Posted by
CmdrTaco
on from the bits-bytes-and-the-boys-in-dc dept.
TDO writes "A new encryption bill has passed a sub committee. Next it will go to the main Judiciary Panel. It may also have to go through up to four more Panels before it goes to the floor. The bill would loosen restrictions on encyption that could be exported. Read the article here. "
Nothing good ever came out of the House Judiciary Comittee, and the few good things that come out of other comittees (and state governments) always get clotheslined at the kneecaps by McCullum & Co.
This is the same bunch of losers that headed up a sense of the house resolution that read something to the effect of "Marijuana is a dangerous and addictive drug", smacked D.C. voters across the tender bits by not letting them count the votes for one of their ballot initiatives, and I'm pretty sure they're the ones that started the whole Monica/Clinton investigation.
Just tried to get a peek at what's on your site, can't get in from my.gov workstation.:)
I've got to get out of this place.
The problem isn't the crypto laws
by
Jason+Earl
·
· Score: 1
Checkout ftp://ftp.replay.com
It's safely offshore, and has all the crypto you could possibly want.
This bill is only good for large businesses
by
David+Jao
·
· Score: 1
Here is a Wired News article with a few more details on this bill. According to the EFF, the bill actually does nothing for individuals who want to write software. This includes most free software projects.
Any step towards loosening restrictions is a good one, but this bill does not address the concerns that the free software community cares most about.
I have a free program that I wish I didn't have to restrict access to. The article in question is vague about this--will it allow people who make crypto software to make their program available on a web page in the us without having to play the "Are you a US citizen" games.
Frankly, I doubt it. I think most people with programs like this will not go to the bother of filling out 15 government forms.
- Sam Trenholme
--
The secret to enjoying Slashdot is to realize that it should not be taken too seriously.
If you continue to have problems, send me a private mail affirming that you are a US citizen, and I will give you a temporary 1-hour password, or will try to resolve things at my end if you give the ip of the address you are trying to access my software from.
- Sam Trenholme
--
The secret to enjoying Slashdot is to realize that it should not be taken too seriously.
they already can. only the honest kiddie porn and foreign spies will no longer be able to send messages since they don't want to break crypto export rules.
The problem isn't the crypto laws
by
fishbowl
·
· Score: 1
It's the widespread obedience of them.
-- -fb
Everything not expressly forbidden is now mandatory.
The problem isn't the crypto laws
by
fishbowl
·
· Score: 1
Exactly, there aren't 275 million people doing exactly this. Therefore, civil disobedience is risky. There are too many people obeying the rules. Making too much noise about it.
-- -fb
Everything not expressly forbidden is now mandatory.
Let's see how many examples of "they shoulda used some kind of encryption" we can come up with...
Newt Gingrich probably wishes that he was using at least a digital cell phone with minimal encryption when he got scannered down in Florida some years back. He was discussing with GOP leaders how to dodge an ethics charge over a course he taught. It was a mild scandal, both for the political content of the call and for the accusations of illegal (wireless) wiretapping.
I think one of the British royals had an analog cordless phone conversation with his girlfriend taped too. It showed up in the tabloids.
Then there's the Reagan administration's email trail that came up during the Iran/Contra hearings. I think I recall this coming up when Ollie North was in front of congress.
There were the break-ins of liberal/left organizations in the US, where nothing was taken except the disks and address lists. The Central America group at least.
...The best argument for crypto I've seen, is in the user feedback section of Zimmerman's site: http://www.nai.com/products/security/phil/phil-l etters.asp . There, someone from a human rights group talks about police trying to get information.
Personally, I've had my email snooped by an unethical sysadmin once.
Well, what I got from the article was that if a given country already allowed encryption A to be exported from their country, then the US would allow encryption A to be exported into their country. This of course could potentially cause more head aches for developers like yourself, since you would have to say something like: "If you are in the UK, France, Japan, or the US, feel free to download..." Maintaining a list of countries where export was possible would be a pain.
