1384 lines
79 KiB
Markdown
1384 lines
79 KiB
Markdown
|
11. Surveillance, Privacy, And Intelligence Agencies
|
||
|
|
||
|
11.1. copyright
|
||
|
THE CYPHERNOMICON: Cypherpunks FAQ and More, Version 0.666,
|
||
|
1994-09-10, Copyright Timothy C. May. All rights reserved.
|
||
|
See the detailed disclaimer. Use short sections under "fair
|
||
|
use" provisions, with appropriate credit, but don't put your
|
||
|
name on my words.
|
||
|
|
||
|
11.2. SUMMARY: Surveillance, Privacy, And Intelligence Agencies
|
||
|
11.2.1. Main Points
|
||
|
11.2.2. Connections to Other Sections
|
||
|
11.2.3. Where to Find Additional Information
|
||
|
- Bamford ("The Puzzle Palace"), Richelson (several books,
|
||
|
including "U.S. Intelligence Agencies"), Burrows ("Deep
|
||
|
Black," about the NRO and spy satellites), Covert Action
|
||
|
Quarterly
|
||
|
11.2.4. Miscellaneous Comments
|
||
|
|
||
|
11.3. Surveillance and Privacy
|
||
|
11.3.1. We've come a long way from Secretary of State Stimpson's
|
||
|
famous "Gentlemen do not read other gentlemen's mail"
|
||
|
statement. It is now widely taken for granted that Americans
|
||
|
are to be monitored, surveilled, and even wiretapped by the
|
||
|
various intelligence agencies. The FBI, the National Security
|
||
|
Agency, the CIA, the National Reconnaissance Office, etc.
|
||
|
(Yes, these groups have various charters telling them who
|
||
|
they can spy on, what legalities they have to meet, etc. But
|
||
|
they still spy. And there's not an uproar--the "What have you
|
||
|
got to hide?" side of the American privacy dichotomy.)
|
||
|
11.3.2. Duncan Frissell reminds us of Justice Jackson's 1948
|
||
|
dissenting opinion in some case:
|
||
|
- "The government could simplify criminal law enforcement by
|
||
|
requiring every citizen "to keep a diary that would show
|
||
|
where he was at all times, with whom he was, and what he
|
||
|
was up to." [D.F. 1994-09-06, from an article in the WSJ]
|
||
|
- (It should be noted that tracking devices--collars,
|
||
|
bracelets, implantable transmitters--exist and are in use
|
||
|
with prisoners. Some parents are even installing them in
|
||
|
children, it is rumored. A worry for the future?)
|
||
|
11.3.3. "What is the "surveillance state"?"
|
||
|
- the issue with crypto is the _centralization_ of
|
||
|
eavesdropping...much easier than planting bugs
|
||
|
+ "Should some freedom be given up for security?"
|
||
|
+ "Those who are willing to trade freedom for security
|
||
|
- deserve neither
|
||
|
+ freedom nor security
|
||
|
- Ben Franklin
|
||
|
- the tradeoff is often illusory--police states result when
|
||
|
the trains are made to run on time
|
||
|
- "It's a bit ironic that the Administration is crying foul
|
||
|
so loudly
|
||
|
over the Soviet/Russian spy in the CIA -- as if this was
|
||
|
unfair --
|
||
|
while they're openly proclaiming the right to spy on
|
||
|
citizens
|
||
|
and foreigners via Clipper." [Carl Ellison, 1994-02-23]
|
||
|
+ Cameras are becoming ubiquitous
|
||
|
+ cheap, integrated, new technologes
|
||
|
- SDI fisheye lens
|
||
|
- ATMs
|
||
|
- traffic, speed traps, street corners
|
||
|
- store security
|
||
|
- Barcodes--worst fear of all...and not plausible
|
||
|
+ Automatic recognition is still lacking
|
||
|
- getting better, slowly
|
||
|
- neural nets, etc. (but these require training)
|
||
|
11.3.4. "Why would the government monitor _my_ communications?"
|
||
|
- "Because of economics and political stability....You can
|
||
|
build computers and monitoring devices in secret, deploy
|
||
|
them in secret, and listen to _everything_. To listen to
|
||
|
everything with bludgeons and pharmaceuticals would not
|
||
|
only cost more in labor and equipment, but also engender a
|
||
|
radicalizing backlash to an actual police state." [Eric
|
||
|
Hughes, 1994-01-26]
|
||
|
- Systems like Digital Telephony and Clipper make it much too
|
||
|
easy for governments to routinely monitor their citizens,
|
||
|
using automated technology that requires drastically less
|
||
|
human involvement than previous police states required.
