Return-Path: <sentto-279987-2046-1000865475-fc=all.net@returns.onelist.com> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Tue, 18 Sep 2001 19:13:10 -0700 (PDT) Received: (qmail 22237 invoked by uid 510); 19 Sep 2001 02:11:40 -0000 Received: from n29.groups.yahoo.com (216.115.96.79) by 204.181.12.215 with SMTP; 19 Sep 2001 02:11:40 -0000 X-eGroups-Return: sentto-279987-2046-1000865475-fc=all.net@returns.onelist.com Received: from [10.1.4.54] by b05.egroups.com with NNFMP; 19 Sep 2001 02:11:15 -0000 X-Sender: fc@big.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: mail-7_3_2_2); 19 Sep 2001 02:11:14 -0000 Received: (qmail 39635 invoked from network); 19 Sep 2001 02:11:14 -0000 Received: from unknown (10.1.10.27) by l8.egroups.com with QMQP; 19 Sep 2001 02:11:14 -0000 Received: from unknown (HELO big.all.net) (65.0.156.78) by mta2 with SMTP; 19 Sep 2001 02:11:14 -0000 Received: (from fc@localhost) by big.all.net (8.9.3/8.7.3) id TAA16625 for iwar@onelist.com; Tue, 18 Sep 2001 19:11:14 -0700 Message-Id: <200109190211.TAA16625@big.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL1] From: Fred Cohen <fc@all.net> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Tue, 18 Sep 2001 19:11:13 -0700 (PDT) Reply-To: iwar@yahoogroups.com Subject: [iwar] [fc:Controlling.encryption.will.not.stop.terrorists] Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 8bit Controlling encryption will not stop terrorists 10:43 18 September 01 Will Knight US government hopes of curtailing terrorist communications by controlling the use of cryptographic software have been criticised by computer scientists. Law enforcement groups have suggested that the terrorist groups associated with devastating attacks on the World Trade Centre and the Pentagon used encryption to communicate securely over the internet. Republican senator Judd Gregg of New Hampshire has already called for the government to be given backdoors into all encryption products. In a speech just days after the strikes, Gregg said that software companies "should understand that as a matter of citizenship, they have an obligation" to include backdoors in their applications. But experts say that trying to control encryption may be a waste of time and effort. Terrorists are, they say, far more likely to use steganography, which involves obscuring messages from detection in the first place, as well as straightforward codeword-based messages. "If I was a terrorist, the last thing I would do is use encryption," says Brian Gladman, a UK computer scientist. "We need to find out whether encryption was used in these events at all." Disappearing trick Encryption uses mathematical keys to scramble and unscramble a message. Gladman points out that, although encrypted messages are near impossible to decipher, they do reveal to the authorities who is talking to whom, which can be crucial intelligence. By contrast, steganography makes the message "disappear" altogether. A modern technique is to hide messages within the data comprising ordinary-looking web images. The effect is the same as having a pre-agreed code word - unless you know exactly where to look the message is undetectable. Encryption has faced government opposition before. During the 1990's, exporting cryptographic tools from the US was restricted and some programs were even classified as munitions. Pretty good privacy Phil Zimmermann released the first free email encryption program - Pretty Good Privacy - to challenge these restrictions, in 1991. He now works for Hushmail, an company based in Ireland that provides a free online encrypted email. He agrees that the government may be missing the point. "It's not clear that having backdoors would stop these terrible events from happening," Zimmerman told New Scientist. He adds: "When you try to make a decision under such emotional circumstances, you will probably make a mistake." Zimmermann and others say that the encryption is more relevant to protecting individual privacy than enabling terrorists. They also say that cryptography can be vital to protecting activists and political dissidents from the surveillance of oppressive regimes. Confidence drain Some computer experts also warn that weakening encryption could seriously damage confidence in electronic commerce which relies on encryption to secure transactions conducted over the internet. Nevertheless some have begun stockpiling free cryptographic software on servers outside US boundaries amid fears that computer software used to encrypt messages may soon be restricted. "There are going to be more people archiving things," says John Young, who manages the online archive Cryptome.org. "These sites will be multiplied and people may even start sending encrypted messages on disks through the post, now that the internet is so heavily surveyed." ------------------------ Yahoo! Groups Sponsor ---------------------~--> Secure all your Web servers now: Get your FREE Guide and learn to: DEPLOY THE LATEST ENCRYPTION, DELIVER TRANSPARENT PROTECTION, and More! http://us.click.yahoo.com/k0k.gC/nT7CAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:45 PDT