Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
The Courts Government News

DOJ wants Court to re-think Pro-Crypto Ruling 118

Posted by Hemos from the changing-the-past dept.
ptevis writes "There's a story over on Wired News about the DOJ asking the Ninth Circuit Court of Appeals to reconsider their decision in May's landamrk crypto case. It's got some interesting info about where the case may go from here and what the government may try to do. " This stems from the lawsuit from the University of Illinois professor who wanted to post one of his programs online. The DOJ/White House is claiming that this will make broadband listening too difficult, and that "this type of regulation is an executive branch policy decision involving 'extraordinarily sensitive' info that's too secret to disclose publicly." However, it seems unlikely that the court will change its' mind.
This discussion has been archived. No new comments can be posted.

DOJ wants Court to re-think Pro-Crypto Ruling More

DOJ wants Court to re-think Pro-Crypto Ruling

Comments Filter:

  • Re:Let them Appeal (Score:1)

    by Anonymous Coward
    Hmmmm. It'd be REALLY interesting if, say, the First Philanderer attempts to bypass the system by imposing an executive order. This President is not above trying to impose by executive order what he cannot by law, and as a man apparently without shame, he does not value privacy.

    Also, the SC could simply refuse to review a case, and thus avoid setting precedent.

    Incidentally, re: "despite" -- certain of the Court's more conservative members (Scalia, Rehnquist) aren't "right" in the oft-vilified Christian Right / Moral Majority sense; they're strict constructionists to a degree who have in the past shown disdain for expansive gov't.

    I'd classify them roughly as:

    Rehnquist, Scalia, Thomas:
    Fairly strict constructionists; generally,
    they'll defend the Bill of Rights w/o seeking
    to expand beyond original intent. For instance,
    they opposed a recent decision where the
    following sequence is grounds for suing a
    district:
    1. Girl gets called names by boy.
    2. Girl tells administrator/teacher.
    3. Boy continues to call names.
    4. Girl claims to be "hurt".
    Boom, lawsuit -- against the boy AND the school.
    This is the scenario that, apparently, Ginsburg
    (who, IIRC, wrote the majority opinion) has no
    problems with...

    I expect that they would oppose encryption
    controls if the Gov't argues on the basis that
    it must be able to crack all communications.

    Souter, O'Connor, Kennedy:
    Mixed; depends upon the issue, they're both
    somewhat middle-of-the-road. Souter, in
    particular, is not known for voicing many
    opinions in public. Perhaps a 2-1 split among
    them. If at least 2 uphold, then with the
    Conservative Triumvirate, that's already
    enough.

    Ginsburg, Breyer:
    Both rather liberal, especially Ginsburg, who
    seems to be quite a loose constructionist. Hm,
    can you tell my preferences yet?

    Damn. I'm missing one.

    Stevens:
    Not much in my memory 'bout him.

  • What if... (Score:1)

    by Anonymous Coward
    What if this isn't really about crypto at all?

    Let's grant that the govt is not totally clueless; that they know that source code for strong is freely available, etc. They are not _all_ idiots. Also, crypto is not as heavily politicized as the war on drugs. No congressman will be affected if he is "soft on crypto". Yes, they drag out the drug dealers and pedophiles as arguments against freely available crypto, but other than those secondary arguments, it doesn't stir up the masses. If this is the case, then why continue seeking a favorable ruling (for suppressing publication of crypto information in electronic format)? On the surface, it just doesn't make sense.

    Therefore, it is not inconceivable that the desired end result of a favorable ruling for the DOJ isn't necessarily about crypto, but more on the lines of being legally empowered to prevent the rapid dissemination of some particular information. If a ruling is made that the DOJ is legally empowered to prevent dissemination of crypto information, that ruling could be used as a precedent to (in the future) prevent the dissemination of other "national security" information. Rulings/law made in one domain to be applied to one particular problem have been applied to other areas (I have in mind the RICO statutes, which were directed against organized crime but have since been used in civil proceedings against anti-abortionist/pro-life demonstrators. Whatever your opinion on the subject, I don't think any of them are Don Corleone :)

    /begin paranoia mode/
    So, what is the govt really trying to keep secret? Is is something the NSA has figured out, or is it in some other area?
    /end paranoia mode/
  • It seems to me that the entire issue is here is that spooks won't be able to read everyones mail.

    [Blink] Uh... [Cough] oh. So that's the problem. You can't read my mail, or intercept my private data. Isn't that the point of encryption in the first place?

    If the Feds are able to read anything using "weak" encryption, doesn't it stand to reason that others can as well... at which point, isn't it pointless to use that weak encryption? (Typical packet sniffer aside?)

    Reading other mail is a federal offense... What about reading others email? Why do the feds decide that reading information one way is worse than another? both are violations of my freedom..

  • [Much Needer Humour]
    >n6p6mEkpjmMREw3P9FooxvPi/5ZKwFoMZ/7CbExrIp8eeVRp6 PtyH02sxTOeUyv0

    Huhuh... Foo.
    [/HUMOUR]

    Is there an easy way to use PGP or GPG with *nix mail clients? I use Netscape for most of my mail... I wish there was a way for it to (en|de)crypt messages automagically... it would make encryption much more practical for the masses

  • > This will be bad for the NSA, the CIA, and
    > the FBI

    Do you think that the government uses weak crypto? Somehow I doubt that... I'd be willing to bet that the CIA uses encryption the NSA and FBI would have problems cracking, etc, etc...

    I think they want to read our mail, and not for anyone to read theirs.

  • Re:/HUMOUR (Score:1)

    by Zack ( 44 )
    Hahahah...

    Thanks for the laugh guys...
  • When will those in the government finally realize that regardless of any laws, everyone will have all the crypto they will ever want?

    At the very least, it will all be developed in Europe (as it seems to be in large part, anyway) and still, the whole world will have it.

    Eventually, they'll just have to face it: This is one way they won't be able to invade anyone's privacy.

  • The only example I can think of is the GNU Privacy Guard. It's homepage and repository are based in Germany to avoid US crypto export restrictions.

  • U of Illinois Prof (Score:3)

    by Enry ( 630 ) <enry AT wayga DOT net> on Wednesday June 23, 1999 @07:27AM (#1836855) Journal
    To give a touch of context here, that prof is Dan J. Bernstein, the ever-popular author of Qmail [qmail.org]
  • Posted by generic kewl tech reference:

    taxation and control, I do agree that the last thing the Feds want is all us proles using encryption.

    I particularly like how they claim they're not discouraging free speech. "No, say whatever you'd like. We just want the right to be able to read any and all of it. And take notes."

    List of things to do:

    Download PGP.
    Encrypt everything.


  • Posted by Lord Kano-The Gangster Of Love:

    >>Even if the government does ban this, there is no way that they can enforce it. They would be better off not trying to control it at all. They would save money.

    You're talking about a government that has wasted BILLIONS of taxpayer dollars to stop people from smoking dope. Dope isn't really my thing, but I like to drink beer. Beer for me, weed for someone else, whatever makes you feel good. It's stupid to waste money on something that can't be stopped.

    LK
  • Posted by Lord Kano-The Gangster Of Love:

    >> I'd rather that they be able to do a bit of policing in the computer world than that they be constantly stumped by encoded documents.