|
||
|
11.3.5. "How much surveillance is actually being done today?"
|
||
|
+ FBI and Law Enforcement Surveillance Activities
|
||
|
- the FBI kept records of meetings (between American
|
||
|
companies and Nazi interests), and may have used these
|
||
|
records during and after the war to pressure companies
|
||
|
+ NSA and Security Agency Surveillance Activities
|
||
|
- collecting economic intelligence
|
||
|
- in WW2, Economic Warfare Council (which was renamed Board
|
||
|
of Economic Warfare) kept tabs on shipments of petroleum
|
||
|
and other products
|
||
|
+ MINARET, code word for NSA "watch list" material
|
||
|
(intercepts)
|
||
|
- SIGINT OPERATION MINARET
|
||
|
- originally, watch list material was "TOP SECRET
|
||
|
HANDLE VIA COMINT CHANNELS ONLY UMBRA GAMMA"
|
||
|
+ NSA targeting is done primarily via a list called
|
||
|
Intelligence Guidelines for COMINT Priorities (IGCP)
|
||
|
- committe made up of representatives from several
|
||
|
intelligence agencies
|
||
|
- intiated in around 1966
|
||
|
+ revelations following Pentagon Papers that national
|
||
|
security elsur had picked up private conversations (part
|
||
|
of the Papers)
|
||
|
- timing of PP was late 1963, early 1964...about time UB
|
||
|
was getting going
|
||
|
+ F-3, the NSA's main antenna system for intercepting ASCII
|
||
|
transmissions from un-TEMPESTed terminals and PCs
|
||
|
- signals can be picked up through walls up to a foot
|
||
|
thick (or more, considering how such impulses bounce
|
||
|
around)
|
||
|
+ Joint FBI/NSA Surveillance Activities
|
||
|
+ Operation Shamrock was a tie between NSA and FBI
|
||
|
- since 1945, although there had been earlier intercepts,
|
||
|
too
|
||
|
- COINTELPRO, dissidents, radicals
|
||
|
+ 8/0/45 Operation Shamrock begins
|
||
|
- a sub rosa effort to continue the monitoring
|
||
|
arrangements of WW II
|
||
|
- ITT Communications agreed to turn over all cables
|
||
|
+ RCA Communications also turned over all cables
|
||
|
- even had an ex-Signal Corps officer as a VP to
|
||
|
handle the details
|
||
|
- direct hookups to RCA lines were made, for careful
|
||
|
monitoring by the ASA
|
||
|
- cables to and from corporations, law firms,
|
||
|
embassies, citizens were all kept
|
||
|
+ 12/16/47 Meeting between Sosthenes Behn of ITT,
|
||
|
General Ingles of RCA, and Sec. of Defense James
|
||
|
Forrestal
|
||
|
- to discuss Operation Shamrock
|
||
|
- to arrange exemptions from prosecution
|
||
|
+ 0/0/63 Operation Shamrock enters a new phase as RCA
|
||
|
Global switches to computerized operation
|
||
|
- coincident with Harvest at NSA
|
||
|
- and perfect for start of UB/Severn operations
|
||
|
+ 1/6/67 Hoover officially terminates "black bag"
|
||
|
operations
|
||
|
- concerned about blowback
|
||
|
- had previously helped NSA by stealing codes, ciphers,
|
||
|
decrypted traffic, planting bugs on phone lines, etc.
