Congress Considers Mandatory Crypto Backdoors 1105
disappear writes: "Wired news reports that Congress is considering restrictions on crypto software in the wake of the terrorist attack. 'Nuff said." This will be the next battle -- especially in the wake of this week's tragedies, and the the allegations that the prime suspect Osama Bin Laden is a heavy crypto user. The battle of privacy and safety is going to begin in earnest now.
They can, rather easily- make crypto criminal. (Score:5, Informative)
IMHO, this is just one more step towards a police state.
This was inevitable, but it's still sad... (Score:5, Informative)
This is base grandstanding by a politician in the wake of tragedy. Saying that it needs international cooperation is tantamount to admitting that it can't be done and setting up to blame the rest of the world when it fails.
The constitution was written by a group of people that had visceral knowledge of what it means to need a revolution, in the bloodiest sense of that word. Our modern laws would be a lot better if they were informed by that same knowledge.
Re:Independant Crypto Software (Score:3, Informative)
umm, "stenography" is "The art or process of writing in shorthand." according to dictionary.com [dictionary.com].
I think what you meant was "steganography", which is "The art of writing in cipher, or in characters which are not intelligible except to persons who have the key; cryptography.".
Impractical and Scary (Score:2, Informative)
Re:Heavy crypto user? (Score:5, Informative)
BTW, did anyone else see the interview? I'd like to get this guy's name. It was on Newsworld about 3pm AST, I think.
Re:Mixed feelings (Score:3, Informative)
My x brother in law wrote an article in left wing Z magazine about the special federal circuit court that is specifically set up to approve wire taps. I forget the year and the exact numbers but they rejected something like 4 out of 23.7 THOUSAND. We ALREADY have a guarantee against unreasonable search and seizure and right to liberty. It is the basis of all our law. It is the Constitution. Pledge of restraint and honesty? You have me rolling on the floor!!!
Oh, and by the way he had a white van outside his house for a week - night and day. My nieces even brought the spooks cookies....yeah, and he was a real threat. He is a newspaper sports writer mostly.
Re:Off topic: Why put []'s after links? (Score:1, Informative)
--MarkusQ (karma shields up!)
We MUST lobby against this (Score:5, Informative)
Alright, now to the non-reduntant part of my post. On Tuesday, Tom Clancy was on CNN in the afternoon. CNN had Tom, because Tom wrote a book about terrorists chrashing a plane into the Capitol building, and killing both houses of Congress, and the President. Well, Tom said that the real problem we had in not seeing this coming is that the CIA employs some 20,000 people, and only about 800 of them are spooks. The only way to fight terrorism effectively is with a large, well-trained intelligence corps. We need at least twice, if not three or four as many spooks out in the field, infiltraiting these terrorist groups, so that we are aware of these plans before they something like Tuesdays events happen.
Cryptography isn't our problem, an incredibly small spy system is.
foxxtrot
Attention: Techno/Privacy Snobs (Score:1, Informative)
1) Your openess to this type of legislation depends on how willing you are to give up some of your freedom for security. Ultimately, governments always exist to restrict some freedom (some loony isn't free to kill people after all), in exchange for security. Any freshman anthropology class covers that. Maybe you haven't been affected directly enough yet to think it is necessary.
2) If you think this is some new type of breach of privacy. Come on. Postal mail is already this way.
3) If you think it won't work. As someone pointed out earlier, with Carnivore everywhere, people using encryption without backdoors can be detected (and located). Data hiding won't work for long either. I recently read that a prof. at a major university has developed a program that can make very accurate odds of whether a picture contains hidden information. It can't decode the information, but that just goes back to my last statement.
4) If you think the risk of abuse is too great. Maybe, maybe you're right. But if you're worried about financial information, think about how much goes through the postal system already. And as far as the bad employee abusing information, remeber far fewer human hands will touch your electronic data than your postal mail. Also this gets back to your sense of security. At some point you'll take the risk of your information being exposed to the government in exchange for the safety of not getting hit by a terrorist attack.
Ultimately, to be secure you must give up some privacy. The hard question is how much privacy must we give up in order to achieve that security. It's not an easy question, and I'm not sure where that line should be drawn.
But people, please don't be so naive to think that it simply goes without saying that encryption backdoors are unexceptable tyranny. It's just not so. I agree this may not be the first action that should be taken, and for technical reasons that many have pointed out, it wouldn't even work today. However, it can be made to work tomorrow. And someday, if the other measures we take to secure our world are still incomplete, far fewer of you will be so quick to denounce encryption backdoors.
92% give FBI more power; 71% say less liberty ok! (Score:2, Informative)
11. Would you support or oppose new laws that would make it easier for the FBI and other authorities to investigate people they suspect of involvement in terrorism?