    Privacy is more important than making the job of the police easier. Digital eavesdropping isn't the ONLY way to get evidence to arrest criminals.

    What do you think L-E-Os did before so much communication was electronic? They worked for a living. John Gotti was brought down without reading a single piece of mafia e-mail.

    This is about casual snooping. Not criminal investigations. If you're breaking the law there is real world evidence of it. If I'm plotting to murder someone the crime is in the commission of the act(although in somplaces conspiracy is enough to get you busted). If I sell crack to school kids, I have to buy/produce and then sell the stuff. There are ample opportunities for L-E-Os to catch the bad guys without screwing over the rest of us.

    LK
  • Posted by Lord Kano-The Gangster Of Love:

    Over the internet you have no reasonable expectation of privacy. The 4th amendment doesn't apply here.

    LK
  • Posted by Lord Kano-The Gangster Of Love:

    >>I've yet to find a decision on which I agree with Scalia.

    See my .sig?

    LK
  • Posted by Reitzel:

    They don't get it.

    That horse is GONE. The days of pervasive government snooping are over. Anyone who wants their communications to be private can have them be private.

    Any brain-dead moron that thinks that the goverment (or anyone else) can tie up the use of already pervasive algorithms is ignoring virtual reality and living in Oz.

  • Posted by Lord Kano-The Gangster Of Love:

    NO, you are mistaken. Being that IP packets travel over multiple routers which are often owned by MANY differend groups of people. Any admin along that chain can run a packet sniffer and read anything that passes by.

    Why do you think there is https? Why do you think Netscape and IE warn you when you submit forms? Because it's easy for the right person to watch packets go by. You have no expectation that at any given moment someone isn't watching. This is why crypto is important.

    If I borrow a little from Phil Zimmerman (ok, borrow a lot) sending e-mail is like sending a postcard. Anyone along the way may read it. If you don't like the way that works, use an envelope. Crypto is that envelope. If you want privacy, ENCRYPT, ENCRYPT, ENCRYPT!

    LK
  • The ITAR laws were designed to prevent the "enemy" from obtaining our crypto algorithms during WWII, etc. That was back when having the algorithm/implementation of a code allowed you to easily break that code.

    Then came public-key. ITAR's original intent became useless, but the NSA/CIA/FBI and all their friends decided to use ITAR in a new (and much more ominous context). ITAR wasn't an evil law before public-key made it useless. Now it is.

  • You can export source code in book form, but not in electronic form.

  • [Castigation]mQGiBDdhX80RBADms5jreO0TqJabNLw6KkhaS pkTsYvUbZ3itr/acrpOIy4C8Agq[/Cast igation]

    --
  • Wassenaar [slashdot.org] "harmonization" threatens to make this true, but currently Finland atleast has very liberal encryption laws and hence is the source of ssh [www.ssh.fi] and the host of many open source encryption servers.
    --
  • A well regulated Militia, being necessary to the security of a free State, the right of the people to keep and bear Arms, shall not be infringed.

    I suppose you can argue that the 2nd amendment was conceived in the age of the single shot musket so should not be applied to more lethal weapons. But the arms the founders had in mind were also the most lethal weapons of the time and the wording is intentionally vague. It does not say "muskets" but "Arms".

    ANAL, but my interpretation of the 2nd amendment is that I should be allowed to own ("keep") an ICBM ("Arms") and carry it around ("bear"). Although it is unclear if need to be part of a "well regulated militia" or if it is enough that I am part of the"people". I know that the courts don't agree with me, and in fact I am strongly in favor of gun control, but I believe that there needs to be a constitutional amendment to reverse the 2nd amendment first. IMHO, it is better to uphold an anachronistic 2nd amendment (and support it's repeal by democratic means) than to selectively apply it at the whim of the courts and thus create precedent for selectively applying our other freedoms.

    So to recap, I'm not a gun nut. In fact I have never owned a gun, but the 2nd amendment is part of the US Constitution and should not be shifted by political winds if the Constitution as a whole is to have any meaning.


    --
  • More context: the code he wants to post is incomplete. You couldn't download it and compile it; you'd need to fill in the missing parts to make it workable. He really only did have an algorithm (Snuffle) presented in code, not an encryption package.
    --
  • [Paranoia] ypUM2Zafq9AKUJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1XpMg s7AAICB/4iMMoU [/Paranoia]

    You saw Foo. I saw something else. Funny how the human eye can pick patterns out of a field of randomness.

  • It's not just a police issue, it's a privacy and a commerce issue. I have no objection to the govenment's being stumped by the challenge of reading my mail - my mail is not their business, anyways. It's mine. And if I'm a company, it's realistic to expect that if the government can read it, so can my competitors. That's just unacceptable.

    Ultimately, think of data as obeying laws of fluid dynamics. data will naturally flow to where it has the most protections - and if we don't protect it, it'll flow somewhere that does.

    Ultimately, the only person empowered to make calls on your privacy should be you.

  • I agree with you as far as work email goes - I was "painting with a broad brush" the concept of email itself. But within the context of a company, my email should remain within my company, and not be accessible to government or the outside world without my and/or especially my company's consent.

  • If I use encryption, I have a "reasonable expectation of privacy". And I don't need some silly american law to back that up, I have a self-enforcing mathematical law to do that for me. "My" government has made privacy on the internet illegal for me, and the reasons that they have to are "secret" aka private. If I don't get any privacy, they don't either. Citizens are more important than govenment, in the same way that workers are more important than managers. Fuck the laws. I have a constitutional right to privacy, and the fact that I have a newfangled way to do it doesn't make them eligible to take that right away. Crypto laws are a sham, we all know it.
  • What are you smoking??? Using that logic the 2nd amendment gives me the rigth to an ICBM or 1-ton of C-4.

    That is not the interpritation of any court or even the NRA who is the bigest proponent of the second amendment.

    Personally I think strong encryiption good... personal access to firearms good... hell, the personal right to blow shit up on your OWN property.

    However, the 2nd amendment doesn't protect anything but the right to a fire-arm.


    "There is no spoon" - Neo, The Matrix
    "SPOOOOOOOOON!" - The Tick, The Tick
  • Is stating that a 'Vacuum Cleaner' approach is used, I would interpret that to indicate that electronic communications are being intercepted wholesale without the specific targeting that would be necessary to get a warrant. (The nice thing about such a metaphor is that it gives the impression of conveying information without providing anything concrete that someone could be prosecuted for)Can this be legal in a country with constitutional protection against unreasonable search and seizure?
  • Export laws on encryption have served to dramatically slow the adoption of encryption-enabled software within the US, simply because they make it inconvenient for US citizens to acquire crypto enabled software. Typically, people in the US *IMPORT* their crypto software.

    An interesting consequence is that in the absence of conveniently availability of crypto software, there are several insecure systems ( eg using telnet as the primary login service ) , and no doubt several of these are government systems.

    The DOJ's case should be shot down in flames.

  • I sincerely believe that we must begin a movement whereby every home houses it's own IP addresses and mail/http/etc servers.

    The above poster is quite correct when he says that we ought to be aware that when our mail or any other information for that matter is posted via some corporation's servers, we ought to know that we have impliedly waived some of our personal expectations of privacy.

