Slashdot Mirror

← Back to Stories (view on slashdot.org)

Phil Zimmermann Talk Summary And Audio

Posted by Hemos on from the good-listening dept.

Ames Cornish writes "Philip Zimmermann, the creator of PGP, spoke on Security and Privacy to a standing-room-only crowd in San Francisco on July 31st. There is a short summary and audio recording of the event on the Software Development Forum site. Phil talked about Dmitry Sklyarov, Nicodemo Scarfo, Phil's own experience as the victim of US government persecution, and how automatic weapons were involved in the attempt to get export permission for PGP." The MP3 is at the bottom of the page.

82 comments

  1. The summary by Lumpish+Scholar · · Score: 1, Redundant

    (Grabbed before the inevitable Slashdot effect.)

    At the inaugural Internet Security and Privacy event, Philip Zimmermann, the creator of the world's most popular email encryption software, Pretty Good Privacy (PGP), spoke to a standing-room-only audience in San Francisco. A decade ago, the Federal government accused Phil of violating the Arms Export Control Act for munitions trafficking. The government claimed that U.S. national security was jeopardized when PGP was spread around the world as free encryption software. The investigation of Phil Zimmermann continued for three years. The feds eventually dropped their case.

    Phil spoke about the current Dmitry Sklyarov case. Dmitry is a Russian programmer who was thrown in jail by the federal government at the behest of Adobe. Adobe claims that software Dmitry created for his employer in Russia violated the Digital Millennium Copyright Act (DMCA). After meetings with the Electronic Frontier Foundation (EFF) Adobe had a change of heart and asked the feds to drop criminal charges against Dmitry. Phil characterized criminal law as a "blunt instrument" when used to enforce encryption software policies. Phil also related to the terror of having the federal government threaten you with incarceration for writing a piece of code.

    Phil went on to discuss another current criminal case, that against Nicodemo S. Scarfo, in which the FBI used electronic eavesdropping to access data which Mr. Scarfo had reportedly encrypted with PGP. While the FBI had a search warrant, Phil believes law enforcement should be held to the higher wire-tap standards before permitting on-going electronic surveillance.

    Phil also had a number of stories to tell about the development of PGP and his efforts to get permission to export that software. Only one episode involved the brandishing of automatic weapons in a bank building, however.

    --
    Stupid job ads, weird spam, occasional insight at
    1. Re:The summary by gengee · · Score: 2

      Mirroring is perfectly appropriate. As it stands, I am already unable to reach SDForum. Let's not moderate this to +5 Informatie, but by the same token, let's not send it to a -1 Redundant grave.

      --
      - James
    2. Re:The summary by glitch! · · Score: 1

      Mirroring is perfectly appropriate. As it stands, I am already unable to reach SDForum.

      Agreed. In my case, the site crashes my browser[0], so it's nice to see at least the summary.

      [0] Konqueror 2.1.1 using KDE 2.1.1 It's nice, but has a bad habit of choking on some sites. And it doesn't seem to have a way to stop animaged GIFs. And I still haven't figured out how to get my personal toolbar folder on the menu bar. Otherwise, it's pretty nice...

      --
      A dingo ate my sig...
  2. Automatic weaponry by jack+deadmeat · · Score: 1

    Yeah, but was it a pansy-ass MAC-11, or was it a true crew-served heavy automatic weapon like a M2 Browning or Mk19?

    Big difference.

    1. Re:Automatic weaponry by Naurgrim · · Score: 1

      Mmmmm, Ma Duece!

      --
      .......You Are,
      ...What You Do,
      When It Counts.
    2. Re:Automatic weaponry by Anonymous Coward · · Score: 0

      No, calibre is much more fun - check out this picture of a 50 cal armor piercing round going through 1 inch of steel!!

    3. Re:Automatic weaponry by lavaforge · · Score: 1

      Do you want to stare down the barrel of that thing? I know I don't.

