Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Encryption Security

The Feds Thoughts on Clipper 100

Posted by CmdrTaco from the stuff-to-think-about dept.
An anonymous reader sent us this article which describes a bunch of stuff released as part of the freedom of information act regarding the clipper chip. Its an interesting look into the government's view of encryption (or at least, what it thought 10 years ago anyway. Now that they have the quantum computer that can crack all all communications, and the quantum disk drives that they use to store every packet ever, they already know your underwear size, to say nothing of a complete copy of your DNA for their cloning efforts).
This discussion has been archived. No new comments can be posted.

The Feds Thoughts on Clipper More

The Feds Thoughts on Clipper

Comments Filter:

  • hey! (Score:1)

    by Anonymous Coward
    I don't even know my underwear size!

  • Impact if passed? (Score:1)

    by Anonymous Coward
    What are your opinions on what the heck would have happened to our technology expansion in the 90s, esp. with business streamlining and e-commerce, if Clipper had been passed prior to 1995 as proposed? (1995 is, imo, roughly about the time the seed of the Internet really started to mull in folks mind, preceding the economic interest in 1997 and later.)

    I look at the impact DMCA (and not yet but soon, UCITA) has already had. I look at the change in copyright laws which extended intellectual property well-beyond the lifetime of the creator, and of the extension in time a patent can be enforced. I see these things as rather negative, in *small* part to blame on the mentality people have with the current economy.

    What would have happened? And why were we able to defeat Clipper but not the DMCA, which, in the opinion of most, was a known bad thing before it happened? It is solely that big business was against Clipper but not DMCA?

  • Re:Clipper's Death (Score:1)

    by Anonymous Coward
    The paper that described the flaw in Clipper is at http://www.crypto.com/papers/eesproto.pdf [crypto.com]. It was published at the 1994 ACM security conference.

  • Re:More than Clipper chips (Score:1)

    by Anonymous Coward
    Amen! Things are rottener than they are generally reported. Clinton will turn out to be our version of Willy Brandt. Originally it was thought that Brandt was a victim of a spy ring, the exposure of which forced him to resign, but later he turned out to have his own KGB handler and code name: "Polar Explorer."

  • Re:Dead tech (Score:2)

    by Anonymous Coward
    Correct, it's dead. I really think it should have been regulated by federal law, just like it is in some European countries (like France, for instance.) You can't trust businesses to behave in an ethical manner, it goes against their greed.
  • they already know your underwear size
    That's why I wear mine a size too small.

    Plus it gives me that mean "don't bother me look" cultivated by top IT professionals everywhere!
  • Well, don't claim *you* can't be duped!

    I've personally spoken to someone who knows that there's an Illuminati!

    He also told me *all* about the 100,000 United Nations troops waiting in the woods of northern Minnesota, just waiting from orders from the Illuminati to come sweeping down across the United States into Washinton, DC, to establish a One-World government based on atheistic humanism!

    Don't you know *anything*???

    t_t_b
    --
    I think not; therefore I ain't®

  • ...or is that the Trilateral Commission?

    Whatever..

    t_t_b
    --
    I think not; therefore I ain't®

  • This thing kind of defeats the purpose of encryption which is to KEEP THE FUCKING GOVERNMENT OUT OF MY BUSINESS. (and any other nosy bastards.) This whole governtment intervention deal is a little to 1984ish for me.

  • Maybe the myriad of Spammers sending email out there could be a help to fill the FBI's disks with useless crap. As long as they're around there be lots of packets of crap to hide behind with the real encrypted data.
    Besides there's still freenet.
    Maybe someone could come up with an encryption algorithm that uses the same concepts as quantum computers yes, no and maybe and create a potential quantum race condition. ;-)
  • I repeat: Clinton did not have special relations with that government... the PMRC.

    Sigh. Right after submitting, I thought, "PMRC? What? You dolt! It's PRC! PMRC was Tipper's stupid music censorship effort! Augh!""

    Ah, well. Hopefully the sarcasm stands even with the error. You did notice it was sarcasm, right? You didn't? Oh, dear. Maybe I was too subtle...

  • "It's another example of the utter wackiness of the Clipper project," stated Michael Ledeen

    After all, wanting to have possession of my own material is wacky.

    I'll say this for them though: I'm glad they're telling us now instead of 40 years down the line.
    --

  • I'd be more inclined to define the entire U.S. government as "wacky," including our wackiest Prez ever, G.W. Bush.

    Wacky!
    --

  • The documents include a secret 1993 CIA cable on the "Clipper" project...

    So let me get this straight - in 1993 the CIA was still using the telegraph to communicate? Methinks they had bigger problems than the spread of cryptography :)

    Caution: contents may be quarrelsome and meticulous!

  • This knowledge is how they are catching the Chinese-American researchers who they keep detaining for spying and disclosing state secrets and such.

    Not to mention history professors that don't even have state secrets. Heaven forbid they bring information about China which is public knowledge out of the country.

    How do you say "Vive le Revolution" in Mandarin?

    Caution: contents may be quarrelsome and meticulous!

  • As long as it's a democratic or representative One World government based on atheistic humanism, sign me up! Or is the point that the Illuminati would be running things? 'Cause other than that it sounds great.

