Slashdot Mirror
Bernstein Cryptography Case Dismissed
notime writes "According to a post to export@list.cr.yp.to, djb's crypto case has been dismissed without deciding the constitutionality of the current regulations since the DOJ said the
government would not enforce several portions of the regulations. Bernstein said in a statement that he hopes the government keeps its promise - 'But if they change their mind and start harassing Internet-security researchers, I'll be back.'" EFF has a document archive for this on-again, off-again case against U.S. Government regulation of cryptography exports.
for jesus
beep
You, on the other hand, are FAT. LOSE WEIGHT you disgusting PIG. Thanks in advance.
goatse to the 4tomvooj
for hizzleof43f030fk00kj3NOCARRIER
DJB is the only mailserver writer that has to lie about the competition to get users. and it isn't free software either.
But if they change their mind and start harassing Internet-security researchers, I'll be back.
Or does that sound like a threat?
I have over 70 freaks, do you?
anybody know where to find some porn? I've been looking all over the internet, and can only seem to find a picture of the inside of some guy's ass, and another of some Japanese girl shitting up a geyser of oatmeal or something.
If you value freedom, i suggest you use qmail and djbdns.
They'll just pass a new law to get security researchers if existing laws don't work.
Subject: [IP] The Bernstein Cryptography Case Is Dismissed
From: Dave Farber To: ip@v2.listbox.com Date: Wed, 15 Oct 2003 17:41:19 -0400 Delivered-To: dfarber+@ux13.sp.cs.cmu.edu Date: Wed, 15 Oct 2003 17:19:29 -0400 From: "Peter D. Junger" Subject: The Bernstein Cryptography Case Is Dismissed To: Dave Farber
For IP if you consider it suitable.
This inconclusive ending of the Bernstein case is a consequence of the government's policy in cases where there are first amendment challenges to restrictions on the publication of software to claim that they have no intention of enforcing the law as it is written and thus getting the cases dismissed as moot.
The end result is that, though Bernstein had originally won in both the District Court and the 9th Circuit and I lost my later-filed case involving much the same issues---Junger v. Daley---in the federal District Court for the Northern District of Ohio, it is the 6th Circuit Court of Appeal's decision reversing the District Court's decision in Junger v. Daley that is the leading case holding that computer programs are speech that is protected by the First Amendment. In the Bernstein case, when the government amended the regulations forbidding the publication of computer programs, the 9th Circuit Court of Appeals withdrew its earlier opinion in Bernstein's favor and remanded the case to the district court, where the government claimed that they would not enforce the restrictions on cryptography against Dan Bernstein. In my case, on the other hand, the 6th Circuit Court of Appeals reversed the District Court's holding that the First Amendment does protect those who would publish software and then remanded the case to the District Court for further proceedings. At that point, rather than risking our victory in the 6th Circuit, we settled my case, even though the new regulations were---and are---constitutionally questionable.
Although my case is now the leading case holding that publishing software is protected by the First Amendment, I do not believe that we would have had our success without the efforts of Dan Bernstein and his lawyers from the Electronic Freedom Foundation.
------- Forwarded Message
From: "D. J. Bernstein" To: export@list.cr.yp.to Subject: Crypto Case On Indefinite Hold
PRESS RELEASE
Contact: Daniel J. Bernstein, press-20031015@box.cr.yp.to
CRYPTO CASE ON INDEFINITE HOLD
Chicago, 15 October 2003 - The longest-running court case against the government's encryption regulations has come to an end, for now.
The regulations were challenged by Daniel J. Bernstein, a professor of mathematics, statistics, and computer science at the University of Illinois at Chicago. Bernstein filed his lawsuit in February 1995 and won four court decisions against the constitutionality of the government's previous regulations.
In an October 2002 court hearing on the current encryption regulations, Department of Justice attorney Tony Coppolino told the court that the government would not enforce several portions of the regulations.
``I can assure you that the regulatory authority does not want [researchers who are collaborating at conferences] sending us an e-mail every time they change something in an algorithm,'' Coppolino told the court. Coppolino also said that commmercial book publishers and assembly-language publishers did not need to obtain licenses.
As observers predicted after the hearing, Chief Judge Marilyn Hall Patel of the United States District Court for the Northern District of California relied on the government's promises and dismissed Bernstein's case without deciding the constitutionality of the current regulations.
``If and when there is a concrete threat of enforcement against Bernstein for a specific activity, Bernstein may return for judicial resolution of that dispute,'' Patel wrote, after citing Coppolino's ``repeated assurances that Bernstein is not prohibited from engaging in his activities.''
