Slashdot Mirror

← Back to Stories (view on slashdot.org)

House subcommittee passes crypto bill

Posted by Hemos on from the heading-to-the-floor dept.

kabir writes "Computerworld Daily reports that a House of Representatives Subcommittee has just passed a bill (H.R. 850) easing crypto export restrictions. Interestingly, there are also clauses preventing government officials from forcing people to decrypt data. It's not law yet, but looks like it's headed that way. " It passed unanimously in the subcommittee and is headed out to the general House.

1 of 133 comments (clear)

  1. Problems with H.R. 850 by fluffhead · · Score: 4

    Overall, seems a lot better than the status quo, but several problems remain:

    1. The bill seems to have an NSA/FBI/CIA inspired loophole - it only relaxes standards on user-"inaccessible" or non-"end-to-end user encryption" products. In other words, you can use whatever you want to connect securely to your ISP, but not to use strongly encrypted VPN tunnels, or send encrypted messages via PGP/voice scramblers/whatever. The intent seems to be that the powers-that-be will still be able to tap your cleartext (presumably only by warrant, but what about the NSA's reputed ubiquitous taps?) at the first unencrypted hop. Of course, with PGP et al. already out of the bag, this may be a moot point anyway.

    2. The tack-on penalties for using encryption in the furtherance of a crime, seem like they might run afoul of the Fourth and/or Fifth Amendment. Of course, our current batch of Supremes will likely not see it that way, especially if drug dealers and kiddie porners are the ones being prosecuted for encrypting the evidence. Besides, the cops will only be able to tell if the encrypted stuff was related to the bad stuff if they follow their current routine - seize everything that even looks like a computer, and try to crack all of it. This bill merely encourages that kind of overreaching behavior. More martyred Mitnicks to come? Start generating those 2048-bit keys now... maybe the statute of limitations on your crime will run out before they can decrypt your data. Does "self-incrimination" cover giving up your PGP pass-phrase?

    3. It still has to make it past the Senate.... and judging from our enlightened members of both houses ("Ten Commandments" in every school, anyone?) a lot more could go wrong from here.


    #include "disclaim.h"
    "All the best people in life seem to like LINUX." - Steve Wozniak

    --

    #include "disclaim.h"
    "All the best people in life seem to like LINUX." - Steve Wozniak