Support: 92%
Oppose: 6%
No Opin: 2%
12. What if that meant giving up some of Americans' personal liberties and privacy---in that case would you support it or not?
Support: 71% (less liberty for more security)
Oppose: 24%
No Opin: 5%
Ben Franklin said something like... those who trade liberty for security will loose both.
Re:Mixed feelings (Score:2, Informative)
"This year* will go down in history! For the first time, a civilized nation has full gun registration! Our streets will be safer, our police more efficient, and the world will follow our lead into the future!"
--falsely attributed to Adolf Hitler (1889-1945), "Abschied vom Hessenland!" ["Farewell to Hessia!"], ['Berlin Daily' (Loose English Translation)], April 15th, 1935, Page 3 Article 2, Einleitung Von Eberhard Beckmann [Introduction by Eberhard Beckmann]
This quotation, often seen without any date or citation at all, suffers from several credibility problems, the most significant of which is that the date given (*in alternate versions, the words "This year..." are replaced by "1935...") has no correlation with any legislative effort by the Nazis for gun registration, nor would there have been a need for the Nazis to pass such a law, since gun registration laws passed by the Weimar government (in part to address street violence between Nazis and Communists!) were already in effect. The Nazi Weapons Law (or_Waffengesetz_) which further restricted the possession of militarily useful weapons and forbade trade in weapons without a government-issued license was passed on March 18, 1938. The citation usually given for this quote is a jumbled mess, and has only three major clues from which to work. The first is the date, which does not correspond (even approximately) to a date on which Hitler made a public speech, and a check of the texts of Hitler's speeches does not reveal a quotation resembling this (which is easily understandable when you realize that "Hitler" is commenting on a non-existent law). The second clue is the newspaper reference, which if translated into German resembles the title of a newspaper called _Berliner Tageblatt,_ and a check of the issue for that date reveals that the page and column references given are to the arts and culture page! No Hitler speech appears in the pages of_Berliner Tageblatt_on that date, or dates close to it, because there was no such speech to report. Finally, the citation includes a proper name "Eberhard Beckmann," which is sometimes cited as "by Einleitung Von Eberhard Beckmann," which is an important clue itself, because it reveals that the citation was fabricated by someone who had so little knowledge of the German language that they were unaware that "Einleitung" isn't the fellow's first name! The only "Eberhard Beckmann" which has been uncovered thus far did indeed write introductions, but he was a journalist for a German broadcasting company after WWII, and he wrote several introductions to_photography books,_ one of which was photos of the German state of Hesse (or Hessia), which may be the source of the curious phrase "Abschied vom Hessenland!" which appears in the citation. This quotation, however effective it may be as propaganda, is a fraud
French tried - it backfired (Score:5, Informative)
Phillip.
Re:I don't think so. (Score:2, Informative)
FYI:
O(log2(N)) == O(log(N)) == O(ln(N))
Identifying the base is unnecessary.
Re:I don't think so. (Score:2, Informative)
What if you used a `rubberhose` type system, where there are (possibly) multiple encrypted streams within a single block of data? Yes, theres a message in there. But is there 2, or 3 or 20?
Re:It will be USELESS for catching terrorists! (Score:2, Informative)
now if anyone can explain how being able to decrypt a message like this will let the authorities know that planes will be hyjacked and flown into buildings by people who don't know each other at a particular date and time, I'd appreciate it.
Re:I don't think so. (Score:2, Informative)
The point is, the pad needs to be aptternless, or it becomes very easy to break (no years or even days to break it). What you would do is add two patterns over each other, while with a random pad you would add a pattern with a non-pattern that destroys the original pattern totally.
Take the (admittedly ridiculous) case of encrypting Beatles "Abbey Road". As it happens, the key is Beatles "Abbey Road". The result is a file of all zeroes. Now, if an opponent got to know that a part of the message was a few bars from one of those songs - and the encrypted file was all zero, it doesn't take a genius to guess what the pad key for the rest of it is.
In a similar (but more complicated) manner, if the opponent can guess a part of the message (for economic espionage, some of the words "Pricing", "offer" or "profit" can be assumed, for example). Try these words out on the encrypted text. If the key is non-random, you will find a part of the key that can be searched for to recover the rest of the key. As an aside, this can be done even when the random distribution isn't perfect; once you can guess that some random values are more likely than others, you can take a large step forward in breaking the crypto. This is BTW also why you shouldn't use the same random key more than once.
With a truly random key system, on the other hand, breaking a part of the message (or using hints) will not help you recover any other part.
Many of the methods you can use to do this kind of analysis can be automated, so for a weak pad, you might talk about a breking time of minutes or hours, rather than weeks.
/Janne