|
||
|
- from embassies, corporations
|
||
|
- unclear as to whether these operations continued
|
||
|
anyway
|
||
|
+ Plot Twist: may have been the motivation for NSA and
|
||
|
UB/Severn to pursue other avenues, such as the use of
|
||
|
criminals as cutouts
|
||
|
- and is parallel to "Plumbers Unit" used by White
|
||
|
House
|
||
|
+ 10/1/73 AG Elliot Richardson orders FBI and SS to
|
||
|
stop requesting NSA surveillance material
|
||
|
- NSA agreed to stop providing this, but didn't tell
|
||
|
Richardson about Shamrock or Minaret
|
||
|
- however, events of this year (1973) marked the end of
|
||
|
Minaret
|
||
|
+ 3/4/77 Justice Dept. recommends against prosecution
|
||
|
of any NSA or FBI personnel over Operations Shamrock
|
||
|
and Minaret
|
||
|
- decided that NSCID No. 9 (aka No. 6) gave NSA
|
||
|
sufficient leeway
|
||
|
- 5/15/75 Operation Shamrock officially terminated
|
||
|
- and Minaret, of course
|
||
|
+ Operation Shamrock-Details
|
||
|
+ 8/0/45 Operation Shamrock begins
|
||
|
- a sub rosa effort to continue the monitoring
|
||
|
arrangements of WW II
|
||
|
- ITT Communications agreed to turn over all cables
|
||
|
+ RCA Communications also turned over all cables
|
||
|
- even had an ex-Signal Corps officer as a VP to
|
||
|
handle the details
|
||
|
- direct hookups to RCA lines were made, for careful
|
||
|
monitoring by the ASA
|
||
|
- cables to and from corporations, law firms,
|
||
|
embassies, citizens were all kept
|
||
|
+ 12/16/47 Meeting between Sosthenes Behn of ITT,
|
||
|
General Ingles of RCA, and Sec. of Defense James
|
||
|
Forrestal
|
||
|
- to discuss Operation Shamrock
|
||
|
- to arrange exemptions from prosecution
|
||
|
+ 0/0/63 Operation Shamrock enters a new phase as RCA
|
||
|
Global switches to computerized operation
|
||
|
- coincident with Harvest at NSA
|
||
|
- and perfect for start of UB/Severn operations
|
||
|
+ 8/18/66 (Thursday) New analysis site in New York for
|
||
|
Operation Shamrock
|
||
|
+ Louis Tordella meets with CIA Dep. Dir. of Plans and
|
||
|
arranges to set up a new listening post for analysis
|
||
|
of the tapes from RCA and ITT (that had been being
|
||
|
shipped to NSA and then back)
|
||
|
- Tordella was later involved in setting up the watch
|
||
|
list in 1970 for the BNDD, (Operation Minaret)
|
||
|
- LPMEDLEY was code name, of a television tape
|
||
|
processing shop (reminiscent of "Man from U.N.C.L.E."
|
||
|
- but NSA had too move away later
|
||
|
- 5/15/75 Operation Shamrock officially terminated
|
||
|
+ 10/1/73 AG Elliot Richardson orders FBI and SS to
|
||
|
stop requesting NSA surveillance material
|
||
|
- NSA agreed to stop providing this, but didn't tell
|
||
|
Richardson about Shamrock or Minaret
|
||
|
- however, events of this year (1973) marked the end of
|
||
|
Minaret
|
||
|
- Abzug committee prompted by New York Daily News report,
|
||
|
7/22/75, that NSA and FBI had been monitoring
|
||
|
commercial cable traffic (Operation Shamrock)
|
||
|
+ 6/30/76 175 page report on Justice Dept.
|
||
|
investigation of Shamrock and Minaret
|
||
|
- only 2 copies prepared, classified TOP SECRET UMBRA,
|
||
|
HANDLE VIA COMINT CHANNELS ONLY
|
||
|
+ 3/4/77 Justice Dept. recommends against prosecution
|
||
|
of any NSA or FBI personnel over Operations Shamrock
|
||
|
and Minaret
|
||
|
- decided that NSCID No. 9 (aka No. 6) gave NSA
|
||
|
sufficient leeway
|
||
|
+ the NSA program, begun in August 1945, to monitor all
|
||
|
telegrams entering or leaving the U.S.
|
||
|
- reminiscent of Yardley's arrangements in the 1920s
|
||
|
(and probably some others)
|
||
|
- known only to Louis Tordella and agents involved
|
||
|
- compartmentalization
|
||
|
+ Plot Links of Operation Shamrock to Operation Ultra
|
||
|
Black
|
||
|
- many links, from secrecy, compartmentalization, and
|
||
|
illegality to the methods used and the subversion of
|
||
|
government power
|
||
|
- "Shamrock was blown...Ultra Black burrowed even
|
||
|
deeper."
|
||
|
+ NSA, FBI, and surveillance of Cuban sympathizers
|
||
|
- "watch list" used
|
||
|
- were there links to Meyer Lansky and Trafficante via
|
||
|
the JFK-Mafia connection?
