From: nobody@shell.portal.com
To: cypherpunks@toad.com
Message Hash: 3af1d3f71314351d33e47dbca78b2146861618c47beb353d1b90a57b2b0b8a2d
Message ID: <199406050540.WAA16259@jobe.shell.portal.com>
Reply To: N/A
UTC Datetime: 1994-06-05 05:38:51 UTC
Raw Date: Sat, 4 Jun 94 22:38:51 PDT
From: nobody@shell.portal.com
Date: Sat, 4 Jun 94 22:38:51 PDT
To: cypherpunks@toad.com
Subject: Bill Machrone's PC Magazine article
Message-ID: <199406050540.WAA16259@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain
"Privacy in the Digital Age"
Bill Machrone
PC Magazine June 14, 1994 page 87
Copyright 1994 Ziff-Davis, I'm sure, but don't let that stop you from
forwarding to interested lists and newsgroups.
I'm a fairly conservative, law-and-order kind of guy. I support my local
police. I sometimes have trouble identifying with some of my more liberal
journalistic compatriots. But suddenly, you and I (along with the rest of
the computer industry) are caught up in an issue of national importance
that transcends politics and gets down to constitutional issues and basic
freedoms. The issues, however,are in danger of being clouded as the usual
suspects take sides and start shouting.
The knee-jerk liberals have squared off against the knee-jerk
conservatives over the privacy and security of digital communications.
The Electronic Frontier Foundation and the Computer Professionals for
Social Responsibility oppose the FBI and the Justice Department. And
they're all quoting Al Gore. Let's get beyond the labels, politics, and
allegiances and look at the facts.
Here's the short form: The Feds realized that with the advent of
widespread digital commmunications, their ability to monitor and tap
communications would be radically diminished or would take far more time
and money. So they proposed that all future digital devices be equipped
with a high-security scrambling cip, called Clipper. Crazy? Like a fox.
Every Clipper chip would have a serial number, which would give you access
to a key that would decrypt whatever data the chip had encoded. The key
would be kep in two pieces in two different places, and only a court order
could bring them together. Trouble is, nobody trusts the law enforcement
agencies to keep them apart. Don't even wonder if the National Security
Agency will be monitoring digital conversations for its favorite trigger
words. Furthermore, the pending legislation provides for fines up to
$10,000 a day against telecommunications companies who don't give the Feds
the access they want to decoded data streams.
It doesn't end with telephones and data networks. The Feds intend to have
Clipper technology on every fax machine, every cable TV box, every ATM,
every device capable of receiving and sending a digital data stream. They
want to monitor the entire information network for "patterns of abuse and
criminal activity."
Offering this capability in the form of a "security" chip that supposedly
protects our data is insulting and offensive. The silly part of all this
is that it represents the classic case of locks keeping out the honest
people. The sad part is that we don't trust law enforcement agencies,
however well-intentioned, not to abuse the power. Even worse, we the
taxpayers are going to foot the bill (to the tune of half a billion
dollars) just to build the monitoring network. We'll pay again in higher
product costs. Nobody builds complex data-encryption chips for free.
There is this little issue, however, of First Amendment rights. When the
White House issued its briefing document on the Clipper announcement, it
averred that no U.S. citizen, "as a matter of right, is entitled to an
unbreakable commercial encryption product." FBI director Louis J. Freeh
echoed this position in a _New York Times_ interview, in which he claimed
that the American people must be willing to give up a degree of personal
privacy in exchange for safety and security. I find both statements
odious.
Privacy is a nonissue for most of us. People who want their
communications to be secure have always had the means to do so. People
who don't need secure communications don't bother and don't care. Also,
security is a pain in the neck. The inherent hassles make us very choosy
about when we use it. All the Clipper chip will do is waste our tax
money.
There's no point in making everyone's transmissions and conversations
secure if a third party holds the key. No criminal in his right mind
would depend on Clipper encoding when fully secure means are available.
If the government manages to overthrow all logic and make Clipper a legal
requirement, those of us who want or need real security will be forced
into acts of civil disobediance. For data, it's a piece of cake. You can
find half a dozen shareware programs on ZiffNet that implement the
National Institute of Standards and Technology's Data Encryption Standard
(DES). If you're one of the superparanoids who suspect that the NSA put a
trap door into DES--no one has ever found evidence of it--you can use PGP
(Pretty Good Privacy), a shareware program popular on the Internet, or
PC-IRIS, available on ZiffNet. Both use a technique known as RSA to
encrypt your data, which is widely regarded as extremely difficult to
break. RSA has the additional benefit of providing public-key encryption;
you publish a key that people use to encode messages to you, and then you
use a private key to decrypt the message. DES is probably only viable for
another year or two before it becomes too easy to crack; RSA should be
secure for some time longer.
Voice security is harder, but not much. You either go to a spook shop and
pay a lot of money for a telephone scramber device or build your own. The
latter option is not all that difficult, given the advent of DSP (digital
signal processing) chips. All you need is the DSP, a couple of megs of
memory, and a few support chips. Some of the DSP vendors have evaluation
kits that contain virtually everything you need, Basically, you digitize
your voice, take samples of the data, and perform calculations and
transformations on it. You then turn the resulting data stream back into
sound and send it over the phone line. For fun, you might send several
data streams at the same time but out of phase with one another, the way
modems do. An identical piece of hardware on the other end performs the
operations in reverse order. Suffice it to say, however, that if the NSA
types hear a scrambled conversation that they can't understand, they're
going to wonder what you've got to hide.
We're not encouraging criminal behavior by pointing out cryptographic
resources. The dummies won't read this and the smarties don't need to.
The only people who will be adversely affected by Clipper are you and me.
--end--
Return to June 1994
Return to “nobody@shell.portal.com”
1994-06-05 (Sat, 4 Jun 94 22:38:51 PDT) - Bill Machrone’s PC Magazine article - nobody@shell.portal.com