On Wed, 24 Feb 1993 11:05:05 -0900 "John W. Redelfs" <KSJWR@ALASKA> said:
 
>If the contents  of a message cannot be determined  to be controversial,
>what difference does  it make if everyone  knows who sent it?  A plot to
>hijack  an aircraft  carrier could  be freely  discussed on  a list  for
>homemakers baking for state fair competitions.
 
Can  we  please keep  our  hypothesis  constant so  that  we  can have  a
meaningful discussion? We were talking about the use of mailing lists and
LISTSERV in particular  to hold controversial discussions. If  I see that
you are posting  something to the KKK's closed list,  I don't really need
to know what exactly you said to suspect you of being affiliated with the
KKK.
 
>Why couldn't  a user  wanting privacy  encrypt his  posts, send  them by
>modem  to a  remote service  offering  anonymous posting,  and post  the
>encrypted traffic anonymously from there?  If the owner of the anonymous
>posting service  kept his records  encrypted, how would anyone  find out
>who the original author was?
 
How  do  you  run  a  mailing list  under  such  circumstances?  All  the
subscribers would have to  have the key to decrypt the  text. All it will
take  is a  hacker breaking  into one  of the  hundreds of  PC's or  unix
systems to get the key.
 
>The article was  written by a couple of mathematicians  who claimed that
>computers would  make encryption so  easy that codes could  be generated
>that would  be EFFECTIVELY  unbreakable, not PERFECTLY  unbreakable, but
>requiring so much CPU time to decode that no one would bother.
 
The Enigma traffic from WW II has still not be decrypted. What little the
secret services managed  to decrypt was due to the  fact that the Germans
started  all their  letters with  "My dear  and esteemed  colleague, blah
blah" and this  collateral was tremendously useful in  breaking the code.
But for the rest  - the common efforts of the  entire western world still
haven't managed to  break it. So you see, we  don't really need top-notch
technology to  have safe  encryption (Enigma, by  the way,  requires very
little CPU time; the expensive techniques are those using public keys).
 
Now look at what the US government has done to protect the privacy of its
citizens. Yuppiephone manufacturers realized that it was just too easy to
listen in, what with the market being close to saturation and requiring a
new generation of  phones so the sales could keep  rolling. So they added
encryption.  The  US government  didn't  take  long  to arrange  for  the
encryption technique to be rendered  virtually useless so that they could
easily listen  in. Within  a couple  years there  will be  receivers with
built-in yuppiephone decryption - oh, it  will be illegal to sell them of
course, but  they'll be available.  You know,  car radars are  illegal in
most european countries.
 
Frankly, I  don't see how  computers (which lawyers don't  understand and
are afraid of) can succeed where regular phones (which lawyers understand
and which are protected by all sorts of wiretapping laws) failed.
 
>I spent  several years  working as  a locksmith. There  are no  locks or
>security systems that  cannot be defeated. But there are  many that make
>it easier to go  elsewhere to break in. As locks  and alarms become more
>sophisticated, so do thieves. But the  reverse is also true. Wouldn't it
>be that way with encryption?
 
A  thief is  after  any house  containing valuables.  A  hacker has  very
different objectives.  If Joe  has decided  to collect  damaging evidence
about, say, all  democratic candidates, he isn't going  to start snooping
on republicans just because most of his victims were using encryption.
 
  Eric