From: Matt Thomlinson <phantom@u.washington.edu>
To: cypherpunks@toad.com
Message Hash: d6b44307f19b3c13d802ca83a6cee1748a4f0e9cc1567cdcb65bb8a608de780f
Message ID: <Pine.3.89.9405302312.A22268-0100000@stein1.u.washington.edu>
Reply To: N/A
UTC Datetime: 1994-05-31 06:45:59 UTC
Raw Date: Mon, 30 May 94 23:45:59 PDT
From: Matt Thomlinson <phantom@u.washington.edu>
Date: Mon, 30 May 94 23:45:59 PDT
To: cypherpunks@toad.com
Subject: Seattle Times cpunks article, 5/27/94
Message-ID: <Pine.3.89.9405302312.A22268-0100000@stein1.u.washington.edu>
MIME-Version: 1.0
Content-Type: text/plain
Paul finally polished this one up and put 'er in print. It talks about
the NSA document, cypherpunks, and clipper. Pretty good, I thought.
(c) 1994 Seattle Times, I'm sure.. ;)
Is government chipping away at freedom, privacy on new information highway?
---------------------------------------------------------------------------
-Another in a periodic series looking at the impact of technology on
contemporary society-
By Paul Andrews, Seattle Times staff reporter
Long dormant, '60s-style civil disobedience may soon make its
reappearance -- not at college campuses or draft inductions but on the
information superhighway.
The issue this time around: electronic privacy. An underground
computer group, known as cypherpunks, is among a variety of groups
fighting the Clinton administration's attempt to monitor electronic
communications, saying it smacks of Big Brother and thought control. And
they're intent on using the electronic equivalents of protest marches,
sit-ins and card burnings to make their point.
The dress rehearsal came last month when cypherpunks distributed
the employee manual of the National Security Agency over the Internet in
an attempt to embarrass the administration.
The incident was generally viewed as a teenage prank. Although an
intriguing glimpse into the psychology of one of the government's most
secret bureaus, the manual is not a "Top Secret" document. The agency
contacted and questioned at least one cypherpunk, but took no formal action.
"There was no information in the document that would be
considered damaging to national security," said Judi Emmel,
public-relations officer for the NSA.
But observers say the episode presaged the inevitable: digital
enactments of civil disobedience not seen since publication of the
Pentagon Papers in 1971. In that case, a one-time Pentagon consultant
named Daniel Ellsberg leaked documents to The New York Times and
Washington Post, detailing decades of official deceit, ineptitude and
ignorance over Vietnam foreign policy.
The Justice Department attempted--unsuccessfully--to bar
newspapers from printing the papers, arguing that publication threatened
U.S. soldiers and wartime strategy. Ellsberg, whose action contributed to
President Nixon's eventual disgrace and resignation, was charged with 12
counts of espionage, conspiracy and theft. The case ended in a mistrial.
Inevitably, Net observers say, an Ellsberg-style cyber protester
will post classified documents on the Internet--not as a prank, but to
embarrass, disrupt or otherwise bait the government. Digital protests
could take other forms as well -- everything from mail "bombs" -- long
files meant to slow a system's functions or operations -- to viruses or
"hacking" (entering and damaging files in) federal computers.
If such actions happen, the government's response may move legal
principals behind the First Amendment and Bill of Rights to a new and
untested electronic arena.
"It's absolutely going to occur," said Winn Schwartau, author of
the recently published "Information Warfare."
As government documents leak and people get hold of them,
whether for personal or political reasons they're going to be on the Net."
Like Ellsberg, cypherpunks say their aim is to expose government
mendacity and incompetence as a defense of the public's right to know in
a democracy. Their target: the Clipper chip, a device placed in computers
that would enable security agencies to eavesdrop on, store and search all
electronic communications. Last month's episode began when a 25-year-old
Austin, Texas, computer engineer, Chris Goggans, posted an electronic
version of the NSA manual in Phrack, an on-line magazine he publishes. It
was then copied and redistributed to Electronic Frontier Foundation (an
activist organization) and cypherpunk news groups on the Internet.
Goggans, who uses the on-line alias "Erik Bloodaxe," reported
that he received the manual in a white envelope with a Silicon
Valley-area postmark and no return address. It's impossible to determine
how many of the Internet's estimated 15 million to 20 million users saw
the posting. Among the Net's community of users concerned about electronic
privacy, it received wide distribution.
