From: Bill Stewart <bill.stewart@pobox.com>
To: “Cypherpunks (E-mail)” <cypherpunks@cyberpass.net>
Message Hash: 0282349d73a7e003597404c11b424d293f6a88630fe5842da53167b8e806baa0
Message ID: <3.0.5.32.19980910135746.00c4c100@idiom.com>
Reply To: <33CCFE438B9DD01192E800A024C84A19284623@mossbay.chaffeyhomes.com>
UTC Datetime: 1998-09-10 11:07:38 UTC
Raw Date: Thu, 10 Sep 1998 19:07:38 +0800
From: Bill Stewart <bill.stewart@pobox.com>
Date: Thu, 10 Sep 1998 19:07:38 +0800
To: "Cypherpunks (E-mail)" <cypherpunks@cyberpass.net>
Subject: Re: radio net (fwd)
In-Reply-To: <33CCFE438B9DD01192E800A024C84A19284623@mossbay.chaffeyhomes.com>
Message-ID: <3.0.5.32.19980910135746.00c4c100@idiom.com>
MIME-Version: 1.0
Content-Type: text/plain
>Matthew James Gering wrote:
>> Isn't there a similar ban on encryption-capable telephones and other
>> electronic devices (other than computers).
Not per se, though there _is_ still one major restriction -
the Defense Department gets a crack at patent applications,
so if you try to patent a crypto algorithm or crypto phone,
they can seize and classify your patent application and
working materials, using the excuse of "national security".
There was a case in the late 70s where somebody tried to patent
a wimpy analog scrambler for CB radios, and got it seized,
and a number of patent applications that got delayed a long time.
The RSA and Diffie-Hellman algorithms were published first,
and then the patents applied for, which works in the US and Canada
but makes them unpatentable in much of the rest of the world.
Steve Bellovin also got lots of legal advice about what order
to submit his patent applications and academic papers to
avoid the risk of getting them stolen by the Feds.
At 09:22 AM 9/10/98 -0700, Michael Motyka wrote:
>I suspect that the reason that there aren't any $99 cryptophones at
>Wal-Mart is that there really is not a significant market. The average
>person just doesn't care. And the consumer electronics business is so
>competitive and cost-sensitive that adding cost as a matter of principle
>is just not going to happen.
Sure there are - my $150 cordless phone uses spread-spectrum,
partly for better sound quality, partly for better privacy,
and partly because it's simpler than picking individual channels.
I think it's probably the frequency-hopping form of spread-spectrum,
and the hopping speed is probably deliberately low because of
Federal pressure, but it's still reasonable voice privacy.
(And the digital phones that don't do spread-spectrum still advertise
using "digital" for privacy...) My phone's a couple of years old;
you can probably get one for <$100 now.
Analog cell-phones aren't secure, but the digital cell-phones
on the market all provide cryptography for voice privacy,
though not all cellular service providers support it.
CDMA provides some inherent security, and it, TDMA, and GSM
all offer some encryption features - having prominent politicians
get caught talking to their girlfriends on their cellphones
has helped raise the awareness of privacy.
(The real price of a cell-phone in the US is hard to determine;
most range from about $100-700 without service activation,
and $0-400 with a service contract of typically 1 year.
But the low end's close to $99.)
>Oh, I suppose it's possible that anyone
>trying to introduce a product like this could run into LEA interference
>- endless audits, supplier problems, FCC approvals, you name it but lack
>of market is probably the simplest explanation.
The NSA and FBI did the best job of FUD they could arm-twisting the
US digital cellular standards committees into using wimpy encryption,
and GSM had its own set of wrangling that went on, producing a
primary algorithm that's weak, and a bunch of alternative algorithms
that are progressively weaker. I probably couldn't break the GSM
main code myself, but I know where to find people who can,
and just about any of the frequent readers of this list could break
some of the other systems used.
But that doesn't mean there isn't a strong demand for voice privacy -
just that the average consumer is satisfied having _some_ privacy,
enough to keep casual observers out and neighbors from stealing phone service,
and either doesn't believe the police would illegaly wiretap _him_,
or (more cynically) doesn't believe the cellphone is enough protection
if they do decide to target him.
Thanks!
Bill
Bill Stewart, bill.stewart@pobox.com
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
Return to September 1998
Return to “Mok-Kong Shen <mok-kong.shen@stud.uni-muenchen.de>”