Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Encryption Security

Germany Frees Crypto 85

Posted by Hemos from the usa-needs-to-follow-the-leader dept.
marlon shakespeare writes "The German cabinet today released a policy statement on the unrestricted use of encryption. Unfortunately the article's in German but the rought gist of it is available in English. " Hopefully some certain other countries will follow the German lead on this one.
This discussion has been archived. No new comments can be posted.

Germany Frees Crypto More

Germany Frees Crypto

Comments Filter:

  • Re:[Paranoid] (Score:1)

    by Anonymous Coward
    Hopefully this will not be too eagerly embraced by various 'youth organizations' and 'flight clubs'.

    If there is any danger of the internet aiding in right-wing or any other type of conspiracy, it has little to do with encryption. The goal of these organizations is to reach and preach to the uninitiated, and that's best done when their prose is cheaply distributed and easily accessible, which means unencrypted.

    As for weapons and such, the argument is in no way different as for criminal in general. So the usual counter arguments apply: We cannot give up everybody's right to privacy only because certain people may abuse it; encryption is available anyway, so the serious guys do have it; criminals are best accused of the crimes they commit, and not the ones they talk about; if police want to prevent crime on a significant scale by intercepting communications, this has to be a massive large scale intrusion into everybody's business, as is easily imagined from the sheer volume of data traveling around---basically it's impossible.

    Personally, I even think that widely available cryptography will expose as many criminals as it hides, as people who have something to hide will get more daring in storing that info electonically, so that we'll see a lot more "interesting" security breaches because someone screws up, gets a virus, loses the key etc.

    So, in short, this is great news for everyone, and nothing to worry about in terms of crime.

  • Err - not anymore - at least product using keys of up to 128 bits is completely free. 40 key with legal before but required a licence first.
  • We recently had ssh installed on some of our (brittle) boxes, but the version "agreed on" in France is somehow called "ssf". Quoth I: "huh?" So I did a little searching and found the following page [in2p3.fr]. It's in French, but the upshot is that the keyspace is limited to 2^40 (and of course it is illegal to modify it). Curiously, most French people I talk to have no idea that strong encryption is illegal. I don't know the status of the 128-bit thing; is it allowed for anyone in France?
  • It is most interesting that ECHELON isn't mentioned at all in the press release. I don't think it's merely coincidence that an inititive like that is started weeks after the STOA-Report and the recent Australian admittace of it existence of the UKUSA spy alliance.

    My best bet is, that they don't want to get into diplomatic troubles with the US just now while US trade sactions are discussed regarding the EU import embargo against hormone-infested meat and German troops are fighting under NATO command in the Kosovo.

    Note also, that the German goverment is not only allowing but activly encouraging the use of strong crypto, which - in the case of general adoption - would make the ECHELON listing points basically useless.
  • I guess not all governments are braindead. I hope this starts a trend throughout the world. Maybe I'll actually be able to use a credit card online, without it being as stupid as me writing it below:

    4 4002312 4991029348 ;)
    --------
  • I am increasingly impressed by the new German government, which seems to embody a lot of what some of us hoped Clinton/Gore might be back in '92 (market-oriented without being silly about it, pro-civil-liberties, appropriately concerned about the environment and international human rights issues, etc.).

    Last Sunday's New York Times Magazine had an interesting article about Joschka Fischer [nytimes.com], the formerly radical politician who is now the German foreign minister. It's worth checking out, particularly for Americans who are generally deprived of any news about the day-to-day political life of other industrial democracies.

  • France used to have the most anti-encryption policies in the developed world. Their new policy (which may not be the law yet, does anyone know?) is like that of the US: free domestic use, no export without a license for keys of more than 56 bits (which rules out source code distribution for algorithms that allow the key length to be modified easily).

    This means that even after the new law is in effect, you still can't do open source crypto development in France.

  • "It would be really nice to legally use the 128bit Netscape (flame me if you hate it, but I really don't like transferring personal stuff over 40 bits ;-)"

    .

