------
Date: Thu, 30 Sep 1993 11:38:00 -0400 (EDT)
From: "Daniel P. Lieber - (617) 642-7697." <[email protected]>
Subject: Summary of BBLISA meeting (CuD 5.75)
Account of BBLISA Meeting (posted in CuD #5.75)
On Wed., Sept. 29, the BBLISA (Back Bay [Boston] Large
Installation Systems Administration Group) group had their monthly
meeting where they hosted both an FBI agent and a federal
prosecutor from the U.S. Attorney General's office. Both speakers
were knowledgeable about the subject and tried to answer all of the
questions that they could. (I am omitting names as I am not sure of
the correct spelling or titles -- both were substitutes for the
original speakers.)
After a brief welcoming by the leader of the group, the
prosecutor spoke extensively on the different types of intruders
into systems. Her particular area of expertise in the field of
"computer crime" is with kiddie porn. However, she was
knowledgeable on the major topic at hand -- intrusions.
The most common and least threatening type of break-in artists
are the solo hackers and crackers (usually young males) who break
into systems for the thrill and to brag about their accomplishment.
Usually, they cause little or no damage and no crime is
prosecutable (just utilizing resources is not prosecutable). By
far, the most serious threat is internal. Disgruntled workers and
recently dismissed employees cause the most damage and are usually
motivated by revenge and want to inflict injury. The third type of
intrusion, for-profit, is growing rapidly. This includes bank and
ATM fraud, among other types of information theft.
The FBI agent relayed stories about cases he has worked on and
the scope of the FBI office in Boston. To be investigatable by the
FBI, a monetary or equivalent loss must be $100,000 or the loss
must be shared amongst many different parties. He also informed us
that there are no agents that just cruise around BBSs looking for
crime. The FBI is too busy to do that.
From the information discussed at the meeting, there were some
conclusions and suggestions that were brought out:
* System banners informing all users that unauthorized access is
prohibited and that privacy is limited are helpful.
* E-mail is usually considered private unless specifically
stated otherwise.
* System administrators are not obligated to report illegal
activities that they detect on their systems.
* Law enforcement does not like to confiscate systems and will
usually get the information out of the machine without taking
it.
* To be prosecuted for a crime utilizing a computer, the
defendant must have prior knowledge of the criminal materials
or intent.
For more information on BBLISA, send a message to
[email protected] with the subject line: subscribe bblisa. Next
month's meeting will discuss large-site Internet services.
--Daniel Lieber,
Systems Manager-
_The Vanguard_
at Bentley College
------------------------------
Date: Sun, 26 Sep 1993 15:38:55 -0400 (EDT)
From: Leslie Regan Shade <[email protected]>
Subject: E-Jrnl of Virtual Culture--Gender Issue Call For Papers
CALL FOR ARTICLES--EJVC: ELECTRONIC JOURNAL OF VIRTUAL CULTURE
Special Issue: Gender Issues in Computer Networking
Issue Editor: Leslie Regan Shade
McGill University
Graduate Program in Communications
([email protected]; [email protected])
EJVC is a new peer-reviewed electronic journal dedicated to scholarly
research and discussion of all aspects of computer-mediated human
experience, behavior, action, and interaction.
This special issue of the EJVC will be devoted to gender
issues in networking. Despite the abundance of various private
networks and the meteoric growth of the Internet,this rapidly
expanding user base does not include an equal proportion of men
and women. How can women become equally represented in the new
"electronic frontier" of cyberspace? Issues to be discussed
can include, but are not limited to, the following:
*Access issues--to hardware, software, and training. What
barriers do women face? What are some success stories?
*How can women be given the technical expertise to become
comfortable and versatile with computer networking?
*Interface design: can there be a feminist design?
*How can networking realize its potential as a feminist tool?
*How can woman scholars exploit networking's technology?
*What information technology policies could be developed
to ensure computer networking equity for women, as well as
minorities?
*How does one define computer pornography and "offensive" material
on the net? Should it be allowed?
*How should sexual harassment on the net be treated?
*Are women-only groups necessary?
*How do women interact on MUDS and MOOs?
*What net resources exist for women?