    Caution: contents may be quarrelsome and meticulous!

  • So what? (Score:3)

    by Jethro ( 14165 ) on Tuesday May 15, 2001 @09:29AM (#221835) Homepage
    The FBI knowing your underwear size is a GOOD thing.

    It means that when they handcuff you, they can use custom-made handcuffs that'll be more comfortable for you. Same goes for straitjackets - the taylor-made ones are FAR superiour to the Off-The-Shelf variety.

    Also when the FBI is out shopping for birthday presents, they know what kind of DVDs you buy so they won't end up sending you The Little Mermaid again.


    --
  • Ummm, you are a little off on both counts.

    1) The telephony-only version of Clipper was merely the first to market and the most well known. There were also data-oriented versions designed, referred to as "Capstone" chips, which were put into PCMCIA cards known as "Fortezza" cards. I actually have marketing liturature at home from Mykotronix (the chip foundry for Clipper chips.)

    2) True, in that it is harder to spy on people using Clipper than it is to spy on people using no encryption at all. The goal of the program was not to encourage people to start using encryption. The goal was to get Clipper-based products into the market to forstall the adoption of products without LEAF features. As the article states, outlawing non-LEAF encryption was clearly discussed.

    Of course, the slow uptake of encryption in the mass market despite the failure of Clipper indicates that maybe they had nothing to worry about. On the other hand, we might see a surge in the use of encryption at any time now. The CPU and network speeds are certainly there now to handle the overhead. Look at the success of SSH. I think nothing now of encrypting all of my files during transit using scp now. A few years ago, the performance overhead was significant. Now, it's minor.
  • Presumably, once Clipper was deployed, the use of any other encryption would have been outlawed. Otherwise, the government would have no incentive to spend effort on pushing Clipper.
    ---

  • Presumably, once Clipper was deployed, the use of any other encryption would have been outlawed.
    Then of course, as a law abiding malcontent I wouldn't use encryption.

    Heh heh.

    It would be one of those especially dangerous laws that mainly accomplishes nothing except increase the government's power, without actually protecting society in any way. There are a shitload of laws like this already, and a constant stream of bills to further outlaw things that are already outlawed.

    One function of these types of laws is that they can be used to harrass people who are otherwise not outlaws, by selectively enforcing them against "troublemakers." Someone been giving money to a party that isn't the republicans or democrats? Just carnivore their email for a while and if there's too much entropy, haul 'em into court so that their money gets spent on defense lawyers or fines, thereby protecting the no-more-than-two-parties system.

    Or, when they've got someone who has broken other laws, it gives them Yet Another charge to level against the defendant. Sorta like if someone commits murder and hides the body, and they somehow beat the murder charge, you still might be able to work around the 5th Ammendment by charging them with tampering with evidence, assault with a deadly weapon, etc.


    ---
  • The State Department has a rather archaic method of referring to things. There is, from what I've seen, a secure, encrypted message transfer system for communications between embassies and Washington. I'd speculate that No Such Agency is likely involved in running it, or at least the infrastructure of it.

    But even so, the messages are STILL referred to as "cables". . . from experience with a US Mission overseas....

  • No, the supermarket discount card means you get to pay the same prices other stores charge, in exchange for letting the store track your purchases. Example: here in Dallas, Albertson's has no store card; Tom Thumb has one. Tom Thumb's prices are outrageous without the card. With the card, they are only slightly higher than Albertson's.

    This information is not being used to make sure they stock the right kind of ice cream for you; they're already able to track aggregate purchases through their inventory system. What they are able to do is track specific purchases and offer you enticing discounts or associated purchases. Are you a regular buyer of condoms? They'll offer you premium brands, or foams, or pregnancy kits, or discounts on diapers and formula, etc. Buy Preparation H? You'll receive a discount coupon from your local proctologist...
  • ...is that it only dictates that you must eventually release the information.

    Not to sound too much the paranoid alarmist, but of the documents that the CIA and others have destroyed, "don't exist", or were not released -- what do those say?

    Until the Freedom of Information Act Part Now Redux states that all information must be archived (no more paper shredders and incinerators), we the Public will never know just what's going on.
  • I mean, just because "they" say it's ultra-mega-secret, then how does anyone know unless an independent auditor comes snooping around?

    Where the @#!! is Congressional Oversight in all this? Or is it an intentional oversight that Congress isn't overseeing it?
  • So let me get this straight.

    Instead of having communications only the government could listen in on, we have communications everybody and their dog can listen in on.


    And this is a good thing?!

  • does anyone remember when they stopped lying about it?

    Does anybody remember when they stopped talking about it?

    (I know; I know -- -1, Redundant....)
    /.

  • Looks like we wanted to spy on the populations of *other* countries, then realized that the governments of those countries might not allow it unless they were in on it *also*. Yay, exporting Big Brother everywhere.
  • I have nothing much to hide so how do I get the feds interested in investigating me..
    just a few thought to be added to:
    1/encrypt with an easy to decypt password (I am not important enough for them to try very hard :) )
    2/send lots of slightly altered binaries/gifs back and forth with your normal mail
    3/browse the hacking/conspiracy/revolutionary web sites
    4/use hushmail.com and/or PGP
    5/talk about unibomber type conspiracies on the phone
    6/use emacs spook command
    7/mention project echelon and Operation Vengefull

    Putting some of these ideas together:
    So basically I want to put a message [the president will be shot within the next month] inside a lightly encrypted message so when they decrypt it [maybe automatically] they think they have some information of value, or that they have to act upon, if they act you know they have read your message. Alternatively put in a really good original joke (they are hard to come by [whats brown and sticky? -- a stick] [standards of humour may vary]) and see if it gets back to you through the government listener. These are the two standard cryptography 'red book' methods of seeing if your communication channel is compromised.