    4. Re:Automatic weaponry by Guppy06 · · Score: 1

      My guess is that since it didn't say "support weapon" or even "assault rifle," it was a panzy-ass MAC-11.

    5. Re:Automatic weaponry by Anonymous Coward · · Score: 0

      try getting shot with a mac11 and see how "pansy-ass" it is. real life sucks compared to counterstrike.

    6. Re:Automatic weaponry by jack+deadmeat · · Score: 1

      MAC-11 is a full auto .380 version of the MAC-10. Compared to a three man crew manning a M-60, yes, it is pansy-ass.

    7. Re:Automatic weaponry by Anonymous Coward · · Score: 0

      Doesn't anyone on slashdot review the subject material before shooting their mouth off? Phil Zimmermann said it was an AR-15, which is not even an automatic weapon.

  3. Looks fine in Netscape, crappy in Konqueror by Anonymous Coward · · Score: 0

    Which proves Netscape is the better browser.

  4. "PGP" for Linux by yukonbob · · Score: 2, Informative

    There's an article (one of two) on the Linux Journal website about GNU Privacy Guard for PGP functionality for us *NIX folks.

    -yb

  5. Re:I know for sure they are deleting posts by Anonymous Coward · · Score: 0

    Could you tell us where these stories which are not posted yet, are to be found?

    Otherwise I would have a hard time believing your story...

  6. asp site holding up well by gruntvald · · Score: 0, Offtopic

    Interesting to note that an .asp site is surviving this quite successfully. I never thought I'd see the day IIS held up to the /. effect, but there it is...

    1. Re:asp site holding up well by jorbettis · · Score: 2

      Hold off, there are seven comments on the story now, and I'm getting 3kbps on the mp3. They might just have the bandwith throttled so much that it is the bottleneck, and not the server.

      --

      Jordan Bettis

      ``Wherever you go, there's another stupid sigfile quote.''
    2. Re:asp site holding up well by Anonymous Coward · · Score: 0

      IIS holds up just as much as Apache in terms of speed and, somewhat, stability

      It's *security* where it fails to perform.

    3. Re:asp site holding up well by gruntvald · · Score: 1

      that's one way to keep the thing up - even though I'm modded as offtopic (correctly, I guess), I still think that it's important to note that an IIS box *is* holding up - and that's unusual. It's pertinent in the light of the linuxtoday discussion of java and IIS being a commodity "good enough" web server these days, compared to apache.

  7. hey by Anonymous Coward · · Score: 0

    You all should stop downloading that mp3. Its making my download slow down.

    thanks.

  8. Re:I would tell you by Trollificus · · Score: 0

    It's bad enough that people are talking about this bug. The last thing we need is for the editors to get wind of this and patch the hole.

    --

    "People should be allowed to keep midgets as pets."
    - Gov. Jesse Ventura

  9. Is it okay to send the MP3 to Napster? by mfarah · · Score: 1
    I wonder if Mr. Zimmermann will mind if the MP3 of this particular speech is sent to Napster (or Gnutella, whatever) and distributed there.



    In any case, let's be glad he doesn't sing on it, or else the RIAA would come after him, too.

    --
    "Trust me - I know what I'm doing."
    - Sledge Hammer
  10. Looks fine in Konq to me by Anonymous Coward · · Score: 0
    Perhaps you are using an older version? I'm using 2.2. Older versions liked to insert spaces in dumb places, like between adjacent tags and such.

    Also, some retarded distributors (like Redhat) set the Fixed-width font to Helvetica by default, which of course is not fixed-width at all.

  11. Exactly! by Anonymous Coward · · Score: 0

    Let's keep this hush-hush. For example, no more bug reports about it to sourceforge, OK?

    1. Re:Exactly! by Trollificus · · Score: 0

      The majority of bug reports I post are fake anyways, lol.