Deadlines: December 1, 1993 submission of abstracts
April 1, 1994 submission of contributions
Abstracts will be reviewed by the issue editor for appropriate-
ness of content and overall balance of the issue as a whole.
In turn, authors will then be invited to submit full-length
contributions, which will be peer-reviewed by the journal's normal
editorial process before final acceptance for publication. The issue
editor encourages correspondence about proposed contributions even
before submission of an abstract.
Potential contributors may obtain a more detailed statement about the
focus and range of this special issue by sending electronic mail to
the issue editor with the Subject line: EJVC Issue or by anonymous ftp
to byrd.mu.wvnet.edu, directory /pub/ejvc, get ejvc.shade.call.
Further information about EJVC may be obtained by sending e-mail to
[email protected] or [email protected]
with one or more of the following lines in the text:
SUBSCRIBE EJVC-L YourFirst LastName
GET EJVC WELCOME
INDEX EJVC-L
Also, the file is available by anonymous ftp to
byrd.mu.wvnet.edu in the pub/ejvc directory.
------------------------------
Date: Sun, 3 Oct 1993 15:20:25 -0500
From: Bruce Sterling [email protected]>
Subject: B. Sterling's Keynote address at EFF/EFF-Austin Crypt Conf
September 22, 1993
Hello everybody. It's quite an honor to be delivering the
keynote address -- a *thankfully brief* keynote address -- at this
conference. I hope to clear the decks in short order, and let you
spend an engrossing afternoon, listening to an intense discussion of
complex and important public issues, by highly qualified people, who
fully understand what they're talking about. Unlike myself.
Before all this begins, though, I do want to establish a
context for this conference. Let me briefly put on my professional
dunce-hat, as a popular-science writer, and try to make it clear to
you exactly what the heck is going on here today.
Cryptography. The science and study of secret writing, especially
codes and cypher systems. The procedures, processes, measures and
algorithms for making and using secret exchanges of information.
*Secret* exchanges, done, made and conducted without the knowledge of
others, whether those others be governments, competitors, local, state
or federal police, private investigators, wiretappers, cellular
scanners, corporate security people, marketers, merchandisers,
journalists, public health officials, squads for public decency,
snoopy neighbors, or even your own spouse, your own parents, or your
own children.
Cryptography is a way to confine knowledge to the initiated and
the privileged in your circle, whatever that circle might be:
corporate co-workers, fellow bureaucrats, fellow citizens, fellow
modem-users, fellow artists, fellow writers, fellow
influence-peddlers, fellow criminals, fellow software pirates, fellow
child pornographers.
Cryptography is a way to assure the privacy of digital way to
help control the ways in which you reveal yourself to the world. It
is also a way to turn everything inside a computer, even a computer
seized or stolen by experts, into an utterly scrambled Sanskrit that
no one but the holder of the key can read. It is a swift, powerful,
portable method of high-level computer security. Electronic
cryptography is potentially, perhaps, even a new form of information
economics.
Cryptography is a very hot issue in electronic civil liberties
circles at the moment. After years of the deepest, darkest,
never-say-anything, military spook obscurity, cryptography is out of
the closet and openly flaunting itself in the street. Cryptography is
attracting serious press coverage. The federal administration has
offered its own cryptographic cure-all, the Clipper Chip.
Cryptography is being discussed openly and publicly, and practiced
openly and publicly. It is passing from the hands of giant secretive
bureaucracies, to the desktop of the individual. Public-key
cryptography, in particular, is a strange and novel form of
cryptography which has some very powerful collateral applications and
possibilities, which can only be described as bizarre, and possibly
revolutionary. Cryptography is happening, and happening now.
It often seems a truism in science and technology that it takes
twenty years for anything really important to happen: well,
Whitfield Diffie was publishing about public-key cryptography in 1975.
The idea, the theory for much of what will be discussed today was
already in place, theoretically, in 1975. This would suggest a target
date of 1995 for this issue to break permanently out of the arid world
of theory, and into the juicy, down-and-dirty real world of politics,
lawsuits, and money. I rather think that this is a likely scenario.