    [I am not a good shot so I'll have to get someone else to do it. ]

    Turloch

    'There is a place for everyone in this struggle no matter how big or how small. Let us increase our strength and the strength of our analysis by finding a place for them all.'

    PGP key follows
    --
    YeP I HaVe NOT BoTHereD To GEt PGp -- yet

  • Impeach the Feds (Score:3)

    by joq ( 63625 ) on Tuesday May 15, 2001 @09:49AM (#221847) Homepage Journal
    Personally to me crypto its not a matter of "hiding criminal evidence from the feds" which is the basis of every single argument they'll thwo into the loop. As a citizen of the US you should be entitled as Amended to your right to privacy. What people rarely see is the level of abuse the Feds partake in regarding technology nowadays, abuse that happens on a scale that is barely told out of fear from sounding like an "anti-government" looney ranting about rights.

    As I posted in a prior thread, taking a look at some of the cases going down with tech (Jerome Hackenkamp [freesk8.org], Jim Bell [antioffline.com], and others) its regretful to see no one has truly questioned the methods of the FBI regarding tech. What we do hear about are overhyped situations fed to the media, in order for Big Brother to look like a martyr. (e.g. Notice every month they announce a so called "cyberwar", or expected DoS attacks?) Rarely does any media outlet post situations like the Hackenkamp situation or the Max Vision situation, and the judge flat out gagged the media on the Jim Bell case.

    So why is this done? Simple government does not want you to have the right to privacy when it comes to encryption, should they want to screw you as they have others, crypto makes everything more difficult for them to do so. Now when I say screw I literally mean screw. For those who have read the cases what happens is, when gov wants someone they'll use every resource in the book to get them. Even if its something as minimal as spitting on the floor. So to proactive people like Jim Bell, and Max Vision, who are likely to use crypto this makes their job that mich harder, so they take a "crypto is for criminals" attitude on the situation in hopes of proving that because some have used crypto for bad purposes in the past, everyone will as well. Argumentative however this isn't done when dealing with issues such as firearms. Why? Because when you have people like the NRA to voice out and pay politicians off, the situation quickly gets hushed, as opposed to tech where you have a handful of associations which attempt to help but are understaffed/underfunded/underadmined such as EPIC, EFF, and others.

    Privacy for life [antioffline.com]
  • *sigh*

    Read their charters. Oversight committees aren't as dumb as you seem to think they are -- believe it or not, their IS intelligence outside Slashdot.

  • The policy change (Score:3)

    by selectspec ( 74651 ) on Tuesday May 15, 2001 @10:02AM (#221849)
    The interesting bit on US Gov Encryption Policy is the dramatic change that occured after the infamous Chineese spy case at Los Alamos and the missing US State Department Laptop case. Both cases involved top secret data being stored unencrypted. At that time, the US Gov actively discouraged commercially available encryption via the export legislation. After those incidents, the reports concluded that the individuals in the cases didn't encrypt the information because of the expense and difficultly involved with the current day encryption technologies. The findings advised that the commerical restraints on encryption be lifted in order to more cheaply secure government data.
  • From Schwartau's Information Warfare: "... unless everone uses Clipper, the entire effort is futile. In order for everyone to use it, it would have to become a mandate or law, therefore making other forms of encryption illegal. That will never happen in an open society. Second, for Clipper to be accepted, theGovernment has to be trusted not to abuse their capabilities to decrypt private transmissions without proper court authorization, as is required today."

    If you search around for "Winn Schwartau" on Google, you'll probably be able to find your researcher. Information Warfare is a good read if you're parano^H^H^H^H^H^Hsecurity and privacy conscious.

    Further Reading

    Linux rocks!!! www.dedserius.com [dedserius.com]
  • "Now that they have the quantum computer that can crack all all communications, and the quantum disk drives that they use to store every packet ever ..."

    This is obviously sarcasm. :) While I realize the "X Files" is a favorite show of many Slashdot readers (myself included), as far as I know the existance of an advanced multiple qubit übercomputer capable of cracking every computer code is still only a fiction worthy of a Chris Carter subplot.

    According to the most bleeding edge articles I have seen mentioned here, and elsewhere, functional quantum machines are still several years away. :)

    And I wonder what a quantum disk drive would look like? Would this be a Schroedinger [emr.hibu.no] drive? I think Microsoft has already implemented quantum storage à la Schroedinger. It's called "backup." You write information to tape or CD-R, and you do not know if it's there or not until you look for it (it exists as both states simultaneously until observed.) :)
  • But at least I can use my real identity and not hide as an AC. :)
  • Thank God I've got a big dick -- God found a way to be kind to me in spite of the shortcomings you noticed. The sad irony is that since I am no longer a member of the gene pool little-dicked individuals like yourself will be the norm. :)
  • I sincerely doubt the U.S. government uses quantum computing technology for national security. One of the important parts of quantum computing is that you don't want to interrupt the process by observing the particles, and as we all know, Uncle Sam has to spy on everything, all the time. He'd never actually crack anything because he'd spoil the computation with his curiosity every time. :-)


    ---
  • I am not a James Bond style spy, but I play one on TV.

