From: Ed Carp <ecarp@netcom.com>
Date: Mon, 2 May 94 09:05:22 PDT
To: Duncan Frissell <frissell@panix.com>
Subject: Re: Security Consult. Needed
In-Reply-To: <199405021356.AA14925@panix.com>
Message-ID: <Pine.3.89.9405020947.A28464-0100000@netcom10>
MIME-Version: 1.0
Content-Type: text/plain


On Mon, 2 May 1994, Duncan Frissell wrote:

> Two recent incidents in NYC show massive market failure in the 
> information security industry.

You mean, marketing PGP to criminals?

> One of the city's largest bookies was busted when the Feds intercepted the 
> daily fax transmissions summarizing business results sent from his NY 
> office to his Florida home.
> 
> A major cocaine dealer is facing prosecution based on written transaction 
> records seized at his office.  His simple code was broken by a "known 
> plaintext attack" when investigators were able to match his written 
> notations with transaction information derived from wiretaps.
> 
> Can't anyone help these people?  Maybe 178th Street needs PGP and Secure 
> Drive more than the PC Expo.

Be careful with this line of reasoning.  If you market PGP to a crook for 
the explicit purpose of keeping his illegal activities hidden from the 
cops, you violate at least two different laws.  It's like selling lock 
picks to a known burglar.  You could be prosecuted for conspiracy, aiding 
and abetting, and whatever they call interference with a police 
investigation nowadays.