EPIC Report On International Cryptography

kalifa writes: "The EPIC (Electronic Privacy Information Center) has just published its annual report on international cryptography. It is available here. It's pretty informative, and I hope it will help changing many false misconceptions (and, by the way, put an end to the same good old francophobic stuff, which is obviously unjustified after the study of this report). "

Information wants to be free!

Encryption, shmencryption I say. It's a known fact that information wants to be free, and encryption is only one of many ways to stifle this freedom. When you encrypt something, whether it's your email or your grocery list, you are taking away that information's "freedom", and what's more, other people's rights to that information. In an era when Free Software flourishes, it is only fit and proper that Free Information takes a similar path. Much as you must work to make sure that your software stays Free, you must work to keep your information Free.

Encryption is akin to copyright, and thus censorship, in this regard: you are creating a privileged class of people who have the "right" to obtain your information. This system is the antithesis of what we in the Free Software Movement have worked for for years: open access to everything, at all times. If Free Software is the only moral software, then it follows that Free Information is the only moral information.

Just as in a state in which there is only Free Software there is no software hoarding, in a place with only Free Information, there will be no secrets, no plots, no jealousy. There will only be a new era of Freedom and Learning. Imagine if you were able to peer into the collective knowledge of millions: what you could learn, what you could discover. Encryption is a form of censorship which is directly opposed to Freedom. You don't need it.

But what about state secrets and military information, you ask? Without them, there is no need for the military: all nations will know what each other is planning, and all will be too afraid to act without the element of surprise. With no military, the government which it exists to back will disintigrate. All nations will work together without the posion of nationalism to infect them. Only with Free Information can this be achieved.

Just keep in mind that the only choice for Freedom is Free Information.

US report

[Signal+11]

The United States Government has long been the leader in efforts to limit the development and dissemination of encryption. For the past twenty years, the US has attempted to suppress development of encryption through manipulating standards, recommending legislation, and imposing export controls. In the past several years, as electronic commerce has become an important aspect of the American economy, the US government has begun backing away from these efforts, which have not been successful and had generated considerable controversy and opposition.

Well, that's the story for the US. By the looks of things.. all things considered, they should be a "green light" in about 2 years. For crypto. The rest of our privacy laws are woefully lacking. In this respect, I consider the progress the EU and it's member nation's to be making substantial progress - moreso than the US. For a country that prides itself on technical and economic superiority, it comes as a mild shock that we haven't been more quick to adopt EU-like specifications to encourage e-commerce on a wider scale.

I guess though there are some parts of our government which are more interested in "national security" than economic prosperity. All and all, an excellent paper, and one I'll definately be referring to when I set my web server(s) up in the near future.

I gave up moderation to post this reply.

[Dman33]

I gave up moderation on this entire news story to post this reply in this thread.

You claim that moderation is not censorship but merely a filter that relevant information must pass through. Frankly, that is bullshit. Many on-topic posts are moderated down simply because they disagree with open source dogma or are critical of Linux and VA. In many cases, if the downward moderated post were to say the exact same thing about another company(Microsoft), they would be moderated up.

Who is a moderator? A moderator is any random /. user. I am just some guy like you that wants to read news about technology. Every two weeks or so, I notice that I am a moderator, and I take advantage of it. It is important to note that I do agree with much of your letter to Cmdr Taco, however on the topic of moderation, I disagree.

Moderation cannot be censorship because it is performed by a cross-section of the registered users on Slashdot. If you are not registered (which is free) then you do not have the rights that you may desire. Take a website that did not have accounts, yet had open posting without moderation; www.segfault.org

This tech-linux-humor site was great until the Natalie Portman epidemic broke out. Sure, the trolls were listened to, but did they stop? No.
Segfault is now a humor site that is dying (just about dead). It is dying because it no longer allows posting by the users, and it is lacking the traffic as a result.

How does a site remain free (as in speech) while getting rid of all the trolls? Simply have the users LOG IN! I have my threshold at 1, and it helps out a ton!

Moderation can be abused by the moderators (moderating down anti-linux stuff) but as long as there are registered users reading /., there will be moderators. And if you are a moderator and you do not agree with moderation done, you simply change it accordingly.

Moderation works, my advise to all that are bothered with moderation is to set up an account and log in when you read Slashdot. You will be heard. Furthermore, if you notice that you have moderator access, USE IT!
It is a very important tool to the success/demise of this site. If you want to enjoy what you read, use your moderation rights!

Re:question from a newbie

[swordgeek]

OK, let's first of all drag out the obvious points.

1) You are only liable for $50 if your credit card is used fraudulently, i.e. if someone steals the number and uses it without your permission.

2) Every time you hand a wait(er/ress) your card in a restaurant, they can steal the number REALLY easily. Same with every other shop that you use your card in. Anytime, anywhere.

Given those, I wouldn't worry much about the security of online transactions.

Regardless, the publically available encryption is FAR more than secure enough to protect your card, especially with its tiny limit. (no offense--I just doubt you have a $10M limit, which might make it worthwhile)

On the other hand, do the browsers use particularly secure encryption? Not great, and outside the US, not good at all. Also, lots of sites are badly written or designed, are full of security holes, etc. There's no guarantee of safety no matter how good the encryption is, because as often as not, the encryption can be bypassed.

But go back to #1 for a second. That $50 limit is pretty reassuring, and you can only be held liable for that under certain circumstances. If there's a massive and documented theft of a thousand numbers, then you probably won't be liable.

So relax, but don't be stupid about giving out your card #. In other words, buy from companies you trust--after all, the easiest way to defraud people is to actually run an 'ecommerce' website where people will send you cards!