From: Lizard <lizard@dnai.com>
Date: Fri, 26 Sep 1997 02:25:42 +0800
To: Tim May <cypherpunks@toad.com
Subject: Re: Why the White amendment is a good idea (fwd)
In-Reply-To: <Pine.LNX.3.95.970925120717.17603A-100000@vorlon.mit.edu>
Message-ID: <3.0.3.32.19970925110022.031567f4@dnai.com>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 10:33 AM 9/25/97 -0700, Tim May wrote:
>Once the NETCenter failed to decypt the first several dozen 
instances of
>PGP or 3DES thrust before it, I rather expect enthusiasm will wane.

But it doesn't have to decrypt it. It has to tell the cops:
"OK, you need to send a guy in there when he's not home and look for 
a file called 'mykey.gkr' on his computer...it will probably be in 
c:\pgp. Then you need to plant a video camera to watch him type his 
passphrase. Then we can read his mail, no sweat."

I don't know why I keep making this point, but the weak point in 
crypto is NOT the length of the key, it's the human factor. Go after 
the HUMAN USING THE CRYPTO via traditional spy/police methods, and 
smeg the key length.

But to do that, you see, you'll need warrents, reasons for 
suspiscion, and, becuase of the effort involved, you'll only do it 
for serious crimes with a strong liklihood of conviction. *That* is 
the 'stauts quo' law enforcement *claims* to want.

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv

iQA/AwUBNCqmtTKf8mIpTvjWEQKP2QCg23fm4sNAs0Uj9d2DZT/60ZRWgeIAoI37
/RgFkiiCHHo10o2/8yiBTj+i
=af7a
-----END PGP SIGNATURE-----