``I hope the government sticks to its promises and leaves me alone,'' Bernstein said in a statement today acknowledging Patel's decision. ``But if they change their mind and start harassing Internet-security researchers, I'll be back.''
Before clicking on the links I had absolutely no idea what the poster was talking about - except that it somehow concerned crypto. Let's see:
djb's crypto case
What case?
DOJ said the government would not enforce several portions of the regulations.
What regulations?
Bernstein said in a statement
Who the hell is Bernstein?
BOO! TERRO
The Bearanstan Bears were always favorites of mine and to think they might end up in prison for volating crypto laws is unthinkable.
"Eve of Destruction", it's not just for old hippies anymore...
Another Jew story on Slashdot. If only they were all in Madagascar....
'But if they change their mind and start harassing Internet-security researchers, I'll be back.'
Does that mean he will be the next governor of California ?
The case archive is now http://export.cr.yp.to. That archive has about 200 of the case documents; the old EFF archive has only about 100.
but did anyone read that as Bearenstien as in Bearenstien Bears?
Tried to read the article, but it appears encrypted using the Lawyer-iese Obfuscation 2.0. I'm afraid if I decode it they'll prosecute me under the DMCA.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
We're even arresting those cute little bears now.
Is it just me, or does anyone else wish that the government was forced to enforce its own laws, instead of picking and choosing when and where to do so? There are a truly ridiculous number of laws on the books that are rarely enforced, until the prosecutors feel they have a "good" case to drop the hammer on some poor schmuck.
The public doesn't care about laws that aren't enforced, so most people break the law every day blissfully unaware. It would seem that laws that nobody cares about need to be done away with, instead of criminalizing large portions of the population.
I just hope the feds never try to housebreak a puppy.
I ain't evil, I'm just good looking.
Put deez nutz back in ya mouf.
Proud patriot and republican voter.
please just give us a break down one minute with an expert is worth an hour with google
Sex is what happens when people think no one else will ever find out
I just want to say thanks for the tireless efforts of the EFF in this case. In so many instances they are the only real force to bring intelligent discussion to the judicial system about technology and it's uses. If you don't yet contribute to the EFF coffers, perhaps this should convince you!
Fnord.sig
I read this OT from TrollBurger last night.
Subject:
ANAL TIME
Body:
your cousin's name is furnace, he's a fucking dwarf
That is so off the wall, it's still leaving me giggling to myself.
Original post HERE
I'm not a prophet or a stone-age man,
I'm just a mortal with potential of a super man.
I think these reposts of the whole article should only be modded up when the original site is likely to be slashdotted. In this case, since the site is pure text, that is MOST UNLIKELY.
In fact, I propose that the parent to this post be moderated down as redundant.
MM
--
By including this sig, the copyright holders of this work or collection unreservedly place it in the public domain.
I've heard Dan J. Bernstein being called a lot of things, but "security researcher" is a new one...
I interpret the article to mean that the professor's use of code decryption was legal, and that such coding in general is non-criminal.
Is this correct?
This post encoded with ROT26. If you can read it, you've violated the DMCA. Handcuffs please, sergeant.
o/~ Join us now and share the software
...this same judge has apparently been ruling on Napster stuff, interesting .pdf's on the Napster case also on the site....
o/~ Join us now and share the software
A more informative article here [news.com.com.com.com.com]
They call me the working man. I guess that's what I am.
Don't worry. The author is just trying to be cryptic... if you knew the code, you'd completely understand the article.
!
jhgld4djbdyfsjn4b/vf84gf*fdsgfg+fdh5hdgh8fghg!!
So, Did I get this right? -- Dan Bernstein's encryption software is free speech and protected by the First Amendment, but DeCss decryption software is not.
I know that the politicians that make these laws are the best that money can buy, nevertheless, I'm still confused with all of this. Help me understand.
Thank you, Daniel Bernstein. You had the guts to stand up for your principles, doing us all a great service in the process.
There. Now go ahead: Mod -1: politically incorrect.
Here you suggest that people must be "controlled" - which implies that people are incapable of controlling themselves. Then, in the very next paragraph, you say:
Your freedom comes with responsibility.
This implies that people *are* capable of controlling themselves.
You can't have it both ways: people who exercise self-control do *not* need to be micro-managed by the government.
I disagree with your apparent belief that a repeal of the bulk of the laws on the books would lead inevitably to cultural suicide, because I disagree that people are "fundamentally lawless". If they were, then no amount of laws would be sufficient to control the people, because the people would simply ignore the laws.
Arrr!