    In fact, the courts have reinforced this notion with several of the cases that have eroded our rights under the 4th Amendment right against unreasonable searches and seizures. The courts have held that we have given up some of our privacy by driving cars and keeping our private property in public view (plain sight). (This is a simplifications so all the lawyers out there chill out).

    The court will likely rule in a similar way in respect to information privacy. The court will protect privacy only insofar as we as the public at large have sought to take measures to protect our own privacy.

    Having our information on public servers, or corporate servers is in a sense forfeiting a certain amount of privacy to expediency.

    If we as a society are really serious about privacy we need to start to act on it. Most of us are following the internet revolution via commercial television advertisements. This is unacceptable. We need to become educated about the way that our information is used.

    We need to take measures to protect our privacy. This means more than PGP. It means we need to house our own email servers, our own httpd servers, irc etc., etc.

    The only thing left open to the public ought to be nameservers. Services like dhis.org, ddns.org, tzo.com, etc. allow home users to house their own servers.

    At a minimum people who cannot afford the equipment should look seriously into forming organizations to achieve the same result, i.e., information privacy and active protection and maintenance measures.

    Every American can afford a $3-400 pc. We need to teach people that they can use that equipment to run their own servers. They need to know what this means, and what it entails. We must inform the government that we are serious about our privacy and independence as a people. If we fail to do this, we will have failed ourselves. We will have subordinated our personal rights as individuals to the government's interests in control.
  • You right that many Americans may not try to purchase something which costs that much.

    But I believe that the Internet will become so pervasive that they will wish they had.

  • Confusing secrecy with privacy (Score:3)

    by Aleatoric ( 10021 ) on Wednesday June 23, 1999 @08:59AM (#1836879)
    'extraordinarily sensitive' info that's too secret to disclose publicly

    This argument completely misses the point. There is a difference between information that should be kept secret and the method for keeping it secret.

    There can be no doubt that any information deemed truly secret by the government will be protected with strong encryption, (at least), even if we disregard the various procedural and physical protocols that are also used.

    It is disingenous to argue that the mere existence of strong encryption (and the free dissemination thereof) is, in and of itself, a threat to security.

    What the argument really breaks down to is this:

    "We (the government) want to be able to easily read any transmission of information under the auspices of protecting ourselves from terrorists and other criminals, and barring the ability to easily read these missives, we want to be able to hold the use of strong encryption itself as a criminal act, so that we can prosecute anyone who uses it, even if we can't prove that they were otherwise engaged in criminal behaviour".

    In other words, they want the existence of a strongly encrypted message to remove the presumption of innocence.

    As stated in the article, if everyone used strong encryption, they would lose the ability to use strong encryption as a flag to identify potential targets, not to mention that it would be far more difficult (and resource intensive) to attempt to decode all of those messages. What this means is that the government really does want to read your e-mail and intercept your e-commerce, etc., and the idea that they might not be able to really bothers them, despite all their rhetoric about national security and protection.

    The free speech qualities of source code in this venue, at least, are clear. It is contradictory to argue that the source code should be restricted while other methods that could be used (printed word, voice communication) would convey the same information, and are already considered protected speech.

    I suspect that if it comes before the Supreme Court (likely), they will uphold the decision of the 9th circuit court.

  • A constitutional Amendment would not overrule them, provided they do their jobs.

    Instead the commander-in-teeth would write up another executive order.

  • I'm surprised that with Australia's announcing the Echelon project public that more people just don't get it.

    Being that the Echelon project is a multinational project to listen into international communications both voice and data. It makes sense that the US would try to insure that it could listen to as many of the calls possible, thereby protecting itself and its citizens.

    We already know that the government can break keys fast enough that crypto with small keys doesn't matter so much. It seems quite obvious that the widespread use of strong cryptography could make the Echelon monitoring almost useless.

    I'm fully against the echelon project and attempts to waylay our use of strong cryptography but the possibility of terrorists being active in our country to a much greater extent and coordinating their efforts internationally is rather daunting.

    I'm not saying it has or will happen, but the reality that it could is scary.
  • No, I'm certain the government uses very strong crypto, and I'm equally certain you are correct in saying that they want to read our mail, but not have us reading theirs.

    However, the government does not exist in a vacuum. They have to tap the available talent pool. If that pool goes to zero (or becomes very, very small) because the expertise "moves" overseas, then they'll either have to bootstrap their own talent or recruit from abroad. The former means greater effort for equivelent capabilities, the latter has security repercussions of its own. Either way, killing the domestic pool of expertise the way they are doing is harmful, not just to private industry and the open source community, but ultimately to the very government agencies trying to restrict the technology.
  • The encryption export policy of Reagan, Bush, Clinton, et. al. is one of the most disturbingly short-sighted and dangerous policies politicians have come up with in a very long time. I'll leave the free speach implications to others -- they have been discussed in great detail already.

    The economic disadvantages of such a policy are also widely known and acknowledged, even by proponents of the policy. Foreign vendors (in particular European vendors whos governments have much more liberal cryptographic polices) can offer their customers unencumbered, strong, reliable encryption today. No American company can compete internationally. With more and more firms becoming international in scope, the marketplace for strong American encryption grows smaller, which means American presence in the industry growing smaller and weaker as time goes by. What does this mean? If you're a cryptographer, go to work for the government, or, ultimately, go work abraod. Since we can be sure that the percentage of people chosing to work for Uncle Sam will be less than 100%, this means a net brain drain on the United States.

    But, there is an even more distressing trend which some would argue has already begun to develop. The impetus to develop new cryptographic algorithms, whether it be money via a commercial product, widespread recognition via an open source product, or even simple political idealism, has been largely destroyed in the United States by these restrictions. While the NSA may get some short term benefit from this, medium term the consequences are clear: more and more expertise will migrate abroad, not just in terms of the "brain drain" described above, but simply because less and less Americans have interest in working on something with such draconian governmental fetters attached to it, and such high personal risk in terms of legal and financial consequences. More and more breakthroughs will be made abroad rather than here, and the number of cryptographic experts abroad will continue to increase while in the United States the number will probably go down.

    The only question is how long this scenerio will take to play out. Weeks? Unlikely. Years? Quite possibly. Within two or three decades? Almost certainly.

    This will be bad for the NSA, the CIA, and the FBI, and can only grow worse over time as America falls further and further behind other nations in this critical technology. In the end, it will be the entire United States that will be playing catch up to the rest of the world. Not just private industry or private programmers, but the entire U.S. Government as well, including the NSA, CIA, and FBI, not to mention the various military branches which also have more than a passing interest in tapping dometic cryptographic expertise. These export restrictions promise to have a very profound long term impact on our national security, but not in the sense the various Executive offices would have us believe.
  • The DOJ/White House is claiming that this will make broadband listening too difficult, and that "this type of regulation is an executive branch policy decision involving 'extraordinarily sensitive' info that's too secret to disclose publicly."

    The old "if you knew what we knew you'd want what we want, but we can't tell you what we know so you'll just have to trust us."

    Yeah, sure.

  • I'm no expert on this, but I've read that this kind of policy has already had an effect on the firearms industry. According to what I read, the M-60 machine gun used by the armed forces is relatively problematic because of the lack of competition/vendors in this country due to the ridiculous number of regulations.

