jacks at the desks are not active.† Use
the hubs.† But if you donít have a HLS
roaming-registered network card, donít plug in at all!
comments Ė via http://cyber.law.harvard.edu/is99/ask
joint meeting of MIT and HLS class
Davidson- crypto expert from D.C.
Seiger- voice of net in crypto policy
Calstrom channeling (via DW)
of crime, terrorism, money laundering
sophisticated, take advantage
to infrastructures of all sorts
basic public services at risk
to law enforcement
band of civil libertarians
who argue for rights to ultimate privacy
of absolute secrecy
is sophisticated enough to achieve complete veil
enforcement needs wiretapping capability
critique of this
used to being surveilled
gained use to stop threats
says crypto is new weapons
just wants status quo
why this isnít so
is new media
is the most insecure medium
travel through many locations/computers
to read these messagesóplaintext
4th Amendment outside of U.S.
needs it to protect infrastructure
threat to law enforcement
age of wiretapping
way that any conversation can go unlistened to
1 chance to have secure communication
to be possible frequently
Golden Age of Wiretapping- Why?
bounds on wiretapping
that many wiretaps done
Lots of ways of surveilling
wants to be able to listen to all communications
FBI wants to do this with legal process
FBI needs wiretap authority to look at communications on internet now
AD: There are no legal controls outside of the United States
rights orgs use encryption devices to avoid threats of oppressive governments
protects us from the FBI?
lengthy to get order
doesnít surveil outside U.S.
citizens being tapped also
agencies, foreign can tap
if U.S. wants to search outside U.S.
have technology to protect communications world wide
may not trust foreign surveillance organizations
advocates strong encryption with legitimate law enforcement access
does not purport to control encryption all over the world, but that is no
excuse to give up on all control
for secure communication with possibility for third party access with an
do not want to provide complete security with no 3rd party access
could lose encryption keys
of commercial applications
work with law enforcement to access where legitimate
who we want to be the third party
enforcement goes to that person for access
different than normal wiretapping-telephone company could do this now
also serve this function
backdoor built in to any encryption system creates huge security problems
requires a level of trust to the third party
Ė the people being surveilled do not know it under the key escrow system
encryption systems less secure on technology level
go for key recovery systems when they try to break codes
JS:† Another Voice: Computer Industry
like Microsoft, AOL, Novell,Ö
value for key escrow may exist, but there is in reality little demand for it
market place is afraid of Key Escrow
to global market, but FBI is tying high-tech industryís hands by restricting
Not FBIís place to dictate private interests
there impending doom in either scenario?
disaster from allowing encryption
disaster from allowing key escrow
will still be opportunity for law enforcement even when communications are
it really worth sacrificing all of our privacy and nationally and
internationally to aid a small number of law enforcement situations
this to an encryption arms race?
turn into an arms race because U.S. systems are already really good, difficult
erosion of 4th amendment protections in name of dealing with social
is a chance to boost protections
happened last Thursday
is policy actually created
between communication and data storage.
data- you might keep your key
little reason to store keys for that.†
Amendment step function, 4th=expectation of privacy.† Does building in access mean no expectation
and objective legal expectation of privacy.†
Comes down to what people are entitled to expect.
policy perspective, FBI will not live with whatever the high tech community
comes up with.† Who knows how big the
next step is?† Policy decisions should
be made about what to accept and what not to.
does the FBI need keys when it can seize keys?
time access to communications and stored data.
between search of a house, wiretapping and key escrow.† All comes down to accountability.† Notice.†
citizens to trust U.S. government, but what about when you donít?
say history of law enforcement abuses.
create a system that is easily abused invites abuse.
check from the cost of surveilling, now cost is going to be lowered.† Why status quo of now, and not the status
quo of before?
needs to be increased from status quo??†
Why do our policies have anything to do with Guatamala and/or
medium-impact of U.S. policy will have big impact.
of Key recovery is that it only works with other key recovery systems.† Meant to drive the global market into key
recovery.† World wide key recovery
are the standards for keys held in other countries?† How does anyone, any agency get access?
recovery troubling because they want strong encryption and key recovery.† Insidiousness of locking everyone out except
the federal govt.
doesnít want to look at everyoneís communications
wants access to communications of criminals
wants to do it through detached and neutral magistrates
way to get into communications is through surveillance, other way is physically
breaking down doors.† The physical is
donít care about crime, they care about money.
libertarians just want expansive reading of 4th Amendment.