    The prevailing hope is that word will get out inside the country about shennagans their government is (allegedly) involved in and that news will trigger a revolt. Worked great for Russia (*cough*) and Cuba and Iraq (*ahem*) and... um... well... that's what they think anyway. And it's kind of hard for the word to get out when the country keeps catching the dissidents and shooting them in the back of the head.

  • What everyone seems to have forgotten was that Clipper wouldn't have worked (at least, not as intended, and provided the "bad guys" were reasonably smart).

    Well, what people suspected at the time (and, actually, what they were planning, according to some quotes in the article), was that after Clipper was widely deployed, legislation would be passed making all other forms of encryption illegal in the US.

    Aside from that, it actually would have been pretty nice if all phones in the US were sold with encryption built in. I could go out and buy one of those nice ATT phones (they make non-key-escrowed versions too, basically the same stuff except with 3DES instead of Skipjack and no backdoors), but who would I talk to with it? I mean there are maybe a few tens of thousands of these phones in use in the US, mostly by government and large corporations (most of whom are govt contracters and required to have them).
  • That all depends on what your deffinition of "special relations" is.
    =\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\=\= \=\=\
  • I do like the sig... but in answer to it I would have to say "The meta-moderators".
    =\=\=\=\=\=\=\=\=\=\=\=\=\=\=\= \=\=\=\=\=\=\=\=\=\
  • I studied the Clipper project in my computer security class last quarter and it all seemed like the stupidest idea ever. Then I wondered why I had never heard about it... well it WAS a stupid idea, and luckily people were able to fight against it on my behalf even though I didn't know about it. It's interesting now to see what COULD have happened, that really was the dumbest idea ever. And this only confirms my suspicions about the FBI/CIA out to monitor everything that I ever could possibly do. If you don't use PKI, maybe you should think again.
  • This doesn't make any sense.

    1) What does PGP have to do with this? Clipper is telephone based.

    2) Clipper makes it harder to spy on people. Mostly because they need the warrant and keys from two other government organization to spy, as opposed to just a warrant itself for wiretapping.
  • Clipper was a big deal, and a lot of geek types were really concerned about it. There was considerable outcry against it, and it seemed like nothing anybody could say was going to actually stop it. Then there was a paper published by one researcher (and I wish I could remember his name) the showed that the it would be possible to build third party implementations that could interoperate with clipper chips without having their keys placed in escrow with the government. Almost overnight clipper was dead.

    Well, at least that's how I remember this whole saga going down... though a few quick searches on google didn't turn up info about this. Did I just imagine it that way?

  • Please please please moderate up post #141 [slashdot.org], which links to the paper by Matt Blaze that effectively killed the Clipper chip and the US government's key escrow plans. I wish I could have remembered it when I posted earlier.
  • they already know your underwear size

    I'm glad someone knows...I can never remember....

    "Hmmmmm....sure, that could be my size. Better only buy one in case...."

  • Am I the only one who misread the headline. I was expecting something witty about the talking paperclip and find myself reading some boring story about cryptography.

    That really sucks

  • um, thanks... The .sig is a play on The Watchmen (Who Watches The Watchmen?) et al.

    but your concern is registered.
    ---
  • This was some time ago, so I had to refresh my knowledge base:

    good description [cpsr.org]
    Epic's rundown [epic.org]
    Computer Security Resource Center version [nist.gov]
  • Privacy isn't dead - it just costs more than nearly anyone has. Perhaps this will evolve into a new class system in which one's status depends on the control one has over personal data.
  • With this greater capability will be a greater need for black helicoptors and cattle mutilations.
  • When clipper was first floated, the official line was that it would be purely voluntary, perhaps with some financial incentives, but the feds expected it to take off because it was simply superior.

    The "paranoid fringe" quickly realized that a voluntary Clipper would be worthless, and predicted that it would be made mandatory, which the government vociferously denied.

    Now, these documents show that the government intended Clipper to be mandatory after all.
    My question is, does anyone remember when they stopped lying about it? I suspect that these documents don't go far enough back to show us what they were privately saying during Clipper I.
  • It's shame that it's completely unrealistic to think that information could be held safely in escrow some how.

    Can anyone provide a link the complete docs or, more important to me, you actually filed the the request under the FOIA?
  • Back in the day, "Summer '87" to be exact, I wrote a few programs in Clipper. I never knew the feds cared!
  • Wouldn't it be really funny if the embedded code in the clipper chip was written in Clipper?
  • I believe this very idea is the basis for the next form of cryptography that would be virtually unbreakable, along the lines of sorting the wheat from the chaff.

    Someone who knows something want to chime in? I think it's pretty much a one time pad kind of thing, not public key based...
  • Most of the Slashdotters are missing the point entirely.