Personally, I think the situation's gonna blow a seam. And by
choosing to attend this EFF and EFF-Austin conference in September
1993, you are still a handy two years ahead of the curve. You can
congratulate yourself!
Why do I say blow a seam? Because at this very moment, ladies
and gentlemen, today, there is a grand jury meeting in Silicon Valley,
under the auspices of two US federal attorneys and the US Customs
Service. That grand jury is mulling over possible illegality,
possible indictments, possible heaven-knows-what, relating to supposed
export-law violations concerning this powerful cryptography
technology. A technology so powerful that exporting cryptographic
algorithms requires the same license that our government would grant
to a professional armaments dealer. We can envision this federal
grand jury meeting, in San Jose California, as a kind of dark salute
to our conference here in Austin, a dark salute from the forces of
the cryptographic status quo. I can guarantee you that whatever you
hear at this conference today, is not gonna be the last you hear about
this subject.
I can also guarantee you that the people you'll be hearing from
today are ideal people to tell you about these issues. I wrote a book
once, partly about some of these people, so I've come to know some of
them personally. I hope you'll forgive me, if I briefly wax all
sentimental in public about how wonderful they are. There will be
plenty of time for us to get all hardened and dark and cynical later.
I'll be glad to help do that, because I'm pretty good at that when I
put my mind to it, but in the meantime, today, we should feel lucky.
We are lucky enough to have some people here who can actually tell us
something useful about our future. Our real future, the future we can
actually have, the future we'll be living in, the future that we can
actually do something about.
We have among us today the board of directors of the Electronic
Frontier Foundation. They are meeting in Austin in order to pursue
strategy for their own national organization, but in the meantime,
they also have graciously agreed to appear publicly and share their
expertise and their opinions with us Austinites. Furthermore, they
are not getting a dime out of this; they are doing it, amazingly, out
of sheer public-spiritedness.
I'm going to introduce each of them and talk about them very
briefly. I hope you will reserve your applause until the end.
Although these people deserve plenty of applause, we are short on
quality applause resources. In fact, today we will be rationing
applause care, in order to assure a supply of basic, decent,
ego-boosting applause for everyone, including those unable to
privately afford top-quality applause care for the health of their own
egos. A federal-policy in-joke for the many Washington insiders we
have in the room today.
Very well, on to the business at hand. Mitch Kapor is a
cofounder of the Electronic Frontier Foundation, a software designer,
a very prominent software entrepreneur, a philanthropist, a writer and
journalist, and a civil liberties activist. In 1990, when Mr. Kapor
co-founded EFF, there was very considerable legal and constitutional
trouble in the world of cyberspace. Mitch spoke out on these
sometimes-arcane, sometimes-obscure issues, and he spoke loudly,
repeatedly, publicly, and very effectively. And when Mitch Kapor
finished speaking-out, those issues were no longer obscure or arcane.
This is a gift Mitch has, it seems. Mitch Kapor has also quietly done
many good deeds for the electronic community, despite his full
personal knowledge that no good deed goes unpunished. We very likely
wouldn't be meeting here today, if it weren't for Mitch, and anything
he says will be well worth your attention.
Jerry Berman is the President and Director of Electronic
Frontier Foundation, which is based in Washington DC. He is a
longtime electronic civil liberties activist, formerly the founder and
director of the Projects on Privacy and Information Technology for the
American Civil Liberties Union. Jerry Berman has published widely on
the legal and legislative implications of computer security and
electronic communications privacy, and his expertise in networks and
the law is widely recognized. He is heading EFF's efforts on the
national information infrastructure in the very thick of the
Clinton-Gore administration, and Mr Berman, as you might imagine, is a
very busy man these days, with a lot of digital irons in the virtual
fire.
Mr. Kapor and Mr Berman will be taking part in our first panel
today, on the topic of EFF's current directions in national public
policy. This panel will last from 1:45 to 3PM sharp and should be
starting about fifteen minutes after I knock it off and leave this
podium. We will allow these well-qualified gentlemen to supply their
own panel moderation, and simply tell us whatever is on their minds.
And I rather imagine that given the circumstances, cryptography is
likely to loom large. And, along with the other panels, if they want
to throw it open for questions from the floor, that's their decision.