    A free country? Not really...
  • The idea that crypto is munitions is ridiculous. Crypto is information--no matter how much info I spout at you it won't do anything compared to a hammer, sword, musket, AK-47, or ICBM.

    As for the 2nd Amendment, it guarantees the right to keep and bear arms, which keeps getting reinterpreted according to the politics of the day...
  • I think the point is not that your email can't be read along the way (of course it can, and anyone who thinks differently is going to get a serious wake-up call one day!), but that it *shouldn't* be.

    Therefore, government agencies should not have the right to perform wholesale monitoring of communications, just because they have the ability to.

    I just believe that we shouldn't have to use encryption to protect ourselves from anyone but criminals (and, possibly, the boss :o) )

    Tim
  • The NSA supplies crypto products to the US Govt. agencies.

    Sometimes the relationship is hard to follow (big surprise!). For instance, the manufaturer of the crypto boxes (3-DES) that the FBI is using in their new CJIS-WAN has a CEO who just happens to be a former NSA Lead Cryptographer.

    What a coincidence!
  • ' The brief claims that Clinton's executive order and subsequent Commerce Department export rules do not pose a "real and substantial threat" to free speech. '

    There is no such thing as not posing a "real and substantial threat" to our freedom of speech. Any law or court ruling that in any way compromises freedom of speech, however small the compromise is one step closer to the loss of our constitutional rights. Our constitutional rights are slowly being eroded away, to let any of our constitutional rights be compromised in any way is highly dangerous. The founders of our country entrusted us with the responsibility to monitor and control our government that it would be "of the people, for the people." We must preserve our rights and fight any government action that defies them, we must never let the government control us, we as a people must control it. Just voting doesn't fulfill that responsibility, after all, with the electoral college the majority vote does not mean a thing.

    "Trouble is, just because it's obvious doesn't mean it's true"

  • NSA grabber...
    You forgot:
    AK-47, Uzi, RPG, cocaine, heroin, 100K, U235, weapons-grade, girl, naked, nude
  • Is there an easy way to use PGP or GPG with *nix mail clients?

    Mailcrypt, XEmacs, and one of the many mail clients for it. I like Gnus, but there are other mail clients. It's all point and click and quite easy to use.
  • It's not a matter of what's good, it's a matter of greed and insecurity on the behalf of the gov't. They know information is important to the advancement of careers, lives, human intelligence, and if they can corner the market on it, they can control it. Anything I've ever seen the Gov't. do is always a matter of control, from speed limits to J-Walking. It's a matter of perspective and the gov't insists it is always right. Bear in mind that there are people in the gov't who actually think crypto is not just a bad thing, it is wrong. This is the root of most of our troubles in this country. Our officials should not be deciding what is bad and good, moral/imoral, but rather if it is important enough to the people that it is worth defending because the People demand it is right.
    Politicians, lawyers, and policemen, they are not in it for the 'other' they are doing it for 'self'. I know of no lawyer or politician, in our day and age, who has actually made a real sacrifice defending what the PEOPLE believe is right, as a whole. I'm not talking about kids killing each other in school, or gun control, or anything like that. Those issues are spikes in the graph of human development and which must be explained, tolerated, and ultimately fixed. Lest not we forget those who came before us and fought against the very gov't we are under today. Crypto is an issue that should be a simple RIGHT of the people because the people, you and I...all of us... decide it should be so. This simple fact makes a simple decision into an issue that inflames people, distorts the truth, and causes us not to think as clearly as we should about something that should be our right. The right to protect one's self from prying eyes, no matter WHO's eyes they are. The gov't has no more the right to read a written letter in a sealed envelope as does my next door neighbor. Thus is the way crypto should be treated, like an electronic envelope to keep prying eyes from invading our privacy. I'll get off my soapbox now, but I hope you all do read this and take it to heart. I'm sure some of my words will be misconstrued and if I said something in a not so good way, I apologize. But these things I speak of seem pretty simple to me. Thankyou
    JaqBot
  • The gov't has no more the right to read a written letter in a sealed envelope as does my next door neighbor. >Actually, yes, they do. Letters from husbands >to mistresses have been drudged up througout the history of Civil Court Proceedings. Keep in mind, these letters were not simply intercepted while going through the mail, unless previous proof existed saying there was reason to believe these actions might be going on. That I can understand. The gov't has a habit of not telling people what it's doing. This is where my statement stems from. --JaqBot
  • Why not encrypt everything and have the courts issue warrants for keys when it is deemed necessary? Actually I quite agree. At least it would stop the argument, or make it not as arguable :) JaqBot
  • what i want to know is this: if i were to implement a prog in the US, and then fly to europe and reimplement the same prog there, and then have 2 different distribution points for the same software, where is the US govt. going to make out w/ these laws? we have to be missing somthing, cause its obvious to everyone but the Govt that this issue is moot anyhow. crypto is all in The Math, which is not bound by export to my knowledge, the implementation is irrelevant for the most part. my guess is that a US citizen can email a algorithim to a collegue in another country for peer review without getting his/ her door busted in by feds. thats all it takes, then The Secret is out. ~Darkfell
  • Dispite all the arguments, it seems that this is such a big issue that it should be heard by the Supreme Court. That is how the system is supposed to work, right?

    Andrew
  • The DOJ can't have anything to say about court decisions. DOJ is executive branch; circuit court is judicial. There's a reason we've got checks and balances built into the system, folks -- it's so that one branch can't do something like that.
  • Doesn't it seem strange that the US Government is trying really hard to protect a law that says, in effect, that US software developers are not allowed to compete with international developers in making products that use strong encryption?

    This law doesn't protect American interests. It just makes international customers reluctant to buy American software.

  • The Federal Rules of Appellate Procedure contemplate that a case may be reconsidered by the original panel of judges to correct obvious errors of fact and law. The Rules also contemplate that very important cases might be reheard by the all the judges on the court ("in banc"). It's not a trick; it's just the way the process goes.

    The applicable rules are quoted below in pertinent part:

    Rule 40. Petition for Rehearing

    (a) Time for Filing; Content; Answer; Action by Court if Granted. -- A petition for rehearing may be filed within 14 days after entry of judgment unless the time is shortened or enlarged by order or by local rule. ... The petition must state with particularity the points of law or fact which in the opinion of the petitioner the court has overlooked or misapprehended and must contain such argument in support of the petition as the petitioner desires to present. ... If a petition for rehearing is granted, the court may make a final disposition of the cause without reargument or may restore it to the calendar for reargument or resubmission or may make such other orders as are deemed appropriate under the circumstances of the particular case.

    Rule 35. Determination of Causes by the Court in Banc

    (a) When hearing or rehearing in banc will be ordered. -- A majority of the circuit judges who are in regular active service may order that an appeal or other proceeding be heard or reheard by the court of appeals in banc. Such a hearing or rehearing is not favored and ordinarily will not be ordered except ... when the proceeding involves a question of exceptional importance.

    (b) Suggestion of a party for hearing or rehearing in banc. - A party may suggest the appropriateness of a hearing or rehearing in banc.

  • Re:Let them Appeal (Score:3)

    by alkali ( 28338 ) on Wednesday June 23, 1999 @11:37AM (#1836900)
    Incidentally, re: "despite" -- certain of the Court's more conservative members (Scalia, Rehnquist) aren't "right" in the oft-vilified Christian Right / Moral Majority sense; they're strict constructionists to a degree who have in the past shown disdain for expansive gov't.