    Clipper was an attempt by the government TO GET US TO START USING ENCRYPTION!! You HAVE TO have a standard if you are going to put in place a common encryption method. But you also want to know what the holes are. SO the government TOLD US how they would handle the keys. If you are paranoid, you could use your own encryption before the message went into Clipper.

    You want to buy your encryption from private corporations and think THEY won't put in holes and be listening in???

    Look at the result of the anti-Clipper paranoia. Ten years later still almost NO ONE is encrypting. So anyone we were afraid of listening in IS DOING IT. If I were paranoid I would say that Japanese companies financed the anti-clipper effort.
  • Well, what people suspected at the time (and, actually, what they were planning, according to some quotes in the article), was that after Clipper was widely deployed, legislation would be passed making all other forms of encryption illegal in the US.

    This is nutcase stuff. Look at the RESULTS of the anti-Clipper effort. NO ONE is encrypting so "the government" can listen in on anyone they want to. In the meantime there never was any legistation introduced to outlaw encryption...

    The CURRENT state is that any government or corporation can listen in on us. THis is what the anti-Clipper effort brought us.

  • Yes, it would have worked--for the real purpose, not for the stated purpose. It wouldn't have caught criminals and terrorists, or at least not those smart enough to even load PGP. But it would have allowed for a lot of spying on everyone naive enough to trust the gov't not to spy on law-abiding people.

    OK, as the result of this kind of irrational thinking here we are WITHOUT standardized encryption in all devices. How is this better, as far as the ability of "the government" to listen in on us?

  • Not the Gov't, the Illuminati! (Score:3)

    by FortKnox ( 169099 ) on Tuesday May 15, 2001 @10:01AM (#221877) Homepage Journal
    Now that they have the quantum computer that can crack all all communications, and the quantum disk drives that they use to store every packet ever, they already know your underwear size, to say nothing of a complete copy of your DNA for their cloning efforts

    The government doesn't have a quantum computer, the Illuminati do. But since the Illuminati control the government, they just eliminated the middle man in this article.

    BTW - My .sig is great for this article!

  • clipper technology (Score:4)

    by suhit ( 171059 ) on Tuesday May 15, 2001 @10:09AM (#221878) Homepage
    For those that dont know what Clipper is, here is an interesting set of points from cpsr.org describing it in a fair bit of detail. This is basically the AT&T description of Clipper and is written out fairly well.

    CLIPPER is an NSA developed, hardware oriented, cryptographic device that implements a symmetric encryption/decryption algorithm and a law enforcement satisfying key escrow system. While the key escrow management system design is not completely designed, the cryptographic algorithm (SKIPJACK) is completely specified (and classified SECRET).

    The crytographic algorithm (called CA in this PAPER) has the following characteristics:

    1. Symmetric, 80-bit key encryption/decryption algorithm;
    2. Similar in function to DES (i.e., basically a 64-bit code book transformation that can be used in the same four modes of operation as specified for DES in FIPS 81);
    3. 32 rounds of processing per single encrypt/decrypt operation;
    4. Design started by NSA in 1985; evaluation completed in 1990.

    The CLIPPER CHIP is just one implementation of the CA. The CLIPPER CHIP designed for the AT&T commercial secure voice products has the following characteristics:

    1. Functions specified by NSA; logic designed by MYKOTRONX; chip fabricated by VLSI, INC.: manufactured chip programmed (made unique) by MYKOTRONX to security equipment manufacturers willing to follow proper security procedures for handling and storage of the programmed chip; equipment sold to customers;

    2. Resistant to reverse engineering against a very sophisticated, well funded adversary;

    3. 15-20 MB/S encryption/decryption constant throughout once cryptographic synchronization is established with distant CLIPPER Chip;

    4. The chip programming equipment writes (one time) the following information into a special memory (called VROM or VIA-Link) on the chip:

      1. (unique) serial number
      2. (unique) unit key
      3. family key
      4. specialized control software

    5. Upon generation (or entry) of a session key in the chip, the chip performs the following actions:

      1. Encrypts the 80-bit session key under the unit key producing an 80-bit intermediate rsult;

      2. Concatenates the 80-bit result with the 25-bit serial number and a 23-bit authentication pattern (total of 128 bits);

      3. Enciphers this 128 bits with family key to produce a 128-bit cipher block chain called the Law Enforcement Field (LEF);

      4. Transmits the LEF at least once to the intended receiving CLIPPER chip;

      5. The two communicating CLIPPER chips use this field together with a random IV to establish Crytographic Synchronization.

    6. Once synchronized, the CLIPPER chips use the session key to encrypt/decrypt data in both directions;

    7. The chips can be programmed to not enter secure mode if the LEF field has been tampered with (e.g., modified, superencrypted, replaced);
  • Except that it wasn't intended that Clipper's backdoors would be widely known.

    The thought was that a semi-smart criminal would go down to the store and pick up an "AT+T Secure Phone" and use it to conduct his dirty deeds without knowing that the government could be tapping it.

    Note, how even though AT+T had this tech ready in 1992 (backdoored or no), "Secure Phones" are still not a consumer item...