There will be a fifteen-minute break between each panel to
allow our brains to decompress.
Our second panel today, beginning at 3:15, will be on the
implications of cryptography for law enforcement and for industry, and
the very large and increasingly dangerous areas where police and
industry overlap in cyberspace. Our participants will be Esther Dyson
and Mike Godwin.
Esther Dyson is a prominent computer-industry journalist.
Since 1982, she has published a well-known and widely-read industry
newsletter called Release 1.0. Her industry symposia are justly
famous, and she's also very well-known as an industry-guru in Central
and Eastern Europe and the former Soviet Union. Ms Dyson is very
knowledgeable, exceptionally well-informed, and always a healthy
distance ahead of her time. When it comes to the computer industry,
Esther Dyson not only knows where the bodies are buried, she has a
chalk outline ready-and-waiting for the bodies that are still upright!
She's on the Board of EFF as well as the Santa Fe Institute, the
Global Business Network, the Women's Forum, and the Poynter Institute
for Media Studies.
Mike Godwin is the legal services council for EFF. He is a
journalist, writer, attorney, legal theorist, and legal adviser to the
electronically distressed. He is a veteran public speaker on these
topics, who has conducted many seminars and taken part in many fora
all over the United States. He is also a former Austinite, a graduate
of the UT School of Law, and a minor character in a William Gibson
novel, among his other unique distinctions. Mike Godwin is not only
in EFF inside the beltway of Washington, but is on the board of the
local group, EFF-Austin. Mike Godwin is a well-known, one might even
say beloved, character in the electronic community. Mike Godwin is
especially beloved to those among us who have had machinery sucked
into the black hole of a federal search-and-seizure process.
Our third panel today, beginning at 4:45, will be the uniquely
appropriate Cypherpunk Panel. Our three barricade-climbing,
torch-waving, veteran manifesto-writers will be John Perry Barlow,
John Gilmore and Eric Hughes.
Mr Eric Hughes is NOT a member of the EFF Board of Directors.
Mr Hughes is the moderator of the well-known, notorious even, Internet
cypherpunk mailing list. He is a private citizen and programmer from
the Bay Area of California, who has a computer, has a modem, has
crypto-code and knows how to use it! Mr Hughes is here today entirely
on his own, very considerable, initiative, and we of EFF-Austin are
proud to have him here to publicly declare anything and everything
that he cares to tell us about this important public issue.
Mr John Gilmore *is* a member of the EFF Board. He is a
twenty-year veteran programmer, a pioneer in Sun Microsystems and
Cygnus Support, a stalwart of the free software movement, and a
long-term electronic civil libertarian who is very bold and forthright
in his advocacy of privacy, and of private encryption systems. Mr
Gilmore is, I must say, remarkable among UNIX and GNU programmers for
the elegance and clarity of his prose writings. I believe that even
those who may disagree with Mr Gilmore about the complex and important
issues of cryptography, will be forced to admit that they actually
understand what Mr Gilmore is saying. This alone makes him a
national treasure. Furthermore, John Gilmore has never attended
college, and has never bought a suit. When John Gilmore speaks his
mind in public, people should sit up straight!
And our last introductee is the remarkable John Perry Barlow.
Journalist, poet, activist, techno-crank, manifesto-writer, WELLbeing,
long-time lyricist for the Grateful Dead, co-founder of Electronic
Frontier Foundation, member of the Wyoming Republican Party, a man who
at last count had at least ten personal phone numbers, including two
faxes, two cellulars and a beeper; bon vivant, legend in his own
time, a man with whom superlatives fail, art critic, father of three,
contributing editor of MONDO 2000, a man and a brother that I am proud
to call truly *my kind of guy:* John Perry Barlow.
So these are our panelists today, ladies and gentlemen: a fine
group of public-spirited American citizens who, coincidentally, happen
to have a collective IQ high enough to boil platinum. Let's give
them a round of applause.
(((frenzied applause)))
Thank you. Ladies and gentlemen, EFF-Austin is not the EFF.