Who cares about
this, who are the interested parties?
has been going on for five years
point:† Computer industry feels
boxed.† They want to sell technology to
global market.† Believe security
important in real time data and in stored data.†
to pursue a legislative strategy to push back limitations on export of strong
interests of civil libertarians and commercial interests.
respond to what civil libertarians say about commercial interests
interests care much more about export controls than about key escrow.
support in government for the commercial interests and civil libertarian
keeps giving in
happened last Thursday
blinked on this issue: export controls
liberalized the export controls
to minimal review (1 time) the government would allow export of strongest
behind export controls
people outside of states from having access to strong encryptions
people in US from having access.
that it doesnít get out of country
isnít hard to get strong encryption, was control effective
broken everyday.† We donít only pass
laws that are perfectly enforceable.†
the current system the honor system?
are lots of places to get strong encryption
good privacy.† Public domain encryption
terrorists legally have access to the strongest encryption.† Only law abiding citizens do not have the
wants to give citizens better security.†
Key recovery is not too hard for technology.†
problems] Ė may be fighting for perfect privacy, but for who?† Created a debate where we go way up the step
function or we keep ourselves locked in a situation where average user has
actually wants this privacy?†
rules for how much privacy people will actually have.
who arenít even on the net yet
of the future that people donít know they care about yet
thing we will not have is the status quo
new support for key proposals
are circumstances under which law enforcement can get access?
standards are not the full fourth amendment protections civil libertarians want
of the government or afraid of deviants/criminals.† Any happy medium?†
is a lot of encryption available but lots of opportunity for law enforcement to
can actually get virtually unbreakable encryption and no disaster yet
beginning to find other ways to enforce
empowered to do things by the internet.†
You canít trust government to protect your privacy.† Canít trust the industry to protect
you.† Individuals finding ways to make
sure they feel secure.† Looking to
standards and resolving legal questions.
Account and need 128 bit browser to access account on line, can I take it to
because of personal use exception
legal a few years ago.
personal use exception you must be diligent and keep your laptop secure from
foreign nationals and keep records of travel with encryption for seven years.
is a surprise, roll back from previous administrative position.† What is the real reason for the
roll-back?† Numbers in terms of income
that companies make from this change in policy?
to this announcement for a very long time.†
Typical of the history of police.
Bill w/ 260 co-sponsors and majority and minority leaders.† About to be debated and passed on house
floor.† Chances in senate questionable.† Chance of amendments possible.† But it had momentum.† Heading into election year.† Both parties want tech interests on their
side.† White House reluctant to have to
take sides in congressional debate.††
JS: skeptical of actual significance of this announcement.
debate in congress not over.†
JC:† several political dynamics.† Recognized by Clinton administration since
day 1 as a no-win issue.† Law
enforcement community: hard to step back and take long view of issue.† Compromise opens community up to severe
criticism at next terrorist incident that uses encryption.†
has been under constant pressure to do something.†
easy way or hard way.† Easy
way=technology fix that allows law enforcement.† Hard way=real threat of draconian legislation after next
enforcement would have liked to use the CALEA model and just fix it up.† Used to dealing with telephone
industry.† Have someone to go to solve
their problems.† Net is simply not like
that.† There is no one to call.
(point 6) swings other way too.† FBI in
trouble because of Waco right now.† May
be evidence of pendulum the other way.
that policy changed because it was the right thing to do.† Long time arguing that export controls
unsustainable.† Canít stop an idea at
the border and encryption is an idea.†
Ideas about encryption are not unique to the U.S.†
moving forward w/ staggering number of co-sponsors.† Dramatic change from a few years ago in terms of awareness in
Congress/on Capitol Hill.† Tremendous
amount of work by civil liberties and industry community.† Politics of internet issues bigger.† AD: change for the better.†
says: subpoenas requiring that individuals turn over keys.† Seizure of computers for notice.
close to the current policy.† Currently
requires turn over of keys and also plaintext.
wants to be able to get keys without notice.
open opportunity to not turn over keys and go to jail instead.
of 4th Amendment that you might choose to go to jail instead of
complying with what is required by law.†
Also 5th Amendment
does turning over the keys mean?
Password.† Something you say.† What about pleading the 5th Amendment.†
could immunize you.† Then you give the
word.†† The immunity only covers the word,
not the things that they find from the words.†
Can be introduced in court.† Only
word and fact that you knew the word that canít be introduced in court.
Department position: unless you have memorized entire encryption key, being
required to provide the key is not a testimonial act.† Equivalent of turning over a record.† Analogy is to safe deposit box cases.
voice missing: actual programmer.†
Everything seems to be policy based, not taking tech into account.† Programs not perfect.† How can you guarantee complete security for
a key bank?
is one of the fundamental questions
is that you canít secure it.
you build a backdoor in it is impossible to keep it from being hacked.
a world where your encryption key could be the most valuable thing you own, is
it reasonable to ask people to turn that over to a third party.†
complete security vs. no security, but having pretty good security, such that
it would really slow people down in trying to look at your stuff.† Pretty good privacy might be good enough for
debate.† Difficult to explain/educate in
political policy making arena.†
casting Ė senator talk††
itself has been an important medium in educating senators and congresspeople
about these issues.†
point: desperate need in Washington for people who understand and feel
comfortable talking about tech issues and can operate in a policy space.† These issues only becoming more important
question: do it in real live person
3A Ė Division by party
future world scenario.† FBI has keys w/
warrant requirement.† Govt canít get in,
students- majority but not consensus on world one
consensus on world two.†
†Unsubscribing from names list