  • Re:So what? (Score:5)

    by stup ( 180061 ) on Tuesday May 15, 2001 @09:43AM (#221880) Homepage
    The FBI knowing your underwear size is a GOOD thing. It means that when they handcuff you, they can use custom-made handcuffs that'll be more comfortable for you. Same goes for straitjackets - the taylor-made ones are FAR superiour to the Off-The-Shelf variety.

    It's an interesting lifestyle choice that considers handcuffs and straitjackets to be underwear, but hey, I'm not judging anyone. :)

    "If you tell me all your secrets, I promise not to blackmail you."
    StuP

  • would the US gov want to do its own research on quantum computing if it knows that the same technology used to break existing codes can be used to make new ones impossible to break.

    Of course they would. They just wouldn't share their results with anyone else. If anyone starts getting too nosey with FOIA requests, they'll just invoke the magic phrase of "national security" and continue working.

  • So what if they're tracking you with the supermarket discount cards? why are they tracking you? So they can figure out what you buy. You dont buy contraband and bomb accessories at the Ralphs, or Pick 'n Save, do you? So what if they know what brand of ice cream you like. Hell, I'd be glad they know which ice cream I buy, that way maybe they're more likely to keep it in stock.

    Somewhere you've gotta draw the line on what you share and what you dont, though. It could be a slippery slope in either direction. You can be too secretive (read: Paranoia) or you can be too open (read: annoying guy at work who tells everyone the follies of his love life). Everyone's gotta pick their point where htey draw the line. My line lets the grocery store give me a discount on ice cream for letting them know I buy it. Whoop-dee-doo.

    . . .

  • Actually, the Americans worry about Cesis, and the Canadians worry about the FBI.

    Y'see, it's perfectly legal to spy on other countries if you don't get caught, so countries have arrangements together to spy on each other's citizens, then swap information.

    Isn't it swell?

  • Missing Info (Score:5)

    by SomeoneGotMyNick ( 200685 ) on Tuesday May 15, 2001 @09:23AM (#221884) Journal
    What about the 4000+ pages of clipper chip information that hasn't been found by FBI personnel yet?
  • Nautilus [lila.com] (the phone encryption program, not the Gnome thing) was written in response to EPIC [epic.org]'s obtaining those documents [epic.org] via the FOIA.
  • If of any interest, Skipjack (used by Clipper) and KEA (used by Capstone) were declassified in 1998 [nist.gov] because the Fortezza hardware was too expensive for the Defense Messaging System. They wanted to switch to software implementations, so they had to declassify the algorithms.
  • While your missive makes for fairly decent satire, it goes too far in encouraging the statist group-think the average propeller-head here indulges in.

    So, without ANY satire, with all the truth that can be mustered by an electronic persona manifesting on an insignificant electronic message system, let me state unequivocally and without doubt that the State is the complete and absolute enemy of the individual, and any attempt by the State to take more power unto itself should be reviled and resisted as much as possible by any individual worth his or her salt.

    You may go back to your Gameboy now.....

  • Oh, they found it, they just lost the key to decrypting it. As I understand, the matter has been turned over to Russian hackers, all very hush-hush, you understand.

    Last night I heard the news from Washington, the capitol
    The russians escaped while we weren't watching them, like russians do
    Now we've got all this room, we've even got the moon
    And I hear the USSR will be open soon,
    As vacation-land, for lawyers in love. -- Jackson Browne

    --
    All your .sig are belong to us!

  • Did any one read any of the other garbage on that site, newsmax.com? It was a bunch of whiny, self-important liberal-hating garbage. I mean really, in the article about Robert Redford "insulting" the Interior Secretary, there was not the slitest evidence of an insult, and what is the journalistic value of refering to him as "the wrinkled 63 year old."? Of course he hasn't had a hit in years: he hasn't made a movie in years.
    What a bunch of assholes.


    -------------------------
  • I have to be honest, everything I know about cryptography I got from the book Crypto, so maybe I'm misinformed, but it really seems to me like the government has given up the fight on crypto. I mean, they seem to have removed export restrictions, and they've basically approved a 256 bit crypto standard developed overseas no less. This seems a lot different from their attitude ten years ago.

    So, what gives? Has the government stopped fighting the "good fight", or have they just found this quantum computer solution whihc Taco's delusions would gift them with? It seems really hard to believe that they could possibly be breaking our encryption by brute force, but it also seems impossible that the NSA would just roll over and die. anybody know what's up?

  • The fact that they know all thus stuff isn't the part that bothers me, its the fact that they do it without our knowledge or permission. If they asked to track my information, or at least gave some sort of opt-out procedure, I think it would look a lot less sinister.
  • Read the book Crypto, it discussed how the FBI and NSA realized that no foreign government would allow the importation of strong crypto unless they too had the government decryption keys. It also discusses how they
    gave up when they realized nobody in the US would use it.
  • I believe that the fact that you anti-spam your email address is proof that you value your privacy

    No, I really do use hotmail!

    --

  • I'm pretty sure that I represent the average slashdot reader, so I'll present here what I am sure will become the concensus of this thread. I doubt that any slashdotter worth his or her salt would question such truisms as "freedom is all very well, but the government really has a right to know what is going on" and "clipper chips are based on fundamentally sound social priciples" and "Michael Sims will slap this post despite everyone else clearly loving it".

    --

  • Anyone planning to clone me is gonna buy themselves a whole lotta trouble.
    The very thought of more than one of me running around make me afraid. Very, very afraid.

