Slashdot Mirror
Interim Response from Philip Zimmermann
Overreaction to Washington Post ArticleIt seems that my recent clarification of how I was represented in the 21 September Washington Post article has itself created a deluge of harsh criticism of the Washington Post and the reporter who wrote the article.
People seem to be assuming the Washington Post is part of some grand conspiracy to restrict the availability of strong cryptography. I would like to say that this is an overreaction and a misinterpretation on the part of these critics.
I believe this was an honest misunderstanding by the people at the Post, and I never meant to imply in my previous clarification that this was done on purpose or with any malicious intent. On the contrary, I believe the Post worked hard to be fair in the story and had the best of intentions when they ran it.
Further, I'd like to say that all the individual facts and quotes were reported correctly. But the Post connected the dots in a slightly different way to conclude that I was feeling guilty even though I was simply feeling grief and anger just like everyone else since the attacks occurred. Overall, I thought the article was fine except for that one line that says I was "overwhelmed with guilt."
My purpose for sending out my original clarification was not to criticize the Post but to assure everyone that I am still standing firm on my convictions that PGP and other strong encryption products should be available to the public, with no back doors.
Through the years of coverage the Post has given the issue of cryptography restrictions, I have never detected any bias at the Post to promote restrictions on crypto. In fact, if they have any bias at all, it seems to be in the other direction. They helped me when I needed to keep the Justice Department at bay in 1995. We will need them again in the coming weeks as we in the crypto community attempt to keep the freedoms we have, as legislators try to impose new restrictions on strong crypto.
I find this jihad of criticism of the Post to be inappropriate. I can easily tell from talking with the reporter that her intentions were good. It is grossly unfair to punish her with all this hate mail. It's embarrassing to me and damaging to her. If anyone in the world of journalism wants any further clarification from me on that reporter's competence or journalistic integrity, feel free to call me directly and I will explain it to you in more detail.
I am in London at a data security conference, without as much Internet access as I have at home, so I cannot keep writing about this matter for much longer. I hope this letter is enough to put this matter to rest.
Sincerely,
Philip Zimmermann-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.3iQA/AwUBO7ILqcdGNjmy13leEQLryACfffYuStFXNTC0aWnJStMEAWsbQSgAn0ID d2bqoxnEbABk+1V/edlzC84A =uBHG
-----END PGP SIGNATURE-----
Dear Phil,
Do you think you could give the Slashdot crew a quick lesson in using crypto? From the way they've posted the last two missives from you, it's obvious they don't actually use PGP or GnuPG and have no clue how to transfer information in such a way that the digital signature remains valid.
I mean, providing a link to the original text file seems to be too hard for them, so maybe you could walk them through the procedure for verifying a document and then ask them to try and do that on their own postings, to see what they are doing to those of us who verify signatures when we see them?
I mean, what's the point of signing a message if no one can verify it? Not that I think Slashdot would lie, but for all we know they've been duped into posting something that isn't from the real Phil Zimmerman. Or maybe their stories are being tampered with-- it's happened to bigger fish recently (and Slashdot itself has been hacked before).
Thanks!
I do not have a signature
"FBI investigators had been able to locate hundreds of email communications, sent 30 to 45 days before the attack. Records had been obtained from internet service providers and from public libraries. The messages, in both English and Arabic, were sent within the US and internationally. They had been sent from personal computers or from public sites such as libraries. They used a variety of ISPs, including accounts on Hotmail.
According to the FBI, the conspirators had not used encryption or concealment methods. Once found, the emails could be openly read."
Guardian: How the plotters slipped US net
Credo quia impossibilis -- Tertullian
The ACLU [aclu.org] has a place where you can send a form-fax to your senator or congressman urging them to make an informed decision about the laws regarding cryptography. I sent such a message to my elected officials in Washington; you should to. I can't for the life of me find the actual link for the page again, but it is there, somewhere. I will post it as a reply here.
Also, elsewhere on Slashdot, again I can't find the link again, there is a very well-written letter that the author said he would allow for use provided it was modified a little bit.
If we don't want something to happen, we need to make sure to tell our government about it. They are there to represent US, and if we don't want something, it shouldn't happen.