---
--
---
"To know recursion, you must first know recursion."
you should be glad you stayed anonymous....
by
paulzilla
·
· Score: 1
Oh no, the NSA and other law enforcement and security agencies will never be able to decrypt messages sent by technical laypersons using exported encryption software. I'm sure that even if this bill is passed with wording that allows strong encryption software to be exported out of the US, which this bill wouldn't allow anyway, my dear anonymous coward, there will in all likelyhood still be NSA/CIA meddling/tracking going on. Perhaps users of encryption software overseas will be wary of encryption technology exported from the US, thinking that the exported software will have backdoors which allow for a key to be easily reconstructed or a message to be easily decrypted with a special key. Many feel this way about the technology which is currently exported: the US won't give out its strong encryption because it wasn't to be able to spy on other countries. I wouldn't be surprised if that suspicion was extended to exported string encryption. In any case, only a moron, whether pedophile, terrorist, drug dealer, soccermom, or middle aged white male, assumes that a message he or she sends will be impossible to decrypt if intercepted, regardless of the software he or she is using.
They can do it anyway. Import is legal
by
arivanov
·
· Score: 1
While it is illegal to export it is not illegal to import encryption in the US.
So all they have to do is purchase OpenBSD and set up a VPN. 384 bit blowfish (effective key length above 96 bit).
-- Baker's Law: Misery no longer loves company. Nowadays it insists on it
http://www.sigsegv.cx/
Read the full text of the bill, you idiot
by
arivanov
·
· Score: 1
See subj: Absolutely incorrect.
-- Baker's Law: Misery no longer loves company. Nowadays it insists on it
http://www.sigsegv.cx/
Hey Al Gore! Help us!!!!
by
SalsaDoom
·
· Score: 1
haha =)
Fuck all gore! let BILL GATES save us! we can make us a unbreakable 2bit encryption!
-- "Computers will never truly be free until the last windows user is strangled with the entrails of the last mac user."
Okey-dokey. I understand that we are not allowed to send really strong encryption off the US shores. But here's my question: Why does this matter? Are there no strong encryption programs that exists outside of the US mindshare? Surely, there are other programs just as strong that exist oursite of US lines, not beholden to idiotic US laws. Right?
IIRC, another important aspect of this version of SAFE is that it prevents the government from imposing Key Escrow requirements on encryption software. I presume that this provision is still intact.
Software requires a 15-day review, and it only happens once. In fact, only the MODULE that does the encryption needs verification... I intend to take full advantage of this if this bill goes through.
It's a first step, anyway. You know the saying about the rock rolling down a hill...
-- Taral
WARN_(accel)("msg null; should hang here to be win compatible\n");
-- WINE source code
You know, as a Canadian in the business of Cryptography, it's a lot better if we can sell to international customers and you guys can't. After all, your cryptographic software is *so* much more advanced than ours...:) HA ha!
Slashdot Mirror
Nothing good ever came out of the House Judiciary Comittee, and the few good things that come out of other comittees (and state governments) always get clotheslined at the kneecaps by McCullum & Co.
This is the same bunch of losers that headed up a sense of the house resolution that read something to the effect of "Marijuana is a dangerous and addictive drug", smacked D.C. voters across the tender bits by not letting them count the votes for one of their ballot initiatives, and I'm pretty sure they're the ones that started the whole Monica/Clinton investigation.
The Judiciary Comittee should be disbanded.
--Threed
Does anyone have a link to the text of the bill? This would be useful material for a research paper I'm doing on exporting encryption.
--Phil (My English teacher is probably going to regret letting us pick our own subjects...:)
355/113 -- Not the famous irrational number PI, but an incredible simulation!
Just tried to get a peek at what's on your site, can't get in from my .gov workstation. :)
I've got to get out of this place.
Checkout ftp://ftp.replay.com
It's safely offshore, and has all the crypto you could possibly want.
Any step towards loosening restrictions is a good one, but this bill does not address the concerns that the free software community cares most about.
Frankly, I doubt it. I think most people with programs like this will not go to the bother of filling out 15 government forms.
- Sam Trenholme
The secret to enjoying Slashdot is to realize that it should not be taken too seriously.
If you continue to have problems, send me a private mail affirming that you are a US citizen, and I will give you a temporary 1-hour password, or will try to resolve things at my end if you give the ip of the address you are trying to access my software from.
- Sam Trenholme
The secret to enjoying Slashdot is to realize that it should not be taken too seriously.
they already can. only the honest kiddie porn and foreign spies will no longer be able to send messages since they don't want to break crypto export rules.
It's the widespread obedience of them.
-fb Everything not expressly forbidden is now mandatory.