We are a local group with our own incorporation and our own unique
organizational challenges. We are doing things on a local scale,
where the National EFF cannot operate. But we know them, and we
*like* them, and we are proud to have them here. Furthermore, every
time some Austin company, such as Steve Jackson Games Incorporated, or
the currently unlucky Austin Codeworks, publishers of a program called
"Moby Crypto," find themselves in some strange kind of federal hot
water, we are not only proud to know the EFF, we are *glad* to know
them. Glad, and *grateful!* They have a lot to tell us today, and
they are going to tell us things they believe we really need to know.
And after these formal panels, this evening from 8 to 10, we are
going to indulge in a prolonged informal session of what we Austinites
are best at: absorbing alcohol, reminiscing about the Sixties, and
making what Mitch Kapor likes to call "valuable personal contacts."
We of EFF-Austin are proud and happy to be making information
and opinion on important topics and issues available to you, the
Austin public, at NO CHARGE!!
Of course, it would help us a lot, if you bought some of the
unbelievably hip and with-it T-shirts we made up for this gig, plus
the other odd and somewhat overpriced, frankly, memorabilia and
propaganda items that we of EFF-Austin sell, just like every other
not-for-profit organization in the world. Please help yourself to
this useful and enlightening stuff, so that the group can make more
money and become even more ambitious than we already are.
And on a final note, for those of you who are not from Austin,
I want to say to you as an Austinite and member of EFF-Austin, welcome
to our city. Welcome to the Capital of Texas. The River City. The
City of the Violet Crown. Silicon Hills. Berkeley-on-the-Colorado.
The Birthplace of Cyberpunk. And the Waterloo of the Chicago Computer
Fraud and Abuse Task Force.
You are all very welcome here.
So today, let's all learn something, and let's all have some
fun. Thanks a lot.
------------------------------
Date: Sun, 3 Oct 1993 15:20:43
From: Steve Jackson <[email protected]>
Subject: Summary of EFF/EFF-Austin Cryptography Conference
Before a standing-room-only audience of over 200, Mitch Kapor, John
Gilmore and other technopolicy experts criticized the federal "Clipper
Chip" proposal at a cryptography conference held today in Austin.
Jointly sponsored by the Electronic Frontier Foundation and
EFF-Austin, the one-day conference included three blue-ribbon panels
on various aspects of cryptography policy. The issue of public access
to cryptography is rapidly heating up, as secure encoding programs
become available to private individuals. Meanwhile, the government
maintains tight export restrictions on cryptographic products. In
fact, a federal grand jury is now examining business records
subpoenaed from commercial cryptography providers - including one in
Austin - in an apparent investigation of exports.
The audience wasn't just computer-literate, but
computer-armed-and-dangerous. The rattling of laptop keys sounded from
at least 20 spots in the room as Bruce Sterling presented a keynote
explanation of cryptography and why it's important: "We all have
digital irons in the virtual fire."
The conference led off with a discussion between Mitch Kapor
(founder of Lotus Development and chairman of the Electronic Frontier
Foundation) and Jerry Berman (executive director of the EFF). Most of
the commentary had to do with the process by which the Clipper had
been presented, and might still be mandated. Berman stated flatly that
the Clipper program simply will not do the job its advocates say it
will, as long as it's voluntary . . . and if it becomes mandatory, it
raises "fundamental Constitutional issues which they don't want to
confront . . . they're between a rock and a hard place."
Kapor, wearing a Secret Service cap, discussed the Washington
policy process. "You would be surprised how little depth of
thinking-through there is on these issues of the information
superhighway. People are trying to do the right thing . . . you might
think that they've got a lot of deep thinkers sitting around and
trying to figure out what the right thing to do is. No. It's the
%crisis of the day.' And in that sort of atmosphere, reasonable people
sometimes feel that what they're doing is the best compromise under
the circumstances. There's a lack of commitment to doing the right
thing . . . people think they're making creative compromises when in
fact they're making stupid mistakes." But he also commented that
compromises are sometimes the only option: "There is a role for moral
outrage, but in Washington, moral outrage only gets you so far."
Quotes:
Kapor: "We're very much in favor of the private sector as opposed
to the government undertaking construction activities. The government
doesn't have the money or the expertise. . . . Common carrier, private
sector, universal access."
