New Scientist reports that the files from Al Qaeda computers were encrypted with 40-bit DES. Nobody is asking whether opening up crypto export regs was a smart move. And if we question encryption regulations, it's only logical to question supercomputer exports as well.
--Nat
Re:Laws and regulations don't make people good
pudge on 2002-01-18T21:58:58
The funniest (saddest?) thing about crypto regs are that *anyone* who knows what they are doing can get their hands on the strongest crypto available to people in the U.S. If I am allowed to get it, they can get it. It's painfully simple. All crypto regulations do is keep American businesses from making money overseas. They don't actually stop bad people from getting ahold of these things in the slightest.Re:Laws and regulations don't make people good
jmm on 2002-01-18T22:42:42
I really dislike the export controls, but this does demonstrate that they had an effect that can sometimes be construed as positive.
While knowledgeable people could get strong encryption, this case demonstrates that some people are not knowledgeable.
The key issue is: When the person who foolishly chooses 40-bit encryption is a genuine black hat, the export restrictions have proven useful. Of course, whenever it is a white hat who is foolish - they have proven detrimental. I've sure that the tradeoff is greatly to the advantage of not having restrictions, but this is a real example of their benefit (as long as you believe that Al Quaeda files should be subject to examination if possible).Re:Laws and regulations don't make people good
pudge on 2002-01-18T23:40:26
While knowledgeable people could get strong encryption, this case demonstrates that some people are not knowledgeable.
Yes, but the laws of law enforcement dictate that dumb crooks are easier to catch regardless.:) Is it possible that there will be encrytped info that we would not otherwise be able to get that, if gotten, could save a lot of lives? Yes. Is that likely? No, no it isn't. We've picked up videotapes of them describing what they've done and what they will do. We've seen faces of people at large. These are not hi-tech criminals. If there is an encrypted copy in one cave, there's probably an unencrypted one in the next. Re:Laws and regulations don't make people good
jhi on 2002-01-18T22:45:06
That's the irony of laws: they keep honest people from breaking them. The bad guys don't give a shit, honestly.
And yes, thanks to the US crypto regulations, there's quite a healthy crypto software industry in Europe.
To limit crypto I suggest building a time machine and killing all those pesky ancient Greeks, thinking about primes...Re:Laws and regulations don't make people good
pdcawley on 2002-01-19T00:15:32
To limit crypto I suggest building a time machine and killing all those pesky ancient Greeks, thinking about primes...
But then some bugger'd just start thinking about elliptic functions or whatever, et viola, another possible crypto system rears its head.Re:Laws and regulations don't make people good
jhi on 2002-01-19T00:26:09
I hope you bought enough batteries for your time machine.Re:Laws and regulations don't make people good
chromatic on 2002-01-19T00:59:10
It's simpler to pass a law saying that inventing things in the past is now illegal. (The horse has been gone so long, they'd have to rebuild the barn...)
The EFF ITAR archive is a nice tour through crypto export restrictions through the years. Bruce Schneier wrote a wee bit after 11 Sept. about the possible restrictions on crypto in the future but this was also before there were any confirmed uses of crypto by OBLs people. I wouldn't be surprised to see ITAR or other legislation come back in full force even though it is pure folly.