|
||
|
- various Watergate break-in connections (Cubans used)
|
||
|
- Hoover ended black-bag operations in 1967-8
|
||
|
+ NSA, FBI, and Dissenters (COINTELPRO-type activities)
|
||
|
+ 10/20/67 NSA is asked to begin collecting information
|
||
|
related to civil disturbances, war protesters, etc.
|
||
|
- Army Intelligence, Secret Service, CIA, FBI, DIA were
|
||
|
all involved
|
||
|
- arguably, this continues (given the success of FBI
|
||
|
and Secret Service in heading off major acts of
|
||
|
terrorism and attempted assassinations)
|
||
|
+ Huston Plan and Related Plans (1970-71)
|
||
|
- 7/19/66 Hoover unofficially terminates black bag
|
||
|
operations
|
||
|
+ 1/6/67 Hoover officially terminates black bag
|
||
|
operations
|
||
|
- fearing blowback, concerned about his place in
|
||
|
history
|
||
|
+ 6/20/69 Tom C. Huston recommends increased
|
||
|
intelligence activity on dissent
|
||
|
- memo to NSA, CIA, DIA, FBI
|
||
|
- this later becomes basis of Huston Plan
|
||
|
+ 6/5/70 Meeting at White House to prepare for Huston
|
||
|
Plan; Interagency Committee on Intelligence (Ad Hoc),
|
||
|
ICI
|
||
|
- Nixon, Huston, Ehrlichman, Haldeman, Noel Gayler of
|
||
|
NSA. Richard Helms of CIA, J. Edgar Hoover of FBI,
|
||
|
Donald V. Bennett of DIA
|
||
|
- William Sullivan of FBI named to head ICI
|
||
|
+ NSA enthusiastically supported ICI
|
||
|
- PROD named Benson Buffham as liaison
|
||
|
- sought increased surreptitious entries and
|
||
|
elimination of legal restrictions on domestic
|
||
|
surveillance (not that they had felt bound by
|
||
|
legalisms)
|
||
|
- recipients to be on "Bigot List" and with even more
|
||
|
security than traditional TOP SECRET, HANDLE VIA
|
||
|
COMINT CHANNELS ONLY
|
||
|
-
|
||
|
+ 7/23/70 Huston Plan circulated
|
||
|
- 43 pages, entitled Domestic Intelligence Gathering
|
||
|
Plan: Analysis and Stategy
|
||
|
- urged increased surreptitious entries (for codes,
|
||
|
ciphers, plans, membership lists)
|
||
|
- targeting of embassies
|
||
|
+ 7/27/70 Huston Plan cancelled
|
||
|
- pressure by Attorney General John Mitchell
|
||
|
- and perhaps by Hoover
|
||
|
- Huston demoted; he resigned a year later
|
||
|
- but the Plan was not really dead...perhaps Huston's
|
||
|
mistake was in being young and vocal and making the
|
||
|
report too visible and not deniable enough
|
||
|
+ 12/3/70 Intelligence Evaluation Committee (IEC) meets
|
||
|
(Son-of-Huston Plan)
|
||
|
- John Dean arranged it in fall of '70
|
||
|
- Robert C. Mardian, Assistant AG for Internal Security
|
||
|
headed up the IEC
|
||
|
- Benson Buffham of NSA/PROD, James Jesus Angleton of
|
||
|
CIA, George Moore from FBI, Col. John Downie from DOD
|
||
|
- essentially adopted all of Huston Plan
|
||
|
+ 1/26/71 NSA issues NSA Contribution to Domestic
|
||
|
Intelligence (as part of IEC)
|
||
|
- increased scope of surveillance related to drugs (via
|
||
|
BNDD and FBI), foreign nationals
|
||
|
- "no indication of origin" on generated material
|
||
|
- full compartmentalization, NSA to ensure compliance
|
||
|
+ 8/4/71 G. Gordon Liddy attends IEC meeting, to get
|
||
|
them to investigate leaks of Pentagon Papers
|
||
|
- channel from NSA/PROD to Plumber's Unit in White
|
||
|
House, bypassing other agencies
|
||
|
+ 6/7/73 New York Times reveals details of Huston Plan
|
||
|
- full text published
|
||
|
- trials of Weatherman jeopardized and ultimately
|
||
|
derailed it
|
||
|
+ 10/1/73 AG Elliot Richardson orders FBI and SS to
|
||
|
stop requesting NSA surveillance material
|
||
|
- NSA agreed to stop providing this, but didn't tell
|
||
|
Richardson about Shamrock or Minaret
|
||
|
- however, events of this year (1973) marked the end of
|
||
|
Minaret
|
||
|
+ FINCEN, IRS, and Other Economic Surveillance
|
||
|
- set up in Arlington as a group to monitor the flows of
|
||
|
money and information
|
||
|
+ eventually these groups will see the need to actively
|
||
|
hack into computer systems used by various groups that
|
||
|
are under investigation
|
||
|
- ties to the death of Alan Standorf? (Vint Hill)
|
||
|
- Casolaro, Riconosciutto
|
||
|
11.3.6. "Does the government want to monitor economic transactions?"