"People don't understand the nature of the problems. The problems
keep getting greater and greater, and the solutions get more and more
absurd."
"Whoever actually owns the data highways shouldn't be able to
control what goes across them. That's the principle of common carrier.
It should be updated to reflect that fact that we want more
competition and fewer regulated monopolies, but the principle still
holds."
John Gilmore, answering a question about copying the chip: "The
idea is that they use a technology to build the chip that makes it
hard to reverse-engineer, developed for classified chips, that has not
been seen in the real world." He went on to say that the government
has so far not responded to requests for sample chips to allow
independent experts to test this claim.
Following the CFP model, the panels were separated by long breaks
for discussion, networking and argument. The crowd was mixed: not just
"computer people" and journalists, but also high school and college
students, several law enforcement professionals, and one labor union
officer, from Houston and San Antonio as well as Austin.
The second panel, on law enforcement, was a dialogue between Esther
Dyson (long-time industry observer and newsletter editor) and Mike
Godwin (Legal Services Counsel for the EFF). The discussion, and most
of the audience's questions, focused on the current and probable
future legality of various encryption systems.
Quotes:
Esther Dyson: "If government gives us this weak encryption, and
mandates that we use it . . . then what the public thinks about the
issue doesn't matter any longer."
Mike Godwin: "Sure, cryptography is inconvenient to law
enforcement. But we have other things that are inconvenient. Look at
that pesky prohibition against forced confessions. You know they did
it . . . but the police can't make them confess. Isn't that
troubling?"
"For so long, technological advances meant decreases in privacy.
Now there's a technological advance that empowers privacy . . . not
just on a corporate level, but on an individual level."
The final panel was entitled simply %%Cypherpunks,'' and included
Eric Hughes (founder of the Cypherpunks mailing list), John Gilmore
(programmer and free-software activist) and John Perry Barlow
(co-founder of the EFF). They talked about just how easy it is,
already, to encrypt your communications, using PGP and other systems.
They also discussed how quickly some older encoding methods are
failing before decryption technology.
Quotes:
John Gilmore: "How many of you have broken no laws this month?" (No
hands appeared.) "That's why we need encryption. There are too many
laws, and the wrong things are illegal."
"What do we want out of cryptography? You can sum it up in two
words: unprecedented mobility. Your friends and co-workers can be
scattered in physical space."
"Outlawing cryptography is like outlawing pencils because bookies
use them to record bets."
"We're trying to make people aware of these problems
(cryptographically competent crackers) and push out the free software
solutions that solve them."
John Perry Barlow: "The more I think about what it means to have
the Internet everywhere on this planet, combined with widespread use
of encryption technology, the more I think this is the biggest
development since fire. And if you think that's an exaggeration, think
about what's going to go down when these technologies come together."
"Huge economies may develop, utterly invisible to everyone not
involved in them. The kind of economies that would break most world
governments. If taxes become voluntary, there are many government
%services' that most people will no longer want to pay for.
"The administration . . . is defending a position on cryptography
which doesn't make it easy to explain its benefits to society."
Eric Hughes: "It's amazing how much publicity we (the cypherpunks)
have gotten just in this first year. We hit a hot button. It's the
flowering of cryptography."
"In order to have a private key, you have to own your own CPU. Most
people use dialin services, where mail is being received at someone
else's computer. If you put your private key on that system, it's
unsafe."
"Digital privacy is for the rich. We have to face that. Digital
privacy is class-based. But it's getting cheaper."
"Cypherpunks want privacy for other people, not just for
themselves. Easy-to-use for a programmer is not easy-to-use for other
people."
Hughes: "I'm surprised that those %secret' e-mail addresses for
Congressmen haven't come across the cypherpunks list." Barlow: "They
have. Just a couple of days ago." (Applause . . . )
At the close of the conference, EFF-Austin president Jon Lebkowsky
summed it up: "What impressed me is that a topic which is still
relatively arcane attracted such an active and vocal group, even in
Austin, a hotbed of networked computing. This is the next big issue."
------------------------------
End of Computer Underground Digest #5.77
************************************
|
|