    BOFH's of the world unite!
  • McConnell noted that the advanced technology gives China the power to electronically lock out U.S. intelligence monitoring and lock in the Chinese population.

    "Even if the Chinese use weak encryption the sheer volume of their communications will make it impossible for us to monitor. If China were to erect a public key infrastructure it will severely impact our intelligence gathering ability," stated McConnell.

    He also stated that Clinton was aware that the advanced surveillance technology might be abused by hostile foreign powers.

    "Can Key Recovery be used against dissidents and political opponents?" asked Adm. McConnell.

    "In a word, YES," he concluded emphatically.
    wtf? Like we care about freedom of information for these people. The Chinese are already locked into China's version of the internet, China's cell networks, etc. They already monitor what's going in and going out, and what's said within the country.
    And ours for that matter.
    Consider that, whatever the nature of this Clipper technology, the Chinese have the best cryptographic technology that our corporations have, much of which is better than that used by the government. The Chinese are, technically, as adaptable as the US and other Western countries. This knowledge is how they are catching the Chinese-American researchers who they keep detaining for spying and disclosing state secrets and such. They are catching Falun Gong organizers who plan via email.
    With the international situation as it is, and has been for some time, with China, with an essential cold war, spy as much as you can mentality spearheaded by corporations and governments on both sides, there are no technological solutions to our relations with China. No amount of surveillance or control will resolve the fact that we have to come to terms with a power that is as big and has as many gadgets as we do.

    -perdida
  • There is no such thing as the Illuminati. Never was. The Illuminati Conspiracy is derived from a manifesto that was actually written to criticize the Russian Aristocracy. Some clever dick rewrote it to make the Jews look like they controlled everything. Even Henry Ford fell for this one... for a while.

    Way to make yourself look like a fool FortKnox.
    ______
    jeff13
  • Damn! ;p
    ______
    jeff13
  • Daaaamn...I always thought of the problems with key escrow as an issue of abuse by our own government, but for them to actually consider enabling surveillance by countries like China?? Incredible. For all of their yelling and screaming about how France and other countries are spying on businesses for the benefit of their own domestic corporations, they were thinking about giving other countries the keys to the kingdom. As if we needed another reason to be distrustful of those whose job it is to look after us.
  • The "wackiness" referred to seems be be that the US gov't was willing to share the keys with not-very-friendly foreign gov'ts. If you assume that they were telling the truth when they said they wanted Clipper for _national_ security, that's definitely wacky. If they wanted Clipper solely for the security of certain people in our gov't, ...
  • Yes, it would have worked--for the real purpose, not for the stated purpose. It wouldn't have caught criminals and terrorists, or at least not those smart enough to even load PGP. But it would have allowed for a lot of spying on everyone naive enough to trust the gov't not to spy on law-abiding people.
  • What people rarely see is the level of abuse the Feds partake in regarding technology nowadays, abuse that happens on a scale that is barely told out of fear from sounding like an "anti-government" looney ranting about rights.

    This can be frustrating. I get a lot of grief from people for using a firewall on a DSL connection. They do not consider security a concern. Until they get cracked.

    I think this is an image problem. The serious people should just go about doing their business and let the masses go on guffawing.

    Reminds me of Noah building an ark while most of the people in his town ridiculed him. Maybe its better to let them drown in their obstinate ignorance. At least some of us will survive...

  • Somehow I can't imagine the same considerations with sharing technology with China under the current administration ;-)

    I'm suprised that all this stuff is being made public so soon. We're talking about 1997 for some of this stuff, so I can't believe it's just being released under the freedom of information act. I don't know what the US rules are though, but the UK keep things secret for umpteen years! Even when it becomes public they can refuse to acknowledge it; eg consider public-key cryptography and the subsequent RSA patents, despite the fact that a chap in GCHQ (in England) had already discovered it years before. What's the point of keeping it secret then?

    Anyway, I find this stuff rather suspect. If they're really declassified documents, then where is the link to the real stuff? Do they exist on the web, or simply is some dinghy office where access is granted by appointment only (like most of the "public" EU information).

    The article also states that there were a further 12 documents which were not declassified "in the interest of national defense or foreign relations". Don't you just love conspiracy theories? :-)

  • I guess the comment was referring to quantum computing as a means of cracking RSA by mass parallel computing.

    However your comment is amusing - would the US gov want to do its own research on quantum computing if it knows that the same technology used to break existing codes can be used to make new ones impossible to break.

    Perhaps they'd simply be better to stick to what we know now - bigger and more computers are better :)

  • Damn. It thought that Joe Boxer [joeboxer.com] used https...

    Wow, you don't think the feds know about all those graphic e-mails I've been sending my girlfriend to, do you? Or the fantasy fiction I've written about Chelsea [chelseapiers.com]?


    God bless those Albino Ninjas...
  • ...is not to play? You can't guarantee any type of privacy unless you absolutely refuse to participate. At some point, your privacy dissolves as more entities participate in the activity. That's not to say that there aren't some basic measures to take, like not using your SSN as a public identifier... PGP, SSL, and other "security" implementations still rely on allowing the other side to participate in the activity...hence all the discussions on why your personal info got sold to whatever.com by the last place you shopped online...
  • ...and the quantum disk drives that they use to store every packet ever, they already know your underwear size,

    Good idea, I sometimes forget and buy a size too small; I knew my 10G Quantum was good for something.
  • So Bill Clinton wasn't really accepting campaign contributions from foreign interests. He was just busy selling our encryption technology.... Now I feel better about the whole thing.

