From: Jay Campbell <edge@got.net>
To: Carl Ellison <cme@clark.net>
Message Hash: d7da4f8bbe9d0e1bdf8b9a0e52d829bb161fb08fd62cc17a0857ca368c48d10a
Message ID: <199511230817.AAA22826@you.got.net>
Reply To: N/A
UTC Datetime: 1995-11-23 08:12:11 UTC
Raw Date: Thu, 23 Nov 95 00:12:11 PST
From: Jay Campbell <edge@got.net>
Date: Thu, 23 Nov 95 00:12:11 PST
To: Carl Ellison <cme@clark.net>
Subject: Re: crypto for porno users
Message-ID: <199511230817.AAA22826@you.got.net>
MIME-Version: 1.0
Content-Type: text/plain
> a) "no one on the net knows you're a dog" implies that police can
> pose as a fellow porn producer or consumer and get away with it
> more easily.
>
> b) strong crypto for communications between porn users encourages
> them to speak more freely. When one of the two is a police officer
> in disguise, that encourages the other (the suspect) to reveal more,
> making the investigation proceed more quickly. Knowing that the
> crypto is strong enough to keep government eavesdroppers out, the
> sender is given a false sense of security -- is distracted from
> thinking about the trustworthiness of the receiver while thinking
> about the security of the channel itself.
A common way to get around prostitution sting operations is to ask the lady
to expose sensitive portions of her anatomy to prove her sincerity before
the would-be customer commits to any transactions; this sort of thing is
also becoming commonplace on the net for pornography or pirated software,
too. Would-be trafficers often ask a prospective recipient for a small chunk
of fresh files in advance, before passing back anything serious .. partially
out of suspicion, mostly out of greed, but to the same end. A law
enforcement team would be stepping onto shaky ground if they were forced to
transfer illegal images/etc to a suspected trafficer before getting evidence
from him. Entrapment is an ugly concept.
>3. Encryption of porn would work against the kind of porn distribution
> found on the alt.binary.pictures.erotic... newsgroups. Encryption
> requires that recipients be identified.
Not at all .. a porn distributor could generate a key pair, use part A to
encode the images, and dessiminate part B thru a variety of outlets -
publicly posted, sold, passed thru an informal network of like-minded
netizens...
>4. Personal file encryption encourages individuals dealing with porn to
> encrypt and keep personal diaries which might contain evidence.
> Since PGP is subject to brute force passphrase attacks, this gives
> an attack which will open *some* of these diaries. Without the
> encryption, the suspect is less likely to keep the diary in the
> first place. This isn't a guaranteed opening into all such
> diaries. There is no such guarantee possible. Rather, this
> suggests that strong crypto has a chance to maximize the effective
> "take" by LE forces.
I would argue the exact opposite - strong crypto would tend to minimize the
effective take, since there's no guarantee that /anything/ on a perp's
system will be in the clear. I'll let someone else with a better background
pound on the 'brute force' section.
--
Jay Campbell edge@got.net - Operations Manager
-=-=-=-=-=-=- Sense Networking, Santa Cruz Node
Jay@Campbell.net got.net? PGP MIT KeyID 0xACAE1A89
"On the Information Superhighway, I'm the guy
behind you in this morning's traffic jam leaning on his horn."
Return to November 1995
Return to ““Perry E. Metzger” <perry@piermont.com>”