1994-08-07 - Dallas Morning News article

Header Data

From: Phil Karn <karn@unix.ka9q.ampr.org>
To: cypherpunks@toad.com
Message Hash: 9722225b6200d784cbd909c2aa0fd4d981fe17c0d132bd6dbfdd436e7078a5c8
Message ID: <199408070130.SAA01067@unix.ka9q.ampr.org>
Reply To: N/A
UTC Datetime: 1994-08-07 01:29:29 UTC
Raw Date: Sat, 6 Aug 94 18:29:29 PDT

Raw message

From: Phil Karn <karn@unix.ka9q.ampr.org>
Date: Sat, 6 Aug 94 18:29:29 PDT
To: cypherpunks@toad.com
Subject: Dallas Morning News article
Message-ID: <199408070130.SAA01067@unix.ka9q.ampr.org>
MIME-Version: 1.0
Content-Type: text/plain


Dallas Morning News, July 23, 1994, Page 5F

Cryptography tests rights of electronic word
Tom Steinert-Threlkeld
Cybertalk

The electronic word appears to have fewer rights than the printed word.

At least that could be the conclusion drawn from an unusual case
emerging from the Bureau of Politico-Military Affairs in the
U.S. State Department's Office of Defense Trade Controls. There, a
book about encryption techniques has won an export license, but a
computer disk containing the same information has not.

The book in question is titled "Applied Cryptography", an attempt by
data security consultant Bruce Schneier to translate 20 years of
academic research in scrambling computer traffic "into terms
understandable by mere mortals."

In so doing, Mr. Schneier hopes to do "more to further the spread of
cryptography around the globe than any single (encryption) product
could."

So far, his publishers, John Wiley & Sons, believe the 600-page tome
has been doing almost that.  Since its release in November, almost
15,000 copies of the book have been sold. Of that, between 1,500 and
2,000 have been to programmers and other interested parties abroad.

Those foreign sales are possible because the book did not have to get
an export license. Such controls are used by the State Department to
guard against the spread of cryptographic methods that could be too
difficult to break, posing a threat to national security.

The book contains what Mr. Schneier estimates is about 100 pages of
algorithms, hash functions and other lines of computer code that can
be used to encrypt messages. But the Office of Defense Trade Controls
in March rendered the opinion that the book "is not subject to the
licensing jurisdiction of the Department of State since the item is in
the public domain."

No so with two disks containing the same "source" code.

In a May 11 letter, office director William B. Robinson designated the
disks as an article "under category XIII(b)(1) of the United States
Munitions List." As such, the author would require an export license
for the disks.

The code itself was not a finished product. It would have to be
"compiled" into an executable program before it actually could be used
to disguise any data on a computer network.

The code was also exactly the same as appeared in the book, or at
least as nearly as possible, given the transfer to a magnetic disk.

But that appeared to be enough of a difference for the State
Department.  Mr. Robinson stated, "The text files on the subject disk
are not an exact representation of what is found in 'Applied
Cryptography'. Each source code listing...has the capability of being
easily compiled into an executable subroutine."

A State Department official Friday translated the distinction this
way: "The difference with the code in the book is you have to type it
all in and correct all the errors" before it is usable by a computer
programmer.  The "value added" by putting the code on the disk is that
it is already typed in.

"That was the determination we made", the official said.

Practically speaking, the distinction escapes the author,
Mr. Schneier. Once one overseas programmer types in the code and
corrects the errors, hundreds of copies can be easily made and shipped
to any country. For the programmer who is too lazy to type, the book's
pages even can be scanned in.

"What do we think? Foreigners can't type? Or is the worldwide scanning
industry influencing this decision?" he asks.

Others see larger, constitutional questions.

"They're trying to say electronic words have less protection than
written words," said David Banisar, policy analyst with the Electronic
Privacy Information Center in Washington, D.C. "That's not a
proposition that I think any court will support."

As more and more words -- from book, magazine and newspaper
publishers, for instance -- become electronic, the issue could become
critical. "When all words are electronic, they won't be able to be
protected under the First Amendment" if this difference between words
on a paper medium and words on a digital medium gains footing, he
said.

Phil Karn, an engineer and ally of Mr. Schneier, however, is appealing
the stand on the disks. The State Department's view also is not the
final law of the land.

"It seems like kind of a foolish distinction and one which in any case
is ultimately doomed to failure," said Internet Society executive
director Anthony Rutkowski. The different rulings on the book and the
disk are "utterly stupid, but that's the way bureaucracies work."

Mr. Robinson and the trade control office's deputy director, Rose
Brancaniello, declined to comment. Another officer, Tom Denner, said
comment was prohibited by confidentiality provisions contained in
section 38(e) of the Arms Export Control Act.

------

CyberTalk appears every other Saturday, discussing people, places and
problems populating the world of computer communications known as
cyberspace.  Tom Steinert-Threlkeld can be reached at the Internet
address, tomhyphen@onramp.net; at America Online, tomhyphen; or at
Prodigy, trfj19a.







Thread