      --

      "People should be allowed to keep midgets as pets."
      - Gov. Jesse Ventura

  12. Sklyarov case reaching out to new audience by fobbman · · Score: 0, Offtopic

    I swear to you all that this is true. The following email was just submitted to the Portland Oregon Free Sklyarov email list:

    The latest domain name extension has arrived .SEX!!! It's the fresh ,new, exciting web address that is taking the world by storm.

    Who wants to be .com when you can now be .SEX

    Register your .SEX domain name today exclusively at: [pr0n link deleted]

    With this addition I can see his cause getting MAJOR "exposure" now.

  13. Re:Linux' cost [updated!] by Anonymous Coward · · Score: 0
    Don't know what crack you're smoking, but my modest four-year-old Dell 550MHz PC, which has been running RH with 2.2-series kernels since the day I got it (and replaced the default Win98 install with RH 6.x) has not crashed a single time in four years due to a kernel/software glitch.

    Not once. Ever.

    And I'm straining the system at least somewhat -- six-port serial board (with all ports connected and receiving data simultanteously), Matlab and/or Mathematica, and various combinations of mp3 player, StarOffice, Gimp, and a web browser.

    As for your comments regarding the robustness of ext2fs, the handful of times my machine has been forcibly turned off (power outages, guy in a backhoe cutting power cable, etc.), it has recovered automatically - without an ounce of intervention from me - every single time. Never lost so much as a bit. And the simple recover utility I got from Freshmeat has worked flawlessly on those occasions where I lost data due to my own stupidity.

    And for all this, I never spent a cent on purchasing software. The largest download I ever did (full RH install from their FTP site) might have taken a few hours over a slow modem.

    So I dunno, maybe you have lousy karma or something -- the observations you make bear no resemblance to reality in my experience.

    Then again, maybe you're just a trolling idiot.

  14. So true by Anonymous Coward · · Score: 0

    I sent a very nice, polite bug report saying that the URLs are broken in w3m, since for some stupid reason they left the 'http:' off the beginning of all the intra-site URLs, i.e. '//slashdot.org/users.pl' instead of 'http://slashdot.org/users.pl'. But instead of taking the 5 seconds it would take to fix this, they just say "Sorry, your browser's broken, we aren't going to fix it." I find it terribly ironic that they get all up-in-arms whenever a new version of Microsoft Whatever breaks compatibility with anything, but don't care the slightest bit when they do the exact same thing. Disgusting.

    1. Re:So true by Anonymous Coward · · Score: 0

      You're not supposed to use anything but Konqueror (or maybe Internet Explorer) on Slashdot.

    2. Re:So true by Anonymous Coward · · Score: 0

      Well, maybe I don't want to wait 5 minutes for all the KDE libraries to load just to do a quick check of the front page. Contrary to what seems to be popular belief among the KDE and GNOME developers, not everybody has a gigabyte of memory and a 1.5GHz processor suitable to run their crappy bloatware.

    3. Re:So true by Anonymous Coward · · Score: 0
      I sent a very nice, polite bug report saying that the URLs are broken in w3m, since for some stupid reason they left the 'http:' off the beginning of all the intra-site URLs, i.e. '//slashdot.org/users.pl' instead of 'http://slashdot.org/users.pl'. But instead of taking the 5 seconds it would take to fix this, they just say "Sorry, your browser's broken, we aren't going to fix it."

      Well, then w3m is b0rken. See rfc1808, section 2.4.3 for the proper behaviour.

      I might just go find the w3m code and fix this...

    4. Re:So true by Anonymous Coward · · Score: 0

      And that's how open source works. I just fixed w3m and made a patch. I'll send it off posthaste to the maintainer.

  15. The US, the world's police by HerrGlock · · Score: 1

    People who are concerned about the UN taking over their countries or usurping the authority of the country should also be pointing their concern towards the US's mega corporations. As free enterprise as I am, the bigger businesses seem to own major portions of some countries and specifically major portions of their governments.

    Maybe it's time to start throttling campaign funding from corporations, as much as that's a 1st amendment issue as well.

    There has to be a middle ground here.