Exactly, there aren't 275 million people doing
exactly this. Therefore, civil disobedience is
risky. There are too many people obeying the rules. Making too much noise about it.
-fb Everything not expressly forbidden is now mandatory.
Let's see how many examples of "they shoulda used some kind of encryption" we can come up with...
l etters.asp . There, someone from a human rights group talks about police trying to get information.
Newt Gingrich probably wishes that he was using at least a digital cell phone with minimal encryption when he got scannered down in Florida some years back. He was discussing with GOP leaders how to dodge an ethics charge over a course he taught. It was a mild scandal, both for the political content of the call and for the accusations of illegal (wireless) wiretapping.
I think one of the British royals had an analog cordless phone conversation with his girlfriend taped too. It showed up in the tabloids.
Then there's the Reagan administration's email trail that came up during the Iran/Contra hearings. I think I recall this coming up when Ollie North was in front of congress.
There were the break-ins of liberal/left organizations in the US, where nothing was taken except the disks and address lists. The Central America group at least.
...The best argument for crypto I've seen, is in the user feedback section of Zimmerman's site:
http://www.nai.com/products/security/phil/phil-
Personally, I've had my email snooped by an unethical sysadmin once.
Other examples?
Well, what I got from the article was that if a given country already allowed encryption A to be exported from their country, then the US would allow encryption A to be exported into their country. This of course could potentially cause more head aches for developers like yourself, since you would have to say something like: "If you are in the UK, France, Japan, or the US, feel free to download..." Maintaining a list of countries where export was possible would be a pain.
---
---
"To know recursion, you must first know recursion."
Didn't this get posted a few weeks ago:
"Clueful Crypto Legislation"
Oh no, the NSA and other law enforcement and security agencies will never be able to decrypt messages sent by technical laypersons using exported encryption software. I'm sure that even if this bill is passed with wording that allows strong encryption software to be exported out of the US, which this bill wouldn't allow anyway, my dear anonymous coward, there will in all likelyhood still be NSA/CIA meddling/tracking going on. Perhaps users of encryption software overseas will be wary of encryption technology exported from the US, thinking that the exported software will have backdoors which allow for a key to be easily reconstructed or a message to be easily decrypted with a special key. Many feel this way about the technology which is currently exported: the US won't give out its strong encryption because it wasn't to be able to spy on other countries. I wouldn't be surprised if that suspicion was extended to exported string encryption. In any case, only a moron, whether pedophile, terrorist, drug dealer, soccermom, or middle aged white male, assumes that a message he or she sends will be impossible to decrypt if intercepted, regardless of the software he or she is using.
While it is illegal to export it is not illegal to import encryption in the US.
So all they have to do is purchase OpenBSD and set up a VPN. 384 bit blowfish (effective key length above 96 bit).
Baker's Law: Misery no longer loves company. Nowadays it insists on it
http://www.sigsegv.cx/
See subj:
Absolutely incorrect.
Baker's Law: Misery no longer loves company. Nowadays it insists on it
http://www.sigsegv.cx/
haha =)
Fuck all gore!
let BILL GATES save us!
we can make us a unbreakable 2bit encryption!
"Computers will never truly be free until the last windows user is strangled with the entrails of the last mac user."
I'm going to be optimistic and assume this is sarcasm.
Okey-dokey. I understand that we are not allowed to send really strong encryption off the US shores. But here's my question: Why does this matter? Are there no strong encryption programs that exists outside of the US mindshare? Surely, there are other programs just as strong that exist oursite of US lines, not beholden to idiotic US laws. Right?
RinkRat
IIRC, another important aspect of this version of SAFE is that it prevents the government from imposing Key Escrow requirements on encryption software. I presume that this provision is still intact.
Weblogging Considered Harmful:
Software requires a 15-day review, and it only happens once. In fact, only the MODULE that does the encryption needs verification... I intend to take full advantage of this if this bill goes through.
It's a first step, anyway. You know the saying about the rock rolling down a hill...
Taral
WARN_(accel)("msg null; should hang here to be win compatible\n");
-- WINE source code
You know, as a Canadian in the business of Cryptography, it's a lot better if we can sell to international customers and you guys can't. After all, your cryptographic software is *so* much more advanced than ours... :) HA ha!
Just jokin' - we support this bill, trust me.