    Then go download it and use it! USE has never been illegal in the U.S., only EXPORT of the software itself.

    It's comments like yours that make me wonder just how many people really understand the issues involved.

  • Re:Portugal should follow (Score:1)

    by Anonymous Coward
    France has banned encryption altogether, AFAIK. In Finland the use of encryption is not restricted, again AFAIK, the guy who developed SSH got a prize from the president. (In the US he would probably be in jail.) The Wassenaar treaty may make export of encryption software more difficult in the future. I am not sure, but I believe Sweden and Norway have no restrictions on crypto eighter.
  • I wonder whether or not this decision was influenced by the recent revealing information about the echolon system?

  • Um, excuse me, but in what way am I a troll? If you don't agree with the argument, refute it. Show that it's unsound. Show that US policy isn't largely run by paranoia and greed.

    It's called public debate. I welcome you to join it responsibly.

    How much money do we put into the intelligence agencies, anyway? And how much of that money goes towards economic surveillance.

    I'm sorry, but the US is not the moral paradigm so many of its citizens seem to believe.

    The list of murderous dictators the US has put in power and supported--yes, for self-proclaimed economic and security reasons--is too long to list here.
  • Well - not online. Just open the Sun or the Daily mirror, then read all the junk about the spice girls private life or the naked pictures of royal familly members caught sunbathing in their garden. Read the violent comments against Europe all well as the rumors they propagate about how the EU (there was one saying that the EU wanted to change the size of the English pint of beer - which was 100% bullshit of course).
  • Note also, that the German goverment is not only allowing but activly encouraging the use of strong crypto, which - in the case of general adoption - would make the ECHELON listing points basically useless.

    Which is IMHO a good thing as the echelon system is abused to aquire economic secrets in a kind of neo-colonial way, and everybody knows it.:-(

    Sebastian

  • There was a policy document circulated a couple
    of months ago from the Irish government which
    states you can import and use anything, but
    you're restricted by the Wassenaar Agreement for
    export. There's a clause in there to cover lawful
    access (court orders and the likes). It's at...

    http://www.irlgov.ie/tec/Communications/signat.h tm
  • Yep, Fortify is cool. I'd forgotten you could wrangle any 40 bit quickie install of Netscape into a 128 bit monster. I think I was using fortify way back in 3.02 dayz on win32. Gonna try the unix version now. Thanks for the reminder!

    -kabloie
  • For the last couple of months half of Germany has been looking at the odds of the current Social Democrats & Green party coalition surviving a full term. Most people are betting against it. And there is a reason that they would not win the elections again if those would be held today. Such as crippling the economy, destroying jobs, the 630 Mark Jobs and maybe cause there hasn't been a change. Ohh yeah the hypocritical stand to NATO and Kosovo might have something to do with that too...
  • Unrestricted use, but not unrestricted distribution. Germany is bound by the wassenaar [wassenaar.org] thingy, so export restrictions will remain. Well, atleast it's a (small) step in the right direction.
  • This announcement from the German government has little to do with freedom. As some pointed out, use of strong crypto was not restricted before in Germany (and not in most countries either, the notable exception being France). Hence it is not about a new freedom. What it is about is that Germany, like a growing number of countries, have laws regulating digital signatures to make them legally binding. One may argue that is unnecessary to make laws about this, but it seems to be the German way. As part of the package the German government is sponsoring an official national infrastructure for certificate authorities. It only seems natural that they want to encourage people to use it.

    Part of making digital signatures successful is to instill trust among the people in this technology. Digital signatures can never be trusted if there is the slightest doubt that the private key can be disclosed (unknowingly to the owner). Hence different schemes for mandatory national key recovery are totally contrary to a successful deployment of digital signatures in e-commerce.

    One can also argue the national key recovery schemes are never going to a) be manageable b) be of any use to law-enforcement or intelligence. (If you were a terrorist, would you submit your keys?)