    Without going off on a rant, this is wildly untrue. Scalia and Thomas in particular are adamantly opposed to rights to abortion or sexual privacy, and have been -- at best -- inconsistent on questions of free speech and court supervision of police conduct. If these are the friends of civil liberties, I'd hate to see the enemies.

    I'd classify them roughly as:

    Rehnquist, Scalia, Thomas: Fairly strict constructionists; generally, they'll defend the Bill of Rights w/o seeking to expand beyond original intent. For instance, they opposed a recent decision where the following sequence is grounds for suing a district:
    1. Girl gets called names by boy.
    2. Girl tells administrator/teacher.
    3. Boy continues to call names.
    4. Girl claims to be "hurt".

    Boom, lawsuit -- against the boy AND the school.
    This is the scenario that, apparently, Ginsburg (who, IIRC, wrote the majority opinion) has no problems with...
    In the interests of intellectual honesty, the reader should know that this is a wild mistatement of the facts of this case [findlaw.com], erroneous right down to the identity of the author of the majority opinion (Reagan's nominee, O'Connor). Here's O'Connor's description of the salient allegations in the case:

    Petitioner alleges that her daughter was the victim of repeated acts of sexual harassment by G.F. over a 5-month period, and there are allegations in support of the conclusion that G. F.'s misconduct was severe, pervasive, and objectively offensive. The harassment was not only verbal; it included numerous acts of objectively offensive touching, and, indeed, G.F. ultimately pleaded guilty to criminal sexual misconduct. Moreover, the complaint alleges that there were multiple victims who were sufficiently disturbed by G.F.'s misconduct to seek an audience with the school principal. Further, petitioner contends that the harassment had a concrete, negative effect on her daughter's ability to receive an education. The complaint also suggests that petitioner may be able to show both actual knowledge and deliberate indifference on the part of the Board, which made no effort whatsoever either to investigate or to put an end to the harassment.
    That's the conduct a majority found to be "so severe, pervasive, and objectively offensive that it effectively bars the victim's access to an educational opportunity or benefit" in violation of federal law. Disagree with their conclusion if you want, but get the facts straight.
  • I could see it now...

    "Couldn't decrypt it? Hmmm...what's your Genesis translation? I encrypted it with the King James version...your New International version would never be able to read it..."

  • encryption is not the end-all protection. (Score:3)

    by Restil ( 31903 ) on Wednesday June 23, 1999 @09:15AM (#1836902) Homepage
    DOJ and other spooks are worried that encryption will prevent them from monitoring the activity of the terrorists, child pornographers, drug dealers, and other meanaces to society. The simple fact of the matter is, encryption is rarely used in these circumstances. Encryption is used primarily where it is needed, to keep something safe from prying eyes for such a time that by the time the encryption was decoded, the information would no longer be of any value.

    Credit card numbers are an important example. It has been proven that 56 bit DES can be cracked in a day, with sufficient computing power. Retrieving an encrypted credit card number off the internet and decoding it a day later would result in a good number. If it took 20 years to decrypt the same number, it would no longer be of any use to the cracker.

    People need to know that if they put their credit card number out on the internet, the only entity that will be able to decode it within a significant amount of time will be whoever the credit card number was specifically destined for, in this case, the merchant.

    Now we have the government's argument that the loss of a few million/billion/etc worth in credit card numbers is insignificant compared to the child pornographer that they are unable to catch any other way. However, this only goes to display their incompetance.

    There is a lot of evidence relating to pornography. Photographs need to be taken, then scanned. At this point, they are in an insecure format. There is at least 2 witnesses to this act. Data at this point could be encrypted while it is being stored and transfered, and original negatives and photographs could be destroyed, leaving no permanant evidence.

    However, unless the pornographer is doing this for his own amusement and has no financial interest, there will at least be someone on the other end of the line who will want to see these pictures in a decoded format, as encrypted photographs of any type are not too exciting. And while this individual may also be storing all his information in an encrypted format, he at some point in time needs to decrypt the data to view it.

    The government wants to rely on automated computer systems to discover, locate, and trace this data while it is in transit. This takes the job off of them and allows them to spend more time on whatever it is they want to do. The system would now be prepared to simply monitor everything and flag anything suspicious. Obviously, this isn't what they publicly are stating their intentions are, but don't be surprised if 20 years from now, they consider this to be important.

    The fact is, there are other ways to obtain evidence beyond the easy decryption of data. For some time now the technology has existed to view the monitor and "listen" to the keyboard with such clarity that you would be able to know which key was being pressed simply by the sound. This technology has existed for decades now, and if someone is suspected of trafficing in pornography, and the warrants are obtained for survaillence, this technology can easily be put to use. You wouldn't NEED easy decryption as you could simply pick up the passwords as they're typed in. Granted, this might be an expensive solution, but that's not really our problem.

    Terrorists and drug dealers can be delt with in the same way. Drug dealers who take their job seriously have long since discovered the police scanner, and the police realize this. Law enforcement has long since had the ability to scramble or encrypt their transmissions, and many police departments do, but in big cities, its quite likely that any radio shack scanner will pick up those transmissions. And if the police are coordinating a raid over the scanners and drug dealers get a 5 minute warning because of it, it could easily botch the entire operation.

    Which is why the police don't USE their scanners during raids. They use their MDT units in their cars to communicate so nobody gets tipped off early.

    It seems to me, that if law enforcement is going to be tracking criminals, they are unlikely to discover the criminal activity through encrypted messages anyways. After all, if they're not allowed to decode them without warrants anyways, how will they even know about the criminal activity unless they get information from some other source. And once they have appropriate survaillence set up, monitoring encrypted data will be unlikely to make or break the case.

    -Restil

  • You refer to "your mail" in your comment. Most companies allow you to write a little personal mail on their time, but in the end it is their computer you are working on and their resources used to send the mail. If it stored on their computer they have a right to read it. I could care less what the majority of people think about privacy at work, it boild down to security for the company that employs you. Corporate espionage is big business these days, and the corporations need some guarantee that what you are sendig is not their classified information. When you are at work you have no privacy rights on the company's equipment, and that is the way it is. Human nature is in general bad, therefore companies police their employees, this is the way ii has to be. It does not matter what your personal morals are in the least, what matters is the companies right to protect themselves, if you want to write e-mail that yor company has no right to read, write at home, on your own time.
  • When will the Gov. understand good crypto is easy and most countries now/can have it?