    DanH

    --
    Cav Pilot's Reference Page
    UNIX - Not just for Vestal Virgins anymore
    1. Re:The US, the world's police by gfreeman · · Score: 1

      The 1st amendment does not apply outside of the USA.

      --
      Ceci n'est pas un sig.
  16. Law and Order and Justice by Alien54 · · Score: 2
    It seems like an awful lot of Law Enforcement officials have no interest in seeing justice done. This would seem a radical thing to say because of the business they are in.Many cases have been brought forward where a person might be able to prove themselves innocent based on DNA tests. The friends on family of the jailed person are willing to pay for the test.

    and what is the response?

    "We know that they are guilty because they were convicted of the crime, and we have no interest in helping a guilty man go free"

    I have seen this on the news several times over the past few months. You can see the logic of it all. It is blind and arbitrary conviction to "principles" unencumbered by the thought process.

    Now we transfer this to other areas of Law enforcement, and we can see how the lack of education and sheer strupidity can lead to the legal situations we face in the technology arena.

    Yes, some of these people are in fact stupid, and to fix the problem would take several years of experience and education that you happen to have, but they don't.

    - - -
    Radio Free Nation
    is a news site based on Slash Code
    "If You have a Story, We have a Soap Box"
    - - -

    --
    "It is a greater offense to steal men's labor, than their clothes"
    1. Re:Law and Order and Justice by Don+Symes · · Score: 1

      Law Enforcement officials are NOT in the business of justice. They are in the business of law enforcement. The stupidity or inapplicability of the law doesn't enter the picture.

      Make no mistake, the metrics they work under have only to do with cases 'cleared' by arrest and with conviction rates (percentages).

  17. Zimmerman: prosecution vs. persecution by swordgeek · · Score: 2

    OK, PGP is good software, it's a revolution, blah blah blah. All true. No questions.

    It's also true that the US government investigated Phil Zimmerman quite extensively, and considered what to do about him. This went on several years.

    However unless things have changed since I last got up to speed on things, Zimmerman was never prosecuted. No charges were laid, no time was served, no record was created. Phil is and always has been a free man without a criminal record (at least as a result of PGP). Is this wrong? Have things changed?

    I'm not saying that he didn't go through a nasty few years, and that it was all stupid, but he shouldn't be treated like a saint. For that matter, neither should his side of the story be taken entirely at face value. Remember, there _is_ another side, even if the government won't/can't talk about it.

    --

    "People who do stupid things with hazardous materials often die." -- Jim Davidson on alt.folklore.urban
    1. Re:Zimmerman: prosecution vs. persecution by philovivero · · Score: 2, Interesting

      I'll bite. I've followed the Phil Zimmerman story for several years with some interest.

      I'll summarise the other side of the story for you: the NSA and FBI don't want anyone to be in possession of cryptographic technology because it makes it harder to spy on U.S. citizens. They have consistently lied to congress to keep bad laws and regulations on the books. They have consistently harassed good citizens who are trying to get the useless laws and regulations changed.

      The result? When I, a United States citizen currently residing in New Zealand want to download a copy of CFS (cryptographic filesystem) I can't, because of U.S. export restrictions (!).

      Phil Zimmerman and people like him have made a slight dent in the stupidity, but it's not enough. Until the U.S. government lets go of its desire to spy on its own citizens, things will remain bad. In the meantime, non-US countries will be on the forefront of secure communications technology, because they're allowed to export their software.

      --
      fifth sigma, inc.
    2. Re:Zimmerman: prosecution vs. persecution by Error27 · · Score: 2

      >>Remember, there _is_ another side, even if the government won't/can't talk about it.

      It's nice to be even handed and try to understand both sides of the argument.

      I won't deny that the government had reasons for trying to stop wide spread encryption. Reasons that it might not want to talk about.

      But those reasons make me want encryption even more. The more I try to understand why the government wanted to read my email the less I like it. :P

  18. Phil's Phone by kilgore_47 · · Score: 3, Funny

    Phil is a funny guy. Take for example the way he lists his phone number online.