    A philosophical issue is whether the freedom of expression would cover encrypted expressions. If my freedom to express myself is guaranteed by the constitution, does it matter if you can understand me?

  • Hats off to Schroeder & Co. (Score:3)

    by lutter ( 8756 ) on Thursday June 03, 1999 @06:00AM (#1868397)
    I am very impressed by this very clueful decision.

    I think it's rather funny that the statement harps very much on the economic need for strong crypto. It sounds like some people read the recent report by the EU and din't like what it said. The statement mentions that information is becoming a raw material which needs to be protected and only gives passing note to privacy concerns. I wonder how many of the hard-lobbying German companies have been burnt by inadequate crypto; I remember a few stories about German companies losing technological advantages because their latest and greatest R&D was picked off from insecure emails etc.

    It also states that the German government will try to raise crypto awareness, so not only will they allow its development, sell and use but they will actually promote crypto and an understanding of why it is important.

    This rocks !

  • Yep, the English entered the EU because they had no choice, and now try to destroy it from inside. The majority of the local population is against Europe, thanks to the lies propagated by their trashy newspaper.
  • I think it's rather funny that the statement harps very much on the economic need for strong crypto.

    IMO, the friction between Megacorp and Government today is having many of the same effects as the friction between Church and King during the High Middle Ages -- resulting in much better prospects for freedom than would be possible if either side prevailed completely over the other.
    /.

  • You are one one making the silly claims, why don't you prove your thesis. Here counterexample 1: Why are we in Kosovo? Under your claim it must be because we are paranoid or greedy. So we are either paranoid about the mighty Yugoslav army invading NYC or due to greed, we would love to get a part of that massive engine of industry that is Yugoslavia. Hmm...


    How much money do we put into the intelligence agencies, anyway?

    Around $26.6 billion, out of a total budget of around $1.8 trillion. A massive 1.4% of the total budget. Or a couple of drops in the bucket for the less mathematically inclined.
  • Posted by Anna Chronica:

    Technically, Wassenaar only restricts countries from exporting to places that are considered to be dangerous or hostile. Most countries are treating it like a blanket restriction on all export, but Wassenaar doesn't stop anyone from exporting to allies (such as European Union members). And several countries (such as Canada)have recently announced that they won't be restricting export to friendly countries any longer.
  • Clearly you have no idea at all about Germany. Boy Scouts here are mostly leftists, hemp-smoking liberals ;-)
  • Actually, I think part of the reason for this policy - maybe even THE reason for this new policy- *IS* the Echelon project. Germany is a very close ally of the USA, and would never "severe ties" with the US. At the same time, of course nobody is very hot on the idea of having even friends read their mail... So I think they want to protect themselves against Echelon without creating an official problem.

    The text DOES explicitely mention industrial espionage as a serious threat to Germany, and I seriously doubt they meant some small hacker in the duties of the former USSR........
  • Can't say. bmwi is down. Slashdot effect anyone?

    They did state in the later points they would seek international cooperation.....
  • It's not all that surprising, really. The guiding principles of the founding of the US were Paranoia and Greed. Even the most superficial research into the Puritans and the economic interests invested in colonial america reveal this much. The order of importance has flip-flopped at various times in our development, but the principles never change. They continue to guide US intra and inter-governmental policies. Examples are easy to come by:

    1. The USAUK program for intercepting private communication, with the information being used to promote--ala industrial spying--US commercial interests.

    2. A drug war that costs billions, has failed miserably, and yet has gone on longer, amazingly enough, than prohibition did. Believe me, there are a lot of people making lots of money off the war on drugs. They can seize anything and use it for their own purposes, including cars, boats, and planes.

    Of course, Paranoia and Greed aren't necessarily vices--they just usually are.

  • I'll actually be able to use a credit card online, without it being as stupid as me writing it below:

    4 4002312 4991029348 ;)




    Hey, could you please post the expiration date and your mother's maiden name please? Thanks!

    Kevin



    pencils down people!