    Grrrr.... idiots!
  • I've been posting like mad about this.. I lovew crypto.. The last the the Gov. wants is for everything to have:

    -----BEGIN PGP PUBLIC KEY BLOCK-----
    Version: PGP for Personal Privacy 5.0

    mQGiBDdhX80RBADms5jreO0TqJabNLw6KkhaSpkTsYvUbZ3i tr/acrpOIy4C8Agq
    wU4vyYf7Bf/aV3otmWYNGWIjkuBu+TdpGYng0Av4/E4oFOME U399GPLnvE7q+x1w
    wty6daJu4RVjsYKL+/bihjaIwEAaQG8scfs0yej72qa8inlL M7eqQNgrZwCg/9st
    FSvWxwisktUuGzS68/xhrB8D/iyHJcwuEdByAx1uqJQg5KVt +t2MLt481qk2yjP7
    XDs6K/NOsYPIshMeaQnl099ejiPXiJ1PusTvyVwGSfbkROMp xo2x1nL5gbZ178jw
    Kb62wy/Plc/HztNpmHZ0P8vyR7GRS4GK5QxVgmzPQsMfwtPh UUHv8sHx0yK8O4zl
    tqHBBACic3YDa1IG5PyRg2//gEqFM9yxlWrHP4WbJfJHdH3n htNQOAmRby+xzf6H
    U0B7zz3j57EzghEiaAef1YrFwa5JF0Hibrv/xGe0xJx6B+tH tZQghpPM+Ku06xe6
    PwvmP+3x27CCcpPinL3cqBSkaTrBzGbbWQveWmE8KCnCiixG 7rQnQmVuIEdyb2dh
    biA8YmVuamFtaW5fZ3JvZ2FuQHJkLnFtcy5jb20+iQBLBBAR AgALBQI3YV/NBAsD
    AQIACgkQ1e6oIjqDLCsJZgCgjbYkoY9awSu3mu5xIHCVJwmF SOYAn1wpej+FJeOt
    eB01KkTHlRWUGOVEuQINBDdhX84QCAD2Qle3CH8IF3Kiutap QvMF6PlTETlPtvFu
    uUs4INoBp1ajFOmPQFXz0AfGy0OplK33TGSGSfgMg71l6RfU odNQ+PVZX9x2Uk89
    PY3bzpnhV5JZzf24rnRPxfx2vIPFRzBhznzJZv8V+bv9kV7H AarTW56NoKVyOtQa
    8L9GAFgr5fSI/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxb LY7288kjwEPwpVsY
    jY67VYy4XTjTNP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyE pwpy1obEAxnIByl6
    ypUM2Zafq9AKUJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1Xp Mgs7AAICB/4iMMoU
    n6p6mEkpjmMREw3P9FooxvPi/5ZKwFoMZ/7CbExrIp8eeVRp 6PtyH02sxTOeUyv0
    YSgw3GY+nlBCqDrXAKrEtbKantinbPUqEI59ZVlEIFINFzbP kOM7eL2Xw0uz13E2
    /1ZgBPwi4ioFuWHaQwb1AWqHGyeAMqZXrPYsnqw1sbqxkPx2 ZnGPyQAWg7cA2BZQ
    XdSQLQHZRQ4bI7aOqXYXknTEdmxYfVQD9JM/4pGX6Ukg573M Y6QNeM8vroF2mteo
    hshu1Z175X8N5zQJTCnojXKEcuxgEMTs++j0JZ7w6QFt07ad PdSmOv5H7yGWalUd
    gD6sT1sYnAEP5bmOiQA/AwUYN2FfztXuqCI6gywrEQK44QCg 2SKNIIFMS91NgS/S
    qHt2gAiJpwcAn3cvbhC+NobUDFjMXMsHQr2ca2Mc
    =xNI7
    -----END PGP PUBLIC KEY BLOCK-----


    at the end of it. End of taxation and control if transactions of any sort are totally secure!
  • Check closer... my personal favorite in there is

    /iyHJcwuEdByAx1uqJQg5KVt+t2MLt481qk2yjP7

    How violent!
  • Why not encrypt everything and have the courts issue warrants for keys when it is deemed necessary?
  • Actually I think it's legal to export a _book_ detailing encryption methods, just not something that will actually do it. I could be wrong...
  • Now if only the Supreme Court knew of slashdot.
  • Anybody got the schmooze juice to pull it off?

  • scalia (Score:1)

    by / ( 33804 )
    "I would trade my right to loiter in the company of a gang member for the liberation of my neighborhood in an instant." Justice Scalia, dissenting in City of Chicago vs. Morales

    I've yet to find a decision on which I agree with Scalia.
  • Thank you. With all this talk about encryption, I'm surprised there hasn't been more talk of other ways to hide information. I would be honestly surprised if the evil geniuses that the NSA etc. are nominally after would be deterred by any of this. There are too many other ways to hide data within data to make me think that this is anything other than laziness in the US sigint community.
  • The assumption of all of this is that the "encryption" lies in the source code. What if we were to write a programming language that interpreted the biblical (note lower case ;-) book of genesis as a usable RSA algorithm implementation? Would it be illegal to export the book of genesis then? It all comes down to the gov't restricting speech.

    schlouse

  • I'm sorry, but that's a very foolish attitude. Even if our current government is, er, "trustable", we cannot guarantee that future governments will be. Nor can we guarantee that individuals within the government will never abuse their power.

    Keep in mind that many of the worst tyrants of the 20th century began as elected officials. Milosivec, Mussolini(?), Hitler. Do you really believe that such a thing can never happen in America? The same America that was founded on the principal of a weak government, but who's government has been steadily accruing power ever since?

    The only way to prevent tyranny is to limit the power of the government. And the best way to limit the government's power is to prevent it from finding out what we're doing in the first place.


    --
  • A large group of idiots is smarter than a small group of idiots.

    I dispute that! The IQ of any group is the lowest individual IQ divided by the number of feet.


    --
  • On the other hand, communications sent to a specific individual over the Internet (e.g. e-mail) do carry such an expectation (in the absence of specific agreements to the contrary, such as are often found in employee Internet-use policies).

    Bzzt. Wrong. Only people who do not understand the technology could have such expectations. Believing that e-mail is private is like believing telegraph operators don't read telegrams and that postal carriers can't read post cards.

    E-mail can be trivially read on any machine the mail item passes through.


    --
  • Why would it be developed in Europe? I thought many European countries have much more restrictive policies than the USA.
    --
  • First, being "adamantly opposed to abortion" doesn't make anyone an enemy of civil liberties. We are a nation of civilized people (or, at least, we claim to be), and civilized people can disagree on controversial topics.

    Years ago, we had a Supreme Court Justice who was a member of the Ku Klux Klan. This Justice (can't remember his name, unfortunately) turned out to be a rabid and zealous defender of First Amendment freedoms, one of the loudest voices in defense of the First Amendment that the Court has ever possessed. Being on the wrong side of the prevailing political climate has nothing to do, whatsoever, with whether someone is a suitable defender of the liberties of the people.

    I know Scalia and Thomas (met them briefly a couple of years ago), and have listened to Scalia's opinions both from the bench and from when he's addressed college students. I think both of them would disagree (emphatically, in Thomas' case) that they are "anti-sexual privacy". I think both of them would like nothing more than for Congress to pass laws elaborating on the privacy rights of the American people. It's accepted without question that these privacy rights exist, but Congress has done painfully little to give the courts guidance in these matters.

    Unfortunately, the current law of the land -- the Fourth Amendment -- says nothing, absolutely nothing about sexual privacy; only that people have the right to privacy in their persons, papers and effects. Moreover, the Fourth Amendment only applies to the government -- the Federal Government in particular. (The Fourteenth Amendment forces state governments to adhere to the Fourth Amendment as well.)