Traditionally the NSA, whose specialty is decoding encrypted
information, has been steeped in secrecy. During the Cold War era, its
existence was routinely denied, but it has become more open since
President Clinton office.
The NSA manual urges employees to be vague about their job
without drawing "attention to themselves nor to their association with
this agency." Intelligence employees with specific job classifications
are directed to "generalize" their titles to "research analyst."
The manual states that it is "FOR OFFICIAL USE ONLY,"
encompassing "information or material which, although unclassified, ...
should not be given general circulation." If the manual is disclosed,
"appropriate administrative action will be taken to determine
responsibility and to apply corrective and/or disciplinary measures," it
states.
Emmel indicated that the agency, although "not particularly
pleased" with the cypherpunk posting, did not consider it illegal. "A
Freedom of Information request could do the same thing," she said.
Cypherpunks say the symbolism is more meaningful than the action itself.
The manual was posted "to embarrass the NSA at a point where they
are pushing the Clipper chip," wrote Grady Ward, an Evergreen State
College graduate living in northern California, in response to an
electronic inquiry. "If the NSA can't keep its own security manual from
the hands of the public, what guarantees they can keep the Clipper keys"
from falling into the wrong hands, he said. Ward was contacted afterward
by an NSA security officer, whom he gave instructions on how to subscribe
to Phrack.
A Seattle cypherpunk, Matt Thomlinson, who goes by "Phantom,"
said he would have published the NSA manual even if it had been
classified. A Univeristy of Washington senior from Auburn who had never
heard of the Pentagon Papers episode, Thomlinson said he would publish
classified documents to make a point only if doing so would neither harm
national security, nor put someone in physical jeopardy.
"It really depends on the situation," he said.
The Clipper chip is designed to encrypt data transmissions over
telephone lines so they cannot be read without a decoding key. Under the
administration's plan, one half of the key would be held in escrow by the
Treasury Department and the other by the National Institute of Standards
and Technology within the Commerce Department. Government security
agencies would have to get permission from the escrow agencies to use the
key to decode suspect communications.
Cypherpunks, a largely anonymous group of programmers whose name
combines the terms cyberpunk and cipher(using the British spelling),
support encryption, but say only senders and recipients should hold the
keys. They argue that the Clipper keys would fall into the hands of
terrorists, criminals or spies.
"The idea that nobody will do this is ludicrous," said Scott
Northrop, a Seattle cypherpunk who uses the pseudonym "Skyhawk." "The
incentives are enormous."
The Clipper chip would be replicated, they say, or obtained by a
double agent such as Aldrich Ames, who has been in the news latedly for
selling classified material to the Russian government.
"They (cypherpunks) didn't have to go to the trouble of printing
the NSA manual to make their point," said Jim Warren, a Silicon Valley
computer-industry pioneer who founded an annual conference on Computers,
Freedom and Privacy. "Aldrich Ames is evidence enough."
Warren thinks foreign corporations after trade secrets would
eagerly pursue Clipper technology -- "and they have a considerably more
suspicious profile than foreign governments."
The administration counters that without the Clipper "trap door"
capability for monitoring communications, encryption will be used to
conceal covert or illegal activities from enforcement authorities.
Administration officials have suggested that without Clipper capability,
encryption may have to be banned altogether.
An attempted ban would be a folly, said Schwartau: "From a
political, social, technological and pragmatic standpoint, it ain't gonna
happen."
A popular slogan on the Internet sums up opposition to a ban: "If
encryption is outlawed, only outlaws will have encryption."
Unswayed, the administration is moving to put Clipper encryption
in government interagency communications. So far it has indicated that
compliance by private industry and citizens should be voluntary.
If classified documents were posted on the Internet, it's unclear
what government response would be.
Emmel said such a step would be met with "appropriate action,"
but she declined to elaborate.
-----
Matt Thomlinson
University of Washington, Seattle, Washington. phone: (206) 548-9804
Check my home page -- ftp://ftp.u.washington.edu/public/phantom/home.html
Get PGP 2.2 or 2.5 key via email or finger phantom@hardy.u.washington.edu
Return to May 1994
Return to “Matt Thomlinson <phantom@u.washington.edu>”
1994-05-31 (Mon, 30 May 94 23:45:59 PDT) - Seattle Times cpunks article, 5/27/94 - Matt Thomlinson <phantom@u.washington.edu>