  • [Paranoid] (Score:3)

    by jabber ( 13196 ) on Thursday June 03, 1999 @06:27AM (#1868409) Homepage
    Hopefully this will not be too eagerly embraced by various 'youth organizations' and 'flight clubs'.

    After all, in the US, encryption technology is STILL considered a munition. How would people in the surrounding countries (of Germany) feel if various para-military organizations - such as the Boy Scouts - started stockpiling munitions?

    IMHO Germany has come a long way singe the 1930's, but I'm sure this is going to ruffle some feathers.

    [/paranoid]
  • Wasn't it the German government who crippled the GSM encryption without telling anyone? Now, they want people to trust crypto? Good luck.
  • Well, looks like maybe Europe isn't such a bad place to live, afterall. I kinda like our new Government. The old one would've taken the US policy of Encryption Is Bad, you can be sure of that.

    But at any rate, let's see if their deeds speak as loudly as their words.

    We can only hope.


  • Wassenaar has an exception for what they call "public domain" software, and their appendix defines "public domain" in such a way that it includes free software/open source. So governments that have signed Wassenaar can still let their citizens export any free software they want to. They just have to restrict commercial products with strong encryption. The US forgot about this loophole because the Clinton administration is clueless about free software/ open source, and they can't close it unless they get all of the Wassenaar countries to agree.

  • I think we can all agree that there does exist just such an obligation (although I'm unconvinced that bombing is the best way to handle the problem.)

    I agree that our current bombing is not the best way. I believe carpet bombing would be much better. Incidiary bombs. Milosevec isn't ethnically clensing the country himself, just like Hitler he has help. We are worrying too much about the "civilian" population. I say bomb them till they yield. But this is a mute point, peace is already in the works

    http://news.excite.com/news/r/990603/13/news-yug oslavia-leadall

    However I have to wonder why you believe that it is just the government that if greedy and paranoid. Isn't it human nature?


    -Just because your paranoid, doesn't mean that they aren't after you.

  • Aren't bandwidth issues a more serious consideration? Since you are talking about "e-commerce", your customer encryption can only be as good as the software out there (128-bit Netscape isn't good enough?), and censorship probably isn't an issue for you.
    --
  • I quite agree - whatever the US wants the UK agree. They always try to stop whatever the EU tries to do. Especially when the EU want to fight back US trade tax raise, there 14 votes pro and 1 con : the UK of course !

    And of course they drive on the WRONG side of the road ;-)
  • I think you'll find there are more Nazi parties
    and their party members in the US than in Germany.
    In fact the few authoritarian features of modern
    German law relate to the active suppression of
    far-right organisations.

    The mindset that afflicted most European countries
    in the 1930's is alive and well ... But a little
    further East than the Rhine.

    Chris
    Chris Wareham
  • France made a similar move March this year, authorising people to use encryption. Let me remind you that before this it was illegal to use ANY kind of encryption (you were not allowed to use ssh for example), which was rarely absurd. The URL (English) is here [internet.gouv.fr]
  • no, France's policy is still *worse* than the US's! you need to get official forms and declarations in order to be able to sell most kinds of strong crypto-enabled products in France.
  • I do belive it is neccisary at this moment to indicate that neither of those countries were the trend setters in this situation.

    Correct me if I am wrong, but didn't *Canada* (of all places) pass such legislation late last year?

    I always laugh when I think of Canada as a world trendsetter.

    Petor.
  • A real key, and a false one.

    OK, so I thought that the Phantom Menace was the best of the 4 yet-released episodes of Star Wars.

    Why should Germans care whether their government gives them permission to use cryptography? How can they be stopped?

    If I memorize 3 sentences, for a total of some ungodly number of bits, and use it as a twofish key, and have it written down nowhere... then how short of torture are they going to get it out if me?
    So much for personal use. As far as secure communications, if two people use, say, 2048 bits for session key transfer, use a paranoid protocol, and use 256 bits for the session, what are they going to do about it?