    Scalia and Thomas are very conservative, strictly constructionist justices. They read the law and apply the law, only the law, nothing but the law, while reading as little into it as possible.
  • The 2nd amendment is perhaps the MOST unclear amendment to the constitution, at this time in history. The NRA has certainly propagated a popular reinterpretation, but this is only one possible spin.
    A recent NPR piece claimed that far less than 10% of the population of the 18th century owned working firearms, and that militias were, even in their heyday, a small and ineffectual group of organizations. If this is true, why was the 2nd amendment adopted?
    If it was to combat a strong government, and to decentralize power, then we DO need ICBMs, and a lot of other things, tanks, well-organized infantry, and atomic weapons. Just guns aren't going to cut it against the Feds.
    If it's community or personal 'safety,' like the mainstream NRA seem to push, then its not clear that guns do help at all, from the data I've seen.
    The 2nd amendment, in its current reinterpretation, pretty much allows hunters to have guns, and people to carry handguns and have accidents.
    But what if the 2nd amendment's 'arms' is general enough to include crypto? If the point of the amendment is to provide protection against strong government, overreaching its bounds, then crypto is THE weapon.
    Repeat, crypto is THE weapon.
    Against the CIA, FBI, NSA, etc. And, (not that I necessarily approve,) against the IRS. Strong encryption is the power not to pay taxes. It's the power to not to use US currency, even. And if it's that, it's the the power to end the current phase of the nation-state. Crypto makes information sovereign. That's why the US is going to fight this one to the end. Think about the importance of taxation in the American Revolution. Think about the importance of government decentralization in the Civil War. Think about what will happen if ONE bank encrypts their data, and doesn't play ball with the IRS. If all their clients know, and also don't play ball. A tea party?
    I don't think that the government really has any jurisdiction over the world of information. It's not a national entity. The US wants it to be. And it's understandable, since they see it as a threat to their sovereignty, which in a way it is. But other places, cough*Europe*cough are getting over the nation-state thing. There may be an American war, crypto vs. guns, information vs. the industrial revolution economic system. I hope not, because if it's fought, the US is just going to find that its attacked its future. If they win this war, they'll find that they've kept themselves in an archaic era. But of course, it still won't matter for anyone who can log on.
  • Over the internet you have no reasonable expectation of privacy. The 4th amendment doesn't apply here.

    You need to be more specific that "over the Internet". Obviously, there is no reasonable expectation of privacy for Usenet postings or Web pages, since those are broadcast to any and all who care to read them. On the other hand, communications sent to a specific individual over the Internet (e.g. e-mail) do carry such an expectation (in the absence of specific agreements to the contrary, such as are often found in employee Internet-use policies).
    /.

  • I'd rather that they be able to do a bit of policing in the computer world than that they be constantly stumped by encoded documents.

    There are still plenty of ways for them to proceed against legitimate targets. They can plant bugs to intercept communications outside the crypto envelope (i.e. before encryption going out and after decryption coming in) or to discover the target's passphrase. They can use van Eck monitoring to read the target's communications outside the crypto envelope from a distance. They can plant a Trojan Horse in the target's computer so that they'll have exactly the kind of "back door" they want -- but only for that target, not for everybody.

    I can only think of two disadvantages to these approaches, from the Fed point of view:

    1. It's more work than using a built-in back door.

    2. It doesn't scale. Using these technlogies, the Feds can only monitor a relatively small number (on the order of a few thousand, given their current resources) of specific targets. Attempting to use these technologies against the population generally is prohibitively expensive, and makes it nearly certain that the Feds will be caught red-handed breaking the law.

    As I said, these are the disadvantages from the Feds' POV. As far as I'm concerned, the former is irrelevant (if you want to sit in an air-conditioned office all day, maybe police work just isn't for you) and the latter is a positive benefit.
    /.

  • I think the point is not that your email can't be read along the way (of course it can, and anyone who thinks differently is going to get a serious wake-up call one day!), but that it *shouldn't* be.

    That's part of it. Another part is that the "reasonable expectation of privacy" standard is simply not as sensitive to privacy-breaching capabilities as some of the other responses on this thread imply.

    Yes, anyone with some hacking skills can read other people's e-mail, just as anyone with a strong light or a bottle of rubbing alcohol can read paper mail inside an envelope. This certainly does not negate the reasonable expectation of privacy in the latter case, and there is no evident reason why it should do so in the former.
    /.

  • I believe it protects the "right to bear arms" - not the right to a fire-arm. At the time the BofR was written, normal citizen could and did own some pretty high-power arms - everything from hand guns, up to and including cannon, mines, etc.

    So, yes - I would have to say I should be allowed to own an ICBM or a ton of C-4 if I want. The crime shouldn't be in the owning of said arms, but in the use of (ie, owning C-4 would be legal, using it to blow someone's house up would, however, be against the law)...
  • AFAIK only France used to have restrictions on the use (and possibly export) of cryptography, but they dropped those.

    Here in the Netherlands some attempts were made to regulate crypto, but public outcry made the politicians drop the silly plan. It is still legal to produce, sell, import, export or own cryptographic software here.

    The US pushed the world to include crypto software as dual-use goods in the Wassenaar agreements [wassenaar.org], but since an explicit exception is made for `Public Domain' (includes GPL) software, it is relatively harmless. As far as cryptography is concerned, Europe is much more free than the US.

  • I agree this is ordinary stuff, but...

    If the Wired article is accurate, then something -very- strange is going on. I read the opinions of the panel, and most of the stuff described by Wired as being in the Government's case would have little effect on the decision.

    The decision (summarized, and clouded by weeks since I read it) was based on these ideas:

    1. The Government can't exercise prior restraint on protected speech. Period.
    2. While the Government -can- exercise prior restraint on non-protected speech, it can only do so with severe restrictions -- guaranteed time-frame for review, strict guidelines for review, etc. "In the best judgement of..." or "against the policies of..." type guidelines don't do it. It has to be non-discressionary.
    3. The existing export regulations, which allow a 90-day review period, after which the item reviewed can be sent to the President for review, don't meet the guarantee requirement.
    4. The existing export regulations, which use "national security" as the guideline for review, don't meet the non-discressionary requirement.
    5. As such, the existing export regulations, if applied to first-amendment protected speech, would be well outside the guidelines established by the courts of allowable prior restraint, and would thus be unconstitutional.
    6. So the remaining question is: Is cryptographic source code, and specifically the source code at issue here, protected speech, or not? ["Speech", here, is a bit broader than just textual writings or actual spoken word. Other "expressions", such as burning a draft card or a flag, have been held to be protected speech.]
    7. To distinguish between protected speech and non-protected speech, it is necessary to look at the intent of the "speech". Is it intended to communicate an idea to another person (i.e., is "expressive", and therefor protected) or is it intended to control a device (i.e., is purely "functional", and therefore not protected).
    8. While source code tends to be functional in nature (it is, after all, designed to control the operation of a computer), it is also commonly used to clearly communicate details of algorithms, etc, in an expressive way, to other humans. So it also -can be- expressive.
    9. In particular, the source code involved in this case a) was written to demonstrate a technique, and b) is not complete in itself (it won't compile, but requires other parts to be written by the prospective user), it was not intended to be functional but rather expressive. Therefore, it is protected speech.
    10. Since it is possible for source code which could fall under the jurisdiction of the export regulations in question to be expressive, the law is unconstitutional, at least as far as it applies to expressive source code.
    11. Since the regulation is not written in a "separable" way, it is impossible to make it constitutional without an extensive line-by-line rewrite (which is beyond the purview of the court), so the -entire- regulation is ruled unconstitutional.