    --
    ___
    The way to see by faith is to shut the eye of reason. --Ben Franklin
    1. Re:Phil's Phone by Anonymous Coward · · Score: 0

      I was entertained until he explicitly described the method to retrieve the phone number. You'd think he'd leave that off just to weed out the morons.

    2. Re:Phil's Phone by Anonymous Coward · · Score: 0

      For those of you of short attention span, you can contact Phil Zimmerman at 1-650-347-9743. Ask him if his refrigerator is running.

    3. Re:Phil's Phone by Col.+Klink+(retired) · · Score: 3, Funny

      > You'd think he'd leave that off just to weed out the morons.

      No, he explicitly said he was OK with journalists calling...

      --

      -- Don't Tase me, bro!

  19. That gun bit was pretty funny by ehintz · · Score: 2, Informative

    My memory of the talk at SDForum...

    The PGP guys were getting around export restrictions by printing the code on paper, which they distributed at a crypto group meeting, with the old nudge nudge wink wink type of intention (somebody sent it overseas? I'm shocked, shocked I tell you). So here they are, purposefully handing it out in this very public forum, as a CYOA move trying to legitimize the distribution. And later in the meeting, some guy pops up with a big duffel bag, and announces the gun SIG will be meeting next week for some shooting or something, and unzips the bag and pulls out some kind of automatic rifle, mortifying Phil and crew. Better yet, the meeting was being held on the 15th floor of a bank, so if the guy had been caught walking into the building, well, you do the math... Would've been wonderful to be a fly on the wall that day...

    --
    ehintz
    1. Re:That gun bit was pretty funny by Darth+Yoshi · · Score: 1
      The PGP guys were getting around export restrictions by printing the code on paper, which they distributed at a crypto group meeting, with the old nudge nudge wink wink type of intention (somebody sent it overseas? I'm shocked, shocked I tell you).

      My understanding (and feel free to correct me if I'm wrong) is that, at the time, crypto laws prevented PGP source code being exported on a floppy disk, but printed out in a book, it was protected by the first amendment. So you had the strange situation that carrying a floppy disk of the PGP source code out of the country was illegal, but carrying a book out of the country containing the source was perfectly legal. So there was no "nudge nudge wink wink" about it. Go figure.

      --
      // TODO: fix sig
    2. Re:That gun bit was pretty funny by Anonymous Coward · · Score: 0

      actually there *WAS* nudge nudge wink wink going on: By allowing book but not diskette distribution the Goverment was winking like a New York Whore (no offense to the ladies, politicians give honest prostitutes a bad name).

  20. AR-15, I think by Anonymous Coward · · Score: 0

    I don't know my automatic weapons all that well, but I think it had been an AR-15. It was entertaining to watch the reactions in the room when [pseudonym-deleted] got it out.

  21. Lawyers, Guns, and Money by Anonymous Coward · · Score: 0

    There wasn't any nudge-nudge-wink-wink about the distribution - it was more of a "please take one if you've got some suitable overseas contacts to mail it to."

  22. Law Enforcement vs. Justice? by Alien54 · · Score: 2
    Law Enforcement officials are NOT in the business of justice. They are in the business of law enforcement. The stupidity or inapplicability of the law doesn't enter the picture.

    This is MOST informative.

    Unfortunately this probably IS the reason why it is all messed up.

    Law Enforcement without justice is arbitrary, and is a greased skid to dictatorship (pick you favorite)

    It is a blind spot that is likely the achilles heal of our world. This is _exactly_ what is going on with the DCMA, the MPAA, the RIAA, etc.

    Law Enforcement, not Justice.

    --
    "It is a greater offense to steal men's labor, than their clothes"
  23. Re:"Inciteful" is not a word by Anonymous Coward · · Score: 0

    Isn't hope a verb, genious?

  24. Steve Levy's new book "Crypto" by peter303 · · Score: 2

    Has a nice history of PGP.