    The only way they could levy fines/impose prison terms on the USE of encryption (weak or strong) would be to admit they were routinely spying on people. Unless a police-state takover were imminent, such a revelation would not be politically popular, I would imagine.

    So, I wouldn't worry about it. As far as I know, Germany's constituton has SOME basic protections, so if they did "alter the deal", Schroeder couldn't exactly apply the Vader "grip of death" on anyone using PGP. Same as with US export nonsense. The NSA may wish it could put a huge bounty on Bruce Schneier... but oh well!
  • Actually when you ask sociologists, they say while being quite among the top nations when it comes to technology, the US are behind most of Europe in social aspects.

    (Useless trivia: Finland was world leader in that category AFAIR, but dont quote me on that)

  • Re:Yet another government with a clue? (Score:1)

    by Anonymous Coward
    One could read into that ("see no reason at this time") that they reserve the right to restrict the use of encryption sometime in the future. It wouldn't surprise if that is actually what they (the Swedish government) mean. One could infer from what has been said on that that Pagrotsky (Swedish minister of trade) actually believes that restricting use (national key deposit etc) of cryptography would a) be possible b) be of any use for law enforcement.

    I don't think the government has a problem with wire tapping stemming from irregular internal intelligence activities against communists. Wire tapping laws are a lot more permissive nowadays than they were then (and they are used, only these last few days they have been using GSM to chase a murderer on the run).

    Back to Mr Pagrotsky, he made some quite clueless statements regarding Sweden's position in the Wassenaar negotiations in parliament lately. It is quite clear that the Swedish government belong to the hardliners in crypto-export matters.

    In one response to a question in parliament regarding crypto-export he made Swedish software industry accomplices in spe of Milosevic et al. There's your sense of reality!

  • All I have to say is.. my servers go wherever they will be the most secure. That means that they go where braindead censorship is non-existant, and cryptography is allowed. Well.. I know Australia WAS my first choice. Now it's Germany, or New Zealand. The US is out, for obvious reasons.

    Where is your business colocating it's servers?

    --

  • Slightly fuller translation (Score:4)

    by Alistair Cunningham ( 20266 ) on Thursday June 03, 1999 @06:27AM (#1868425)
    This is a translation by Thomas Roessler, roessler@guug.de, as posted to the ukcrypto mailing list. Many thanks to him.

    1. The Federal Government does not plan to limit the free
    availability of encryption products in Germany. It considers the
    application of secure encryption to be a crucial requirement for
    the citizens' privacy, for the development of electronic
    commerce, and for the protection of business secrets. The
    Federal Government will therfore actively support the
    distribution of secure encryption. This includes in particular
    increasing the security consciousness of citizens, business, and
    administration.

    2. The Federal Government strives for strengthening users' trust in
    the security of encryption. It will therefore take measures to
    create a framework for trustworthy secure encryption, in
    particular by improving the possibilities for reviewing
    encryption products for their security, and by recommending the
    use of reviewed products.

    3. For reasons of national security, and the security of business
    and society, the Federal Government considers the ability of
    German manufacturers to develop and manufacture secure and
    efficient encryption products indispensible. It will take
    measures to strenghten the international competitiveness of this
    sector.

    4. The spreading of strong encryption must not undermine the legal
    possibilities of prosecution and security authorities [police and
    intelligence communities may be a better translation]. The
    responsible Federal Ministries will cautiously watch the
    development and present a report after two years. Additionally,
    the Federal Government will work on improving the technical
    skills of prosecution and security authorities.

    5. The Federal Government attaches importance to international
    cooperation on encryption policy. It encourages market-driven,
    open standards and interoperable systems and will work to
    strengthen multilateral and bilateral cooperation.

  • I'm not really sure where you're coming from here. Encryption is considered a munition by the U.S. government, true, but that doesn't make it so. Encryption is a munition as much as your hands are - you can use both of them for war, but you don't have to. I have no problems with the Boy Scouts or anyone else using crypto - just sending encrypted packets around isn't hurting anyone. Of course, if the information was gained or created in an illegal manner, then those things are of course illegal, but the harm is caused by the actual child pornography or nuclear weapon secrets, not the encryption used to hide that information.