This is just a way the government evades constitutional scrutiny. Drop cases they think they'll lose, without conceding the principle. And pursuing those they think they'll win. So their wins count and their losses do not. When the legal climate changes (e.g. a judge is replaced, another terrorist attack occurs), they go ahead and try again on those cases they thought they'd lose before.
despite what people think how eccentric djb is this is still a major win for someone who actually stood up for what he believed in rather then people who say what they believe about the the SCO case or the RIAA or MPAA.
DJB is accepting donations here for his case and for his open source writing.
Numerous people and businesses have benefited his work and he deserves every contribution he receives.
Although I don't disagree with your conclusions, I'd like to make a few ad-hominem observations.
Your speech is typical of the prevailing socialist mindset. Like many brainwiped propagandites, you believe that governments have rights, whereas individuals don't.
The only thing that has changed, really, is that the autocrats have learned from history to perform their encroachments more slowly, to avoid inciting rebellion.
The Web is like Usenet, but
the elephants are untrained.
Why is it that in america its absolutely fine for people to own high-power rapid fire chain guns, but not afew lines of code? Lets say for example (ignoring the fact that encryption is free speech anyway) that theres a war and everyone needs to "bear arms", wouldn't encryption count as a weapon to allow people to communicate without the enemy hearing? so whats the problem? Just because its newer technology shouldnt make a difference. If the bill of rights was written when bows and arrows were a common weapon would guns be illigal because they are much more hi-tech? If they were then people would be saying "hey thats not fair, when we have to bear arms we'll have bows and arrows and the enemy will have guns!"!
And another thing while im at it. If hacking (basically doing anything you like with a computer) was protected under the first amendment (im not saying it would be good or bad, just speculating). Eg. if it was decided that "anything involving bits on a computer was just information and thus speech" then what would happen? companies would go mad from hackers and beef up their security - probably employing allot more hackers to help them. (thats more jobs).
Why is accessing a remote computer without permission an offence? if that machine is connected to a network that you have legal physical access to then isnt it up to them to secure it? Unless your sending 25,000 volts down a line (which should be physical damage), digital breaking and entering is not the same as physical breaking and entering. Every door has a bigger hammer that can knock it down, every bolt has a sharper cutter that can slice it. However a properly secured system should be able to take any pattern of 1's and 0's and be able to survive until it gets that "correct" sequence (which can be too long to brute force), unlike a door which just cant be secured like that.
Ok, this is slightly off topic, im just trying to understand why we have laws regarding what you can do with 1's and 0's
This comment does not represent the views or opinions of the user.
I thought the concept of software as protected as speech
was already tossed out with the DeCSS case. The ruling
there was that DeCSS was NOT protected as free speech.
So the Bernstein case seems like "too little, too late".
From the comments in this case, it seems like it is quite
clear that it's established that code is speech. But that
seems not to be reality here. Please correct me if I'm wrong.
Illinois had a seatbelt law passed this way...
"We won't give tickets for it unless there's an accident", now they pull people over for it.
While I won't necessarily argue with the law, the TRICK used to pass it was a flat out lie.
Maybe laws and some rules should have a time limit associated with it. If it hasn't been enforced in $many years, it becomes null and void.
Some laws at least.
Here at the University of Illinois at Chicago, they don't let this guy teach anyone but PhD students.
A few years ago, he wrote an exam for a CS 101 class, and the dept head felt he couldn't even pass it.
Why do they want to ruin freedom of speech/research when they should arrest him for qmail instead!
Man, have you tried to understand the installation instructions???
Evolution of Language Through The Ages: 6000 BC : ungh, grrf, booga 2000 AD : grep, awk, sed
...governments have rights, whereas individuals don't.
It seems to me that, yes, people have rights, to be certain, and they are inherent in the makeup of the human existance. Hence the recognition of this by the founders of the United States in the US constitution.
But, because the US founders recognized that governments are necessary institutions, they also understood that the People need to delegate some of their rights to the governement, in order to secure certain benefits that they otherwise wouldn't have. This delegation took place originally in the ratification of the US constitution, whereby the People delegated certain rights to the government (namely: effect commerce and secure the common defense).
This means that governments (or, rather, at least the US government), does have rights...in theory it is set of rights that was given to it by the people.
These rights can be extended or removed through the leglislative process (or abused, but that's a different conversation). My point is that, at least in theory, the process is there for the People (as a group) to control the government, but, at the same time, give up some of their rights (as individuals) to the government. So, you can have a government that controls a given aspect of a person/the people's lives, such as a restriction of the export of crypto, but, again, in theory it is because that is what the People chose to allow. Not that it always works this way (obviously), but it seems to me that this is close to what the US founders had in mind.
