1993-09-12 - fwds from RISKs

Header Data

From: “L. Detweiler” <ld231782@longs.lance.colostate.edu>
To: cypherpunks@toad.com
Message Hash: dd3aaa025d2e60ac61e491cde9d47bc9f6620d8f115ae22e454abf3550b13dac
Message ID: <9309120637.AA09563@longs.lance.colostate.edu>
Reply To: N/A
UTC Datetime: 1993-09-12 06:43:17 UTC
Raw Date: Sat, 11 Sep 93 23:43:17 PDT

Raw message

From: "L. Detweiler" <ld231782@longs.lance.colostate.edu>
Date: Sat, 11 Sep 93 23:43:17 PDT
To: cypherpunks@toad.com
Subject: fwds from RISKs
Message-ID: <9309120637.AA09563@longs.lance.colostate.edu>
MIME-Version: 1.0
Content-Type: text/plain




- Clinton administration eases Cold war era controls on export of
supercomputers to Soviet bloc countries
- mainstream article on digital signatures in The Sciences
- European secure phone & network advertisement

there's a pointer to Islands in the Net by B. Sterling for `offshore
data havens' and some other notes there, not included.

points:

- remember that DEC machine that was taken off the net because of
problems with the state department restricting computer access to
`foreign nationals'? will anything like this ever happen again?

- public comprehension of digital signatures is definitely a necessary
stepping stone to digital cash in the collective psyche. A positive sign.

- secure phones: was the EC policy recently quoted here affected by
this? anyone in Europe threatened by that proposal should look into this.


===cut=here===

RISKS-FORUM Digest 15.03

Date: 27 Aug 93 15:05:53 EDT
From: "Mich Kabay / JINBU Corp." <75300.3232@compuserve.com>
Subject: Technology export curbs

From Washington Post newswire   08/27

    U.S. Acts to Ease Export Controls On Computers; Industry Officials 
    Say Proposed Standard Falls Far Short of Need 
    By Peter Behr,  Washington Post Staff Writer 
  
    "The Clinton administration moved yesterday to ease Cold War-era
controls on exports of high-powered U.S. computers to the former Soviet
Bloc and other countries, fulfilling a campaign promise President Clinton
made to the Silicon Valley executives who supported him last year."

The article continues with comments on the lost sales caused by Cold War
restrictions on computer exports.  The new Commerce Decision rules allow
export of microprocessors rated at 67 Mops (million operations per second),
a big boost from the previous limit of 12 Mops.  However, multiprocessor
units are still on the forbidden list.

Sales to the former Soviet Union are still subject to approval by COCOM,
the Coordinating Committe for Multilateral Export Controls.  Apparently
some members of COCOM--Germany, in particular--are trying to link
relaxation of computer export restrictions with relaxation of
telecommunications gear.

***

It will be interesting to see if the long-standing assumption that export
restrictions prevent the distribution of technology to the interdicted
nations.  My reading of the DES-restriction debacle is that export controls
on high tech are a farce.  The U.S. restrictions hurt U.S. manufacturers
and are a boon for everyone else.

Michel E. Kabay, Ph.D., Director of Education, National Computer Security Assn


RISKS-FORUM Digest 15.02

Date: 03 Sep 93 07:52:52 EDT
From: "Mich Kabay / JINBU Corp." <75300.3232@compuserve.com>
Subject: Electronic documents

A recent article deals with several RISKS of depending on electronic
documents:

  Hayes, B. (1993). The electronic palimpsest; Digital documents for all
  occasions: erasable, correctable, reproducible, forgeable.  _The Sciences_
  (NY Academy of Sciences) 33(5):10.(Sept/Oct 1993)

I enjoyed reading Brian Hayes article in the new issue of this fine magazine.
It is not only informative and up to date, but also elegant, amusing and
beautifully illustrated with various paintings.  Summary follows:

"As a writing instrument, the computer is not su much a better pencil as a
better eraser."  You can eliminate all traces of your early versions at the
stroke of a key.

This easy erasability leads to difficulties of authentication.  How can one
prove who wrote an electronic document?  Digitized signatures make the problem
worse, since anyone can scan a real signature and then print in on any
document.  However, digital signatures are a good method of authentication.
The public key cryptosystem allows you to encrypt a document with your private
(secret) key; only the corresponding public key decrypts the message.  The
encrypted version is as big as the original, though: a nuisance.  A
refinement, the digital signature, encrypts a digest of only 160 bits and
provides the same confidence of authentication.

Another problem is forgery.  If we pay the rent with an electronic cheque,
what stops a crook from using copy after copy of the same cheque?  We will
need unique serial numbers on electronic cheques.

What about proving _when_ a document was created?  Here we have to rely on
a time-stamping service.  Scientists at BELLCORE have invented the
time-stamp equivalent of the digital signature.  You submit a digest of the
document that needs to be time-stamped to a trusted time-stamping computer;
it generates a cryptographically-sound certificate which includes the time
of receipt.

To prevent fraud at the time-stamping computer (where someone might change the
system clock long enough to produce fake time-stamps for a specific crime),
every certificate is merged mathematically with all the others issued during
the same weekly period.  The summary time-stamp is then published in _The New
York Times_.

The legal system will have to adapt to the increasing use of electronic
documents.  Historians will also have more trouble piecing together the
creative process if only the final version is published or physically
available.  And what about the rapid changes in computing technology and
storage devices?  Who will be able to read today's diskettes a hundred years
from now?  Or even ten?  Archivists must think about these issues.

<<end of summary>>

Michel E. Kabay, Ph.D., Director of Education, National Computer Security Assn

RISKS-FORUM Digest 15.04

Date: Thu, 9 Sep 1993 18:10:41 +0100
From: Brian.Randell@newcastle.ac.uk
Subject: EuroDigital

The attached article about a new digital phone service, about to be launched
in the UK, is from the Monday, Sept 6, 1993, issue of The Independent. Also in
this issue was a two page advertisement for the new service - the text of this
is also attached.  My understanding is that the new equipment produces
emissions that have characteristics that were not considered when the
regulations and guidelines (under which existing devices such as hearing aids
were designed) were laid down. If this is right, then the statement by the
providers of the new service that the problems are the responsibility of the
manufacturers of such devices would seem to be highly questionable. I await
with interest RISKs readers' reactions to the article (and the advertisement).

Brian Randell, Dept. of Computing Science, University of Newcastle, Newcastle
upon Tyne, NE1 7RU, UK Brian.Randell@newcastle.ac.uk PHONE = +44 91 222 7923

[...]

(Advt.)
LIBERTE'

The Freedom to make a call in total security

We have given you freedom. We have created a secure tomorrow for businessmen
and travellers both here and in Europe. New frontiers beckon.  Vodafone
proudly announces EuroDigital. The most advanced and most secure mobile phone
network. So sophisticated that it can even be used to make and receive calls
in Europe in total security. EuroDigital represents a revolution in mobile
phone technology. A superior digital system that provides a top quality
service. A quality that doesn't falter, that doesn't break up. Line rental is
21.50 per month. UK call charges 25p per minute peak, 10p off peak. Only
Vodafone can offer this. Liberate yourself. Enjoy freedom of speech and
security. Rise above the rest.  Call free, 0500 123 123 and ask for more
information. All prices are recommended and are exclusive of V.A.T.

VODAFONE
EuroDigital






Thread