    It seems to me that the government of Germany has a much higher confidence in its citizens than the government of the U.S., as demonstrated by this policy announcement. I would worry more about governments of less open countries repeating the actions of 1930s Germany than about Germany repeating those mistakes.

  • Finally. (Score:1)

    by mxs ( 42717 )
    But what is this going to help in the US-Debacle ? I hope the govt gets a clue some time soon. It would be really nice to legally use the 128bit Netscape (flame me if you hate it, but I really don't like transferring personal stuff over 40 bits ;-)


    Any news whether the Echelon people complained already ?
  • Good. Now let's hope other countries will follow suit. Maybe now somebody in the European Parliament will start pushing this thing in Europe.

    Funny thing that the Germans again seem to value privacy more than the rest of us. Example: phone companies in most european contries are required to keep details billing records for at least 3 - 5 years. In Germany they are allowed to keep them for a *maximum* of 1 year.
  • You can upgrade the international versions of Netscape to high grade encryption using Fortify [fortify.net], which is developed outside the US. No need to be stuck with 40 bits.
  • Paraphrased from Cryptonomicon:
    1. Open crypto gets us ubiquitous e-money.
    2. Planetwide e-money == U.S. loses some control over economic policy (ask the European gov'ts how they feel about the Euro).
    3. Thus, the U.S. doesn't want open crypto

    All other arguments from the U.S. gov. are straw men. The funny thing is that this policy will hurt much more in the long run than it helps in the short run. Quoting Alan Greenspan (unrelatedly) from yesterday's headlines:

    ``The United States has been in the forefront of the postwar opening up of international markets, much to our, and the rest of the world's, benefit,'' Greenspan said. [yahoo.com] ``It would be a great tragedy were that process reversed."

  • How Behind Is The US? (Score:3)

    by waldoj ( 8229 ) <waldo&jaquith,org> on Thursday June 03, 1999 @05:35AM (#1868435) Homepage Journal
    It's amazing to me how behind-the-times the U.S. appears at times. Though we claim to be the most technologically advanced, the trendsetters, etc., it's surprising how legally backwards we are when it comes to controlling access and the use of technology. (Try speaking that last sentence aloud and swap out "drugs" for "technology" Amazing how similar the arguments are, no?)
  • All of your points are correct, but you misread my message. I wasn't defending the US gov't's stupidity; I can't, it's indefensible. I was pointing out that the German gov't isn't as clued in as people here are pretending.

    Nor did I ever say or imply that "only constitutionally guaranteed rights are worth anything". What I did imply was that one acknowledgement of a basic right (assuming that it's a correct acknowledgement, of course) is worth a million grants of permission. I hold to that premise.

    A lot of this is societal. Britain has its freedom because that's the way its society works. Ditto America (our Constitution is just an outgrowth of it).

    Oh well.

    -Billy
  • This announcement constitutes _permission_ for Germans to use strong encryption. It's not like the problem in the States -- the US gov't is forbidden to restrict its citizens from using strong crypto (classing strong crypto as munitions means that the "right to bear arms" applies to crypto), but they've chosen to forbid them to export it.

    The German gov't is giving _permission_ to use crypto, not acknowledging a right. Tomorrow they may alter the deal -- pray that they do not alter it further (Episode 1 is so devoid of cool quotes!).

    I don't like the US system, of course, and I'm fighting for a change -- but don't pretend this is somehow better. It's worse.

    Do not stop fighting this stupidity!

    -Billy
  • Augusto Pinochet

    supported and put in place by the nice guys of the CIA. Did organise mass killing and torture for years. Now the US try to stop Pinochet trial in Europe in fear that the nice US foreign policy would be put to light.
  • I hope they do.... and we'll then laugh at them.