Just my two cents...
Don't click on that link unless you're into chicks with dicks.
According to the Constitution (not that it means anything, these days) governments don't have "rights." They have "powers" which are granted to them in order to secure the "rights" of the people, which rights are "inalienable."
The word "inalienable" means "cannot be taken away."
The word "secure" does not mean the same thing as "grant". Governments can grant privileges but they cannot grant rights.
According to the constitution, governments derive their just powers from the consent of the governed. Historically, the use of "prior restraint" has never been viewed as a "just power."
To paraphrase the conversation between DJB and GOV:
If that doesn't constitute prior restraint, I don't know what does.
The Web is like Usenet, but
the elephants are untrained.
Why is accessing a remote computer without permission an offence? if that machine is connected to a network that you have legal physical access to then isnt it up to them to secure it? Unless your sending 25,000 volts down a line (which should be physical damage), digital breaking and entering is not the same as physical breaking and entering. Every door has a bigger hammer that can knock it down, every bolt has a sharper cutter that can slice it. However a properly secured system should be able to take any pattern of 1's and 0's and be able to survive until it gets that "correct" sequence (which can be too long to brute force), unlike a door which just cant be secured like that.
I may be splitting hairs here, but from my perspective as a computer engineer, the information in a computer system has a very real physical presence, whether it's the charge held in one cell of DRAM, or the orientation of some magnetic elements on a disk. While it's true that these physical elements change while the machine is running, they are doing so in a way that is intended by the owner of the machine, much like the pistons, valves, flywheel, and transmission all interoperate in a way that enables your vehicle to work as expected.
To continue the analogy, you may legally borrow someone's car, and use it in an acceptable way. However, if you deliberately take that car out on the highway and suddenly shove the gearshift into reverse, causing the transmission to self destruct, you wouldn't claim that it was the owner's, or even the manufacturer's responsibility to secure the car from letting you do that. Correct? In this case, you are guilty of a form of vandalism, or if you're just incompetent, then you're at least liable for the damage.
Likewise, if someone starts poking around the interfaces of a computer they find on the network, and finds a way to make the machine perform in an unintended way, or causing it to lose data, then that person should be liable for the damages.
Now, certainly we lock our cars to prevent just anyone from taking them, and we should put a reasonable amount of protection on our computers to secure them as well. However, if someone defeats the locking mechanism, or cracks into your computer, both are crimes of unauthorized access.
Is it my fault if someone slides open an unlocked window on my house, comes in, and steals a bunch of my stuff? Most of you would agree that I'm not at fault, though perhaps I should keep my window locked 24 hours a day. Why would you then think that it's ok for someone to damage another person's machine, whether they secure it or not?
Look, I'm all for hacking, but do it on your own system, not mine.
"I have never let my schooling interfere with my education." - Mark Twain
it appears that you're assuming I was commenting on the "prior restraint" part...which I wasn't. The only thing I was responding to was the "government rights" part as I don't really have an opinion yet on prior restraint.
Though I do see a difference between "rights" and "powers", I also see a lack of practical difference as well. Take the following for example (somewhat relevant for our time):
The People grant the Government the Power to wage war.
Now, what power is useful without the right to exercise it? No power is. It requres not only the ability, but the authority, or right, to take the action. The authority is delegated by the people, and they retain the right to revoke that authority (or right), as they hold (in theory) ultimate control over the government. However, they still grant a portion of their "inalienable" (cannot be taken away from them, but it seems that one can certainly freely relenquish it) "rights" to another entity.
The word "secure" does not mean the same thing as "grant". Governments can grant privileges but they cannot grant rights.
This sentence, in context, makes no sense. The first part doesn't apply to anything either you or I wrote. The second part was never suggested by me, as I suggested that the People granted (or "freely relinquished") certain of their rights to the government, not the reverse.
Now, to prior restraint. I still don't have an opinion on it yet, and I'm not going to address what you wrote, except to make one note:
It seems to me that the government's response in your posting is within the limits of their rights/powers/etc, in that the government basically admits that one must "incorporate", "hire...employees", etc. before they believed it relevant. Interestingly, it appears to me that the only rights/powers/what-ever-you-want-to-call-it that the US government could legally exercise falls under one of two categories:
- Secure the common defense, or
- Effect commerce
Looks to me that #2 is applicable to the government's response, which, paraphrased, might read something like this:
DJB: I wrote some information and would like to publish it. If I did, would you prosecute?
GOV: We might. But you should have a hand in some commerce before that's a relevant question ( because otherwise we don't have the right to do so).
Again, just my $0.02. I am not a constitutional scholar...just a network engineer.
