Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cryptographic Software in Debian's Main Archive

Posted by michael on from the groundbreaking-events dept.

Cine writes: "James Troup and Sam Hartman recently sent a note to all debian mirror maintainers, to inform them about the current situation and future plans. Sometime after March 8th, crypto software like OpenSSH, SSL support, and many other enhancements will be integrated into the debian main archive. This is in accordance to legal advice the Debian project received."

4 of 96 comments (clear)

  1. Crypto by Ashcrow · · Score: 5, Interesting

    Crypto helps aid in privacy, and privacy should be available to everyone no matter who they are or where they live.

  2. IP address based restrictions by cabbey · · Score: 5, Interesting
    From the lawyer's response:
    Simply posting cryptographic software on a server that may be accessible from an embargoed country does not constitute ``knowledge'' that the software has been exported there. Therefore, criminal liability would not apply to the act of posting. We recommend that you perform IP checking and deny downloads to known embargoed countries. This due diligence also would provide a defense to a claim of civil liability. If you find out that your software has been downloaded to a prohibited destination, then I recommend that you block future downloads to that specific site unless and until you obtain a license from BXA.

    This is the second time I've seen this "recomendation" come out of a legal organization, in almost exactly the same wording no less. I've got to believe therefore that they are pulling it from some other source, such as an official regulation or other document.

    Does anyone have such a list though? Can anyone provide a copy of it? Is it even technically possible to generate? In real time, or even close? I mean sure, it's technically trivial to implement this blocking, just a few iptables/ipchains commands, or some entries in the firewall's firmware... but I think getting that list to begin with is nearly impossible. How do you know where the other end of the phone line that is dialed into some modem bank on the other side of the net is?

    In the last instance that I saw this (an external server at work) corporate legal was threatening to pull the plug if the admins didn't provide proof they were doing this. After much head scratching and searching the net my sugested response was that they would be happy to implement this just as soon as the legal department provided them with such a list.

    I'm told they never heard back from legal on that topic.
    1. Re:IP address based restrictions by Waffle+Iron · · Score: 5, Funny
      I sleep better at night knowing that through the tireless diligence of webmasters all over the world, running millions of reverse IP lookups every day, there is probably not a single copy of ssh available in any of those countries. Kudos to all those who participate in this grand, impenetrable virtual fortress.

      This achievement is a real testament to the vision and wisdom of our leaders.

  3. Money is spent on being sneaky... by Futurepower(tm) · · Score: 5, Insightful


    It amazes me that the U.S. government has done as much as it can to try to outlaw privacy. To me, it seems that things are out of control in some parts of the U.S. government. The U.S. spends more on surveillance of everyone everywhere than any country ever has in the history of the world. Money is spent on being sneaky, rather than on making good relationships.

    It is futile to try to avoid the export of software, particularly when having it is legal in other countries. Yet taxpayer money is spent on this. The U.S. government, in my opinion, should not try to control the entire world.

    More on the extremes of U.S. government policy: What should be the Response to Violence?

    --
    Bush's education improvements were