From: ph@netcom.com (Peter Hendrickson)
To: Jim McCoy <cypherpunks@toad.com
Message Hash: dd424f3c9991318722dc434d104a2bfe4d6dcb71726bc23724e0720e07747035
Message ID: <v02140b07aea84b33c6fd@[192.0.2.1]>
Reply To: N/A
UTC Datetime: 1996-11-08 03:00:31 UTC
Raw Date: Thu, 7 Nov 1996 19:00:31 -0800 (PST)
From: ph@netcom.com (Peter Hendrickson)
Date: Thu, 7 Nov 1996 19:00:31 -0800 (PST)
To: Jim McCoy <cypherpunks@toad.com
Subject: Re: Why is cryptoanarchy irreversible?
Message-ID: <v02140b07aea84b33c6fd@[192.0.2.1]>
MIME-Version: 1.0
Content-Type: text/plain
At 5:48 PM 11/7/1996, Jim McCoy wrote:
> Peter Hendrickson writes:
>> If mandatory GAK were imposed, reviewing messages is easy, even with
>> inter-agency fighting. Or, encryption in general could just be
>> forbidden if GAK created too much hassle.
> Encryption itself will never be forbidden because there is far too much
> money riding on electronic commerce.
I think this is true. Good computer security, including encryption,
is clearly important to the financial well being of the country.
If we consider that to be a national security issue, then we have
to ask why the national security apparatus is attempting to undermine
our security.
> An administration which tried to outlaw all encryption would soon find
> itself on the next train out of D.C. after the next election cycle.
But if the doomsayers are right, this would not be the case. Most
people will be willing to give up some Internet commerce if they believe
it is necessary to protect their children and maybe their society.
That is not even an unreasonable point of view.
>> In practice I suspect that good stego is hard.
> You are mistaken. Read Disappearing Cryptography to see just how easy
> it is, then check out Romana Machado's EzStego program (done in Java so
> it can be added to any web download with a bit of tweaking.) If the
> penalty for using bad stego is high enough you can be certain that natural
> selection will make certain that eventually the programs being used are
> top notch code :)
I may be mistaken. I have added "Disappearing Cryptography" to my list.
Still, my intuition says that it is quite hard to do stegonography for
many years and never tip your hand even once.
>> You don't have to be right every time when you look for it, just some
>> of the time....
> The problem is that you need to be able to prove that stego is in use, and
> this is a much more difficult task than you suggest.
But you really don't need to prove it. You just have to convince a judge
to issue a warrant for you to get the real evidence. If you have to,
you'll train a dog to sniff stego. (That was a joke by the way. ;-)
>> You might also identify suspects in other ways. Maybe that Jim McCoy
>> is looking a little too successful or perhaps he made an unwise comment
>> to a "friend" who reported him. That could easily be grounds for a
>> warrant and subsequent change of quarters.
> Get a warrant, search my system, find nothing but a bunch of applications
> and a collection of risque (but definitely legal) pictures which I exchange
> with a few friends. You may suspect that when the images are concatenated
> in a particular way the low-order bits form a stego filesystem but no one
> will be able to prove it in court.
Are you concatenating these images by hand? If so, the level of entropy
is probably low enough to recover the information through brute force
methods or you are hiding a very small amount of information.
If you are not doing it by hand, you own terrorist software and will pay
the price.
And, by the way, who are these friends? Can any of them finger you in
exchange for a reduced sentence?
Incidentally, I hope nobody on this list believes they will be able
to practice cryptoanarchy in my scenario. You are already suspects.
>> Which technicalities protected the Japanese-Americans during World War II?
> Few. OTOH the interment of Japanese-Americans occurred during a period of
> war, at a time when civil liberties were much more limited, and when
> Asian-Americans were second-class citizens with very little political power
> (that and the Korematsu decision was a complete piece of crap...)
In the Four Horsemen scenario, where people are being murdered all the
time and the society is in a turmoil, popular support for the suppression
of strong cryptography would be easy to arrange.
> Today most US citizens distrust the US governement, civil liberties and
> protections are fairly well established in law and legal precedence, and
> we techno-nerds are actually the ones running the country :)
In the Four Horsemen scenario, it is likely that most engineers would
be delighted to help put things to rights.
>> The legal system would have to be stretched considerably less to outlaw
>> strong crypto and make it stick.
> It would have to be shattered to make such a ban stick. Times have changed
> quite significantly since the 40s, and free speech rights and the first
> amendment have become rather important to our information society.
This is correct. But these views would be change if we were facing
a terrible situation. It isn't even clear that you would have to
tamper with free speech rights all that much to suppress strong
cryptography. There would be a dramatic political risk that all rights
would disappear later, but after somebody you know gets killed
anonymously, you might be willing to chance it.
Peter Hendrickson
ph@netcom.com
Return to November 1996
Return to “ph@netcom.com (Peter Hendrickson)”