    Echelon is for losers.

    But what would be funny is to see if the US then next puts limits on German crypto software, because there won't be any CIA-Endorsed backdoors built in.... ;-)
  • anything to back this up?
  • I don#t think cryptography was explicitely forbidden before. Which makes usage legal anyway. If there had been a law, it would take mroe than a little announcement to make usage of crypto legal.

    The govenrment doesn't have to permit me to do anything, it can just make laws against me doing some things. ie, the default for anything is that it's legal unless forbidden by law. Makes sense?

    So stating that the announcements constitutes a "permission" is a little overstating things. But it's nice to know where they stand on the crypto issue. That's the big deal about the announcement.
  • Now it is. Anyway most people don't know a damn thing about the previous encryption laws and everybody was using whatever encryption package was available on the Web (ie. PGP). As far as I know nobody has ever been arrested because of that.
  • So we are either paranoid about the mighty Yugoslav army invading NYC or due to greed, we would love to get a part of that massive engine of industry that is Yugoslavia. Hmm...

    After WWII, Yugoslavia was one of the few Eastern Block countries that was freely allowed to build up a strong industry. Since the crumbling of the "evil empire" using Yugoslavia as a buffer is no longer necessary. Efforts to destabilize their economy, health and education systems began during the Bush administration if not earlier.

    The US has now pissed off yet another cultural region of Eastern Europe by trying to squish them under its thumb. My biggest fear now is losing a few of our (US) cities to some backpack nukes because of these political pissings.

    For more info read Against Empire or anything else by Michael Parenti and for old but established data on CIA tactics read War Against the Poor
  • You should be using fortify for netscape (www.fortify.net). Perfectly legal. Perfectly cool. Effectively, my browser is now as good as a USA one.
  • The echelon project has huge listening stations in Germany as well, does this mean that Germany wants to lose the final connection to the 'allies' of WW2? Or is it just an attempt to avoid situations like the one where a windmill factory lost a huge order to an american company?



  • The German authorities encourage use of strong cryptography and would like to help ensure that trustworthy implementations are available to the German people. This is good. But please don't forget that Germany, to the best of my knowledge, signed the Wassenaar Arrangement [wassenaar.org], like so many other countries. So this restricts permission to export cryptography, arms "etc." ... or does it??? I am a bit confused, because a page [wassenaar.org] on Wassenaar.org mentions this:
    The Wassenaar Arrangement has been established in order to contribute to regional and international security and stability, by promoting transparency and greater responsibility in transfers of conventional arms and dual-use goods and technologies, thus preventing destabilising accumulations. Participating States will seek, through their national policies, to ensure that transfers of these items do not contribute to the development or enhancement of military capabilities which undermine these goals, and are not diverted to support such capabilities.

    The decision to transfer or deny transfer of any item will be the sole responsibility of each Participating State. All measures undertaken with respect to the arrangement will be in accordance with national legislation and policies and will be implemented on the basis of national discretion. Therefore for specifics on Export Controls in Participating States, contact the National Authorities in that country.

    I read this to state that any of the countries having signed may still disregard what the Wassenaar Arrangement says, for example, about cryptography restrictions. This might be a good part of a bad arrangement...

    Can anyone enlighten me on this??

  • I'm not sure, but I think you might have meant "paragon" instead on "paradigm". One's a shining example, the other's a pattern of thought. (To define loosely.) Anyway, paranoia isn't unique to the US, we can just afford better spies.. :) Paranoia and greed is the human way, and one follows the other. I'm simply impressed that Germany realizes it can reap more benefit from a secure populace. Pity the US is so short sighted. There is some irony, Germany and "police state" used to be synonyms for me.

    Geek-grrl in training
    "I don't have a license to kill, I have a learner's permit."
  • > how do you know that the author is living in the US?


    He does not need to. Exporting is illegal according to USA law. In most countries using crypto is legal. Just get it from http://www.replay.com/ You do not need to export it yourself.
  • Encryption used to be banned in France. They did a 180 degrees a couple of motnhs back.... France is also not a member of Echelon, right?