  • As usual, morons like you refuse to believe the truth and can't stand a website that is filled with the truth. The other guy stole the election? I do believe that you must first win to have it stolen from you. Sorry, that's just logic speaking there. Three cheers to Taco for running such a great piece.
  • Ok. I wouldn't object to some items, like ice cream, or frozen burritos, or other stuff like that. But where is the line drawn by them? Suppose you have one of those grocery stores with the video store, and pharmacy too. Suppose you take lithium, xanax, and have a raging case of herpes. Suppose you like to rent science fiction. What conclusions will be drawn? Who will this information be sold to? What if this data influences Hollywood to put drugged out sluts and lots of product placement in the next big sci-fi flick?

    Oh wait...nevermind.

    --
    "Fuck your mama."

  • Privacy is most certainly dead. I recently looked at my credit report and--this is no joke--they actually had a previous address listed from when I was 6 years old. Wonder where they got that information. I certainly wasn't out building my credit back then...shit I didn't even get an allowance when I was a kid.

    --
    "Fuck your mama."

  • What we know (Score:3)

    by stuccoguy ( 441799 ) on Tuesday May 15, 2001 @09:56AM (#221912)
    We know that the FBI/CIA/NSA are very secretive organizations. We can assume that they keep their secrets very well.

    We also know that every so often something leaks (via the FOIA) about Echelon or Clipper Chips and so on. We tend to be alarmed by what we find.

    The question then arises: "If the secrets that get out are so alarming, how alarming is the 99% of stuff we don't know?"

    What we learn from this is that these organizations obviously have a mighty infrastructure for intercepting communications and spying on what we do. The extreme right would have us believe that either we are paranoid or that any such capabilities have legitimate law enforcement justifications.

    STOP THE PRESSES

    If these organizations are using all that technology for legitimate law enforcement activities where are the indictments and convictions?

    We do know that less than a handful of indictments where handed out last year based on intercepted communications. If these interception technologies exist and are obviously not being used to any great extent for legitimate law enforcement activity exactly what are these guys doing with all of that intercepted information?

  • Even better - the keys, each of which has an escrowed decrypt key, confirm their validity via a 16 bit checksum. Even without the algorithm, you can just pick a random 64 bit number and try all the possible checksums, ending up with a Clipper key that isn't archived anywhere.
  • This is rather amazing, how we scream about a curiosity, like the clipper chip, being handed over to the Chinese, but not about worse technologies. Ok, so security, privacy, etcetera is important. But good old Bubba didn't exactly stop with clipper chips. For example, he handed the Chinese MIRV technology, but people concentrate on the clipper chip. Why is it, that people can be outraged, by the possibility, that a forgien government will know that people are looking at porn, but it doesn't bother people that we have handed our enemies a better way to deploy weapons of mass destruction? Do they really buy that crap about, needing this for launching satalites? It wasn't nessecarry for Sputnik(sp?). Please wake up folks, there are worse demons out there, we are just being handed toys like the clipper chip to keep us distracted. For those that don't know: MIRV - Multiple Independently Targetable Reentry Vehicles - used for dropping several nuclear warheads from an ICBM (InterContinental Ballistic Missle) see http://www.gwu.edu/~nsarchiv/nsa/NC/mirv/mirv.html for more information.
  • Forgive me if I'm wrong, but I believe that the fact that you value your privacy. After all isn't unsolicited e-mail another form of privacy invasion? I believe that the average /.er values his/her privacy from all intrusion. Gov't or otherwise.
  • Sorry left a few words out. Should be: Forgive me if I'm wrong, but I believe that the fact that you anti-spam your email address is proof that you value your privacy. After all isn't unsolicited e-mail another form of privacy invasion? I believe that the average /.er values his/her privacy from all intrusion. Gov't or otherwise.
  • Presumably, once Clipper was deployed, the use of any other encryption would have been outlawed.

    Then of course, as a law abiding malcontent I wouldn't use encryption. But I might start sending my friends pictures of my TV (I'd have to buy one first of course) with nothing but static on the screen--or audio recordings of my rock tumbler--or a thousand other "why, officer, that's just white noise" wrappers.

    The only thing to stop people from communicating securely, with or without Clipper, is lack of motivation.

    -- MarkusQ

  • The whole concept of clipper was flawed (Score:5)

    by MarkusQ ( 450076 ) on Tuesday May 15, 2001 @09:42AM (#221918) Journal
    What everyone seems to have forgotten was that Clipper wouldn't have worked (at least, not as intended, and provided the "bad guys" were reasonably smart). You can embed hardware encryption with as many built in backdoors as you like in every device I use--then I just send software encrypted message over the channel just as I would with a regular phone line. When you tap the line and do your sneaky best, what you wind up with is still encrypted.

    -- MarkusQ

Slashdot Top Deals

God help those who do not help themselves. -- Wilson Mizner

Close