From: attila <attila@primenet.com>
To: jim bell <jimbell@pacifier.com>
Message Hash: af7259b32391936f5370a6c659f636d6f63b5d2c68e5641959f105ba2b5b7788
Message ID: <Pine.BSD.3.91.951124185244.23968A-100000@usr1.primenet.com>
Reply To: <m0tJ1o2-0008zJC@pacifier.com>
UTC Datetime: 1995-11-25 01:31:24 UTC
Raw Date: Sat, 25 Nov 1995 09:31:24 +0800
From: attila <attila@primenet.com>
Date: Sat, 25 Nov 1995 09:31:24 +0800
To: jim bell <jimbell@pacifier.com>
Subject: Re: real life problems with ITAR (was Spam the Sign!)
In-Reply-To: <m0tJ1o2-0008zJC@pacifier.com>
Message-ID: <Pine.BSD.3.91.951124185244.23968A-100000@usr1.primenet.com>
MIME-Version: 1.0
Content-Type: text/plain
On Fri, 24 Nov 1995, jim bell wrote:
>
> Attila@primenet.com said:
>
> > On Thu, 23 Nov 1995, jim bell wrote:
> >
> >> I very much agree with the direction you appear to be headed in. It seems
> >> to me that Netscape should have no problem devising some sort of scenario in
> >> which such a program eventually gets onto the nets, but in a way that is
> >> squeaky clean, at least for THEM.
> >>
> >>
> >> In addition, why should they even need to write the encrytion part of their
> >> software IN the US? It occurs to me that one way to do this might be to
> >> send one of their programmers to a conveniently-located place, such as
> >> Vancouver BC , Montreal Canada, or a few other nearby places, with a great
> >> deal of fanfare, and tell him to "write some crypto." He does, and brings
> >> it back into the US with him, leaving a copy of it "outside" the country for
> >> international distribution.
> >>
> > <attila sez> I think they have that one covered --not only is it
> >violation of ITAR's intent to send a programmer out of the U.S.
>
> Well, don't assume that because something's a "violation of ITAR's INTENT"
> it is actually a violation of ITAR. It can't be assumed that ITAR is
> _perfect_: That it actually prohibits every activity the government that
> wrote it didn't like.
>
<#2 attila sez> the problem with the U.S. government is the U.S.
conspiracy laws. If they have insufficient evidence to convict on
"actual" violations, they use the concept that you were _part_ of a
conspiracy to _circumvent_ the laws.
> , but is
> >illegal to hire a foreign national to program for your non-U.S. products.
>
> Sure about this?!?
>
<#2 attila> I dont have to push all my data into glimpse to find
the article, but it's there. there are other sources, but not open to
discussion; sorry.
> > the test is going to be with someone like Sun who "bought" a group of
> >Russian crypto programmers and left them in Russia. Now, the problem
> >with ITAR is that if you import that code, you can not then export the
> >code since it is now covered by ITAR.
>
<#2 attila> I guess I should have stated it better: what they are
trying to do, for instance with Sun, is treat that foreign entity as
if it was a direct operating unit of the parent U.S. company. OK,
fine, you hire your Russian crypto programming team and my take from
several conversation is that it is a _good_ team, but the U.S. wants
to enforce the rule that the code produced in Russia for a "parent"
American company is _a U.S. product_! --in other words, the foreign
division can not sell it overseas. So far, noone has been charged,
but my sources say Sun is the most likely.
Either way you slice it, Sun is committed to world wide
compatability, and with that goes security, including worldwide NFS.
You figure it out...
what is the alternative for Sun, or Netscape? yup, close down in
the U.S. and go to Holland --oh, they can keep their sales offices in
the U.S. --but they will be paying import duty, or they will end up
contracting local assembly. closing down in the U.S. literally means
off NASDAQ.
the fact that our government is effectively totalitarian is their
paranoia -only paranoia that they might miss something or that they
are not in total control stimulates the kind of attack on the
Constitution that is going on.
> I didn't say that the code would ever be "re-exported": A copy would be
> brought into the US for domestic use, and everyone else outside the border
> would get their own copy from an outside server.
>
>
> > secondly, it appears there is a move afoot to make it an ITAR
> >violation to hire the foreign nationals to circumvent ITAR --basically,
> >the Feds want to stop cryptography _everywhere_, including telling
> >Russians they can not work for U.S. companies! Just where do they think
> >they are getting off?
>
> It is for this kind of problem that I "invented" my concept of
> "Assassination Politics": If everybody pissed off at this situation was
> willing to donate $10 to a fund to reward the deaths of a few government
> officials responsible for ITAR, I can well imagine that this would shake
> them up a bit.
>
Robert East <viking@pacifier.com> said
> What all these postings show is the desire of the federal government to
> attempt to control crypto. In the past, they were, virtually, the only
> source for encryption equipment and/or computer code. Well, now that
> isn't true anymore. They came up with ITAR regulations to attempt to
> put a lid on crypto and other technological developments but it is like
> trying to use a sieve to carry water. There are many programmers and
> others who will produce code and make sure that it is exported
> anonymously just to prove that the government isn't "All Powerful."
>
<#2 attila> yes, that is true, but that is not the point --we have
been doing that ever since I have been involved in crypto. 20 years
ago when the heat was on me, somebody else dumped it whereever. even
simple things get the Feds' dander up and they need an example; if I
had not had a U.S. Senator (and I never even met the gentleman) in my
corner, I would have gone down for the big one in '76.
Look at the problem Phil Zimmerman is having --several hundred
thousand dollars in legal fees so far --for what; the original
algorithms were published in Scientific American in Oct 77 --and then
there was _silence_. Just try and find a copy of that issue in a
public library; most were pulled.
I may have been really pissed off after a couple thugs in trench
coats knocked on _my_ door early morning to read me my rights for
"exporting technology to a foreign power," or being detained in a
little white room for 36 hours at immigration after speaking at a
conference in Sweden and another in Copenhagen that was highly
critical of U.S. policy --and discussing advanced hardware techniques
for emulating BCD machines in not BCD bit slices --just happened to
match the old Burroughs 3500s which were in all the missle silos
--now, whatever gave them that idea? :)
Ask Phil Zimmerman if he would do it again-- I will, because I
don't give a shit, am old enough that I can afford to have ethics, and
I am a Jeffersonian democrat; jefferson must be spinning over the
speed of light over what the _conservatives_ would do, let alone what
the liberal Democrats will bleed and do, like Clinton, or Hillary and
her lez buddy Thomases, who, unpaid, occupies an office in the front
row (she was the one who was seen carrying Foster's files upstairs to
Hillary).
> At some point in time the feds are going to put their collective tails
> between their legs and go slink away to some convenient hiding place.
> I think it's a case of Pandora's box being opened with no way of
> reclosing it.
>
<#2 attila> naw. they're too stupid and too paranoid to give up.
the U.S. has not had a free election since Lincoln's first term and
Stanton wrote the War Powers Act which, to this day, has not been
repealed. Russia has more democracy than the U.S. --even if they are
totally SNAFU. The U.S. hasn't degenerated to Hussein or the
Ayatollah, but if NSA and Freeh have their way, it might. As Will
Rogers said in the early 30s: "...go to the circus? why would I want
to do that when Congress is in session?" or Mark Twain, who said
something to the effect: "...the only natural criminal class in
America is our Congress...."
it's all a matter of control, or the appearance of being in
control. No, they cant bust all of us, but they can set some pretty
painful and expensive example of a few of us. ...been there, and done
that!
> Bob
Return to November 1995
Return to “jimbell@pacifier.com (jim bell)”