    The dissenting judge disagreed with point 8, and refused to consider that source code could have an expressive nature. Being purely functional, it was not entitled to first-amendment protection, so the regulation is constitutional. Other than that, he basically agreed with the reasoning.

    I fail to see how any of the claims that Wired was saying the DoJ was using (the vacuum-cleaner approach to surveillance, etc) would relate to the logic used in the opinions. It strikes me as absurd that they would use such an argument at odds with the case in question.

    Does anyone have a URL to the petition actually filed by the DoJ? Is it online anywhere?
  • Even if the government does ban this, there is no way that they can enforce it. They would be better off not trying to control it at all. They would save money.

    You claim Amirica is a Democracy? It appears, to me, anyway, to be more of an oligachary. It would deny crucial information to the population with the excuse of "The proletariat could never understand, it's too 'secret'". Bah.

    This is my first post on /.. Please excuse any of the more obvious incongruities. Thank you.
  • no. the supreme court reviews cases when the federal circuit courts can't agree on the interpretation of the constituion, and on issues concerning the executive and legislative branches. size/controversy have little (ideally no) impact on the decision to accept a case.
  • If you think about it probably the best thing that can happen for us is to have the DOJ appeal the decision and lose in the Supreme Court. The only way to overrule the Court is to make a Constitutional ammendment.
    The article quotes someone as saying that the worst case for the DOJ is to appeal and lose.
    The Supreme Court in the past has been very strict on free speech issues. despite decades of being packed with conservatives by the republicans the Court has been unfailingly ruthless in upholding freedom of speech.
    Just look at flag burning as an example. Most of the American public is behind an anti-flag burning law. but the Court has struck it down twice and Congress has tried and failed to make an Ammendment to overrule the Court.

    So I say that we encourage the DOJ to appeal to the Supreme Court. They'll lose again and then there will be no further recourse for them.
  • Actually, the Ninith Circuit's decision had very little to do with privacy. Nearly the entire decision hinged on issues concerning freedom of speech. (Yes, I acutally read the entire court decision. Yes, I'm a legal junky.) Bernstein argued that the source code was in no legitimate way different from a detailed description of the algorithm. The court likened source code to the non-natural language way that mathematicians communicate their work. While the DOJ argued that the functional use of source code made it substantially different, the court rejected that argument. The court argeed that code is sometimes the only way to fully express certain ideas in a suficiently compact manner, and so it was deserving of First Amendment protection. The export restrictions represented an unjustified prior restraint on free speech, and so were rejected.

    They got some good stuff on the case over at the EFF [eff.org] for anyone who's interested.

  • extraordinarily sensitive information that's too important to disclose publicly? Well I sure hope it's not encrypted, then other brances of the government might not be able to read it...

    When you look at it though, how is source code really different from speech? How is making the code availible different than speaking with a fellow programmer from a foreign country and discussing an algorithm, which they may even implement. If export of source code were to be illegal, and crypto to be truly blocked, the free exchange of ideas would also have to be blocked. Of course, that is also assuming that the United states is the only nation with programmers sophisticated enough to even dream of crypto, which is patently false. Oh, well, chalk one up for opponents of the US information economy.
  • >Most companies allow you to write a little >personal mail on their time, but in the end it >is their computer you are working on and their >resources used to send the mail. If it stored on >their computer they have a right to read it.

    At least in the Netherlands this is not true. If an employer wants to read an employees mail, it has to be announced in the contract, signed by the employee. ofcourse..I don't receive any of my mail at work, and store it all on external accounts. Guess I'm just paranoid ;)

  • The gov't has no more the right to read a written letter in a sealed envelope as does my next door neighbor.

    Actually, yes, they do. Letters from husbands to mistresses have been drudged up througout the history of Civil Court Proceedings. During Workd War II, my grandmother's job was to open international letters, block out ALL references to ANY time and place whatsoever. And let's not forget what a find the Microsoft Email was.

    I'm not in love with the idea of divulging any sort of information to the government, but if a person ever IS accoused of a crime, then the government - and the accouser / victim - has a limited right to the outgoing and incoming communications of the accoused. That includes wire taps, wired cops, and decryption.

    The key words are limit and moderation. Judgement and Common sense would be nice, but who are we kidding?

  • Every American can afford a $3-400 pc.

    You are probably right that every American can afford the $3 computer. Many definitely cannot afford a $400 computer. Some people don't even have phone connections. Others have no interest in having a computer in their home.

    It isn't necessarily a Luddite thing. People just have different priorities in their lives. I didn't have a television set in my house until recently (now I have one with a 2-1/2" LCD screen,) but I have a half dozen computers.
  • The US Government is not killing the talent pool. They are hiring it to work at the NSA and keeping the code they produce proprietary for-government-eyes-only. So they're definitely not shooting themselves in the foot. Unless you believe the laughable notion that the NSA don't know what they are doing.
  • They are trying to keep us from realizing the helicopters aren't black; they are actually teal.
  • DOJ and other spooks are worried that encryption will prevent them from monitoring the activity of the terrorists, child pornographers, drug dealers, and other meanaces to society. The simple fact of the matter is, encryption is rarely used in these circumstances.

    What do you base this statement on? Do you seriously think child pornographers send each other pornographic postcards? Do you think terrorists use Ham radio to communicate?
  • Greetings all.

    The NSA definitely knows what it's doing. That's why they were (along with their British equiv) so disturbed when Australia came clean about tracking its own citizens and those of other countries. Seriously, please see: http://www.dsd.gov.au/

    This monitoring is done automatically. All faxes, email, and phone converstations are scanned 24x7 for what the NSA and others consider to be pertinent info. Info that passes the filters is automagically passed via their computers to the various NSAish orgs around the world. No human intervention is allows.

    Think about that. You NEED strong encryption. Don't let the gov't or anyone else tell you otherwise. The US gov't wants to monitor its OWN citizens more than the purported criminals it continues to mention. The int'l terrorist line is just a smokescreen. This should have you upset! As others here have pointed out, criminals will get ahold of encryption either illegally in the USA or legally in some other country.

    Maybe I'm just upset b/c the NSA didn't offer me a job.

    -Paul Lantinga
    --
    NSA grabber: president, target, end, vice, hit, erase, kill, US, Bill, Al, Senator, $, agent, service, secret, package, bomb, encrypt, key, number, target, crypto, government, China, nuclear.

  • The basic issue that they are deciding on is that source code is protected by free speech. That is a really important win for privacy advocates as well as the free source folks.

    I think that another reasonable defense is that using crypto is just protecting your right not to testify against yourself and that the government demanding backdoors in crypto algorithms is an unreasonable search.

    Personally, if the government wants to protect me from criminals, I'd much rather have them restrict access to guns than encryption. Encryption doesn't kill or hurt anyone. *Smile*

    While I am wishing away, I hope that the EU forces the US to accept their better personal information laws. Currently, we have almost no protections against anyone selling information that they collect for legitimate purposes. I find the reports of government agencies selling income information to be horrid.

Slashdot Top Deals

"Life sucks, but death doesn't put out at all...." -- Thomas J. Kopp

Close