I'm sorry; much of my comment was directed at "Eric Ass Raymond", but I still bristle at the mentality (admittedly a numerical majority in this country) which turns the Constitution on its head.
Rights cannot be given or received. They can be "abridged," or interfered-with. A government may pass laws which make the free exercise of my rights a crime punishable by death, but only death can remove my right to exercise my rights.
I assert that "rights", within the context of the Constitution, are granted by the "laws of Nature, and Nature's God." They are inalienable, an inherent part of our existence as free-willed human beings.
I have the right to communicate. Nobody can take away that right, short of cutting my throat.
I have the right to defend myself (keep and bear arms.) Nobody can take away that right, short of killing me. If dangerous criminals in maximum-security prisons manage to obtain weapons, then it is well-nigh impossible to deny them to the people at large.
I have many other rights, which are inherent to any free-willed, thinking creature. Governments are not free-willed, thinking creatures. They have no natural powers by virtue of existence. They have only those powers that we grant them by our willingness to "go along with it." Those powers may be vast (inconceivably greater than the founding fathers could have imagined) but they are not "rights." The government does not have a morality; it does not have a conscience; it does not have life.
At one time, I enlisted in the United States Navy. In some small way, I suppose I implicitly supported the U.S. Goverment's ability to wage war. But in so doing, I did not give up (or even delegate) my right to defend myself. Nobody in the U.S. government swore an oath to defend me. Quite the reverse, I swore an oath to defend the U.S. Constitution against all enemies, foreign and domestic. (Sadly, its most dangerous enemies are domestic, these days.)
The wording of the Constitution does not say that the government derives its powers by virtue of the people surrendering/relinquishing/delegating/granting their God-given rights to it, by proxy or otherwise. The Constitution says that the government "derives its just powers from the consent of the governed."
Aw, forget it. I'm wasting my time. I shouldn't expect you to actually read the Constitution. After all, you're a network engineer, not a constitutional scholar.
But I applaud Dan Bernstein and the EFF, and I spit my distain at the cowardly scum who denied them their rightful victory.
The Web is like Usenet, but
the elephants are untrained.
I agree with some of what you wrote, but I disagree with other parts of what you wrote.
All of that is moot at this point, because you decided to throw an insult instead of talk. You had me listening until you threw in "I shouldn't expect you to actually read the Constitution."
For your information, I have read the constitution, many times. Just because I admitted that I'm network engineer and not a constitutional scholar doen't mean that I haven't taken the time to try and understand any of it.
And...I also spent, what was it, oh, only around 10 years in the military.
You apparantly are "wasting [your] time" at this point, but that's because of your attitude, not mine.
Asshole.
You say that now, but if I started using a computer to order things online, and paying for them using your bank account # or your credit card number, I'm sure you would feel that I had stolen from you. You would be right - but I could do it all over the computer, which you claim shouldn't be an offense. The idea that people should be allowed to hack companies systems, that theft or destruction of information isn't wrong, and that anything you can do over a computer isn't "real" is complete bullshit.
You're right, if hacking were entirely legal, many hackers would find employment. Others would turn into legalized crimininals, stealing from honest folks. DoS attacks on competitors sites would be quite common, and information theft would be rampant. Some companies would disconnect fro the net altogether (which doesn't bar employees from using computers to do your legalized destruction, but helps limit external attacks.) And a number of business would go out of business. <sarcasm>Great plan.</sarcasm>
Before you manage to pass this law, I should get a job at a bank. After all, when I become an overnight millionaire, it'll just be 0's and 1's.
Sorry you felt insulted. But then, in another way, I'm glad. I'm glad you think enough of yourself and your country to take offense when somebody implies you haven't read the constitution.
(grin!) Guilty as charged. For me, this isn't a hypothetical discussion.
The Web is like Usenet, but
the elephants are untrained.
We can have the "few lines of code". The prohibition is against the export of cryptographic stuff. You see, they reworded ITAR such that publication of source code was considered just as bad as selling actual encryption devices to [China|Russia|N.Korea]. Subsequently, the state department (or is it commerce now?) claimed that under the new definition of "export", all books containing info on strong cryptography had to be approved by them before publication. The court basically called bullshit on that line of reasoning on 1st Amd grounds.
If a job's not worth doing, it's not worth doing right.
At various points politicians have discussed mandatory key-escrow/backdoors, but also i was thinking of it being illigal to own various DMCA violating code - eg DeCSS. Its entirely feasable that all sorts of circumvention devices could be used in war but would be illigal because of the DMCA
This comment does not represent the views or opinions of the user.