    Coincidence? Methinks not.....


  • Actually, speaking as a German, I am a little surprised, but so far Schroeder has proven to be a very competent Chancellor. They've done quite a few things, including going ahead to join the NATO mission in FRY and stopping the abuse of a certain kind of low income jobs. It's good to see that the change in Government after 16 years of Helmut Kohl brought about at least a few good things.

    Nice to see that democracy is working for the benefit of the people, for a change.


  • It was the NSA, doing behind-the-scenes arm-twisting, that got GSM encryption crippled. They needed a European government as their front, and for all I know it might have been Helmut Kohl and his folks. But in case you didn't notice, that government was voted out of office.

    As for trusting crypto, only code that is available in source form and independently audited should be trusted. However, you can expect FUD from proprietary software vendors attempting to assert the reverse with security-by-obscurity arguments.

  • speaking of... does anyoen know of the legal situation for crypto in other EU countries? we only ever hear about France, UK and now Germany.... any clues about Spain? Italy? Belgium? the Scandinavian countries?
  • http://babelfish.altavista.digital.com/cgi-bin/tra nslate?urltext=http://www.bmwi.de/presse /1999/0602prm1.html&lp=de_en&doit=done

    Sorry I couldn't make it a link, but Slashdot is putting in an arbitrary margin.
    --------
  • No, you are missing the point. Classifying crypto as munitions is just stupid, it has no US constituional consequences (since the right to bear arms has not been treated by the US courts as the absolute right to have any kind of munition). And if anyone tried to make this argument it would be laughed out of court -- you'd have better luck with the 4th Amendment: The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

    You seem to think that the US is constitutionally forbidden from preventing its citizens from using strong crypto. That's false, there has never been such a case.

    But the biggest flaw is in your basic argument. If only constitutionally guaranteed rights are worth anything, then one would expect UK citizens to be absolute slaves (no written Constitution) and former USSR citizens to be the freeest in the world (extensive rights were "guaranteed" by their constitution).

    Written constitutions don't prevent rights from being taken away. It just makes it a bit trickier. What matters is effective freedom, and in many ways there is more of that in Western Europe than the US.

  • Point 3 of the summary seems to stop curiously short of saying "we won't restrict crypto export" in clear terms, the way that Point 1 says "we won't stop our citizens using crypto" in clear terms. Is that just an artifact of translation, are the Germans just paying lip service to Wassenaar, or will we see export controls going up around Germany similar to the US ones?
    --
  • I'm afraid your example, Kosovo, does not serve as a counter to my argument.

    Clinton et.al. have given several arguments in favor of intervention in Kossovo. Their favorite argument is that we are morally obligated to stop ethnic cleansing.

    I think we can all agree that there does exist just such an obligation (although I'm unconvinced that bombing is the best way to handle the problem.)

    But that is not, repeat, not, why we are in Kossovo. For if we were genuinely motivated by the moral imperative to stop ethnic cleansing, then consistency would require that we conduct such interventions where-ever they occur. But we don't. The most egregious case was the active lobbying by the US to stop--yes, you read it correctly, stop--UN intervention in Rwanda in '95, which resulted in the wholesale slaughter of not less than 500,000 people. Men, women, and children.

    So the argument that we're in Kossovo in virtue of our moral obligation to stop ethnic cleansing doesn't hold water, unless moral obligations only apply sometimes or in someplaces, which is, to borrow your phrase, silly.

    So why are we in Kossovo? The other arguments given by Clinton et.al. are more pursuasive. For economic and security reasons, we need a stable Europe. But, as history has repeatedly shown, in order to have a stable Europe, we need a stable Balkans.

    So there you go. It, once again, comes down to paranoia and greed. But as I said before, these are not always vices. In this case, we actually helping some people.

    At the same time, of course, that we hurt many others.

Slashdot Top Deals

Been Transferred Lately?

Close