|
||
|
- Incontrovertibly, they _want_ to. Whether they have actual
|
||
|
plans to do so is more debatable. The Clipper and Digital
|
||
|
Telephony proposals are but two of the indications they
|
||
|
have great plans laid to ensure their surveillance
|
||
|
capabilities are maintained and extended.
|
||
|
- The government will get increasingly panicky as more Net
|
||
|
commerce develops, as trade moves offshore, and as
|
||
|
encryption spreads.
|
||
|
11.3.7. A danger of the surveillance society: You can't hide
|
||
|
- seldom discussed as a concern
|
||
|
- no escape valve, no place for those who made mistakes to
|
||
|
escape to
|
||
|
- (historically, this is a way for criminals to get back on a
|
||
|
better track--if a digital identity means their record
|
||
|
forever follows them, this may...)
|
||
|
+ A growing problem in America and other "democratic"
|
||
|
countries is the tendency to make mandatory what were once
|
||
|
voluntary choices. For example, fingerprinting children to
|
||
|
help in kidnapping cases may be a reasonable thing to do
|
||
|
voluntarily, but some school districts are planning to make
|
||
|
it mandatory.
|
||
|
- This is all part of the "Let's pass a law" mentality.
|
||
|
11.3.8. "Should I refuse to give my Social Security Number to those
|
||
|
who ask for it?"
|
||
|
- It's a bit off of crypto, but the question does keep coming
|
||
|
up on the Cypherpunks list.
|
||
|
- Actually, they don't even need to ask for it
|
||
|
anymore....it's attached to so many _other_ things that pop
|
||
|
up when they enter your name that it's a moot point. In
|
||
|
other words, the same dossiers that allow the credit card
|
||
|
companies to send you "preapproved credit cards" every few
|
||
|
days are the same dossiers that MCI, Sprint, AT&T, etc. are
|
||
|
using to sign you up.
|
||
|
11.3.9. "What is 'Privacy 101'?"
|
||
|
- I couldn't think of a better way to introduce the topic of
|
||
|
how individuals can protect their privacy, avoid
|
||
|
interference by the government, and (perhaps) avoid taxes.
|
||
|
- Duncan Frissell and Sandy Sandfort have given out a lot of
|
||
|
tips on this, some of them just plain common sense, some of
|
||
|
them more arcane.
|
||
|
+ They are conducting a seminar, entitled "PRIVACY 101" and
|
||
|
the archives of this are available by Web at:
|
||
|
- http://www.iquest.com/~fairgate/privacy/index.html
|
||
|
11.3.10. Cellular phones are trackable by region...people are getting
|
||
|
phone calls as they cross into new zones, "welcoming" them
|
||
|
- but it implies that their position is already being tracked
|
||
|
11.3.11. Ubiquitous use of SSNs and other personal I.D.
|
||
|
11.3.12. cameras that can recognize faces are placed in many public
|
||
|
places, e.g., airports, ports of entry, government buildings
|
||
|
- and even in some private places, e.g., casinos, stores that
|
||
|
have had problems with certain customers, banks that face
|
||
|
robberies, etc.
|
||
|
11.3.13. speculation (for the paranoids)
|
||
|
- covert surveillance by noninvasive detection
|
||
|
methods...positron emission tomography to see what part of
|
||
|
the brain is active (think of the paranoia possibility!)
|
||
|
- typically needs special compounds, but...
|
||
|
11.3.14. Diaries are no longer private
|
||
|
+ can be opened under several conditions
|
||
|
- subpoena in trial
|
||
|
- discovery in various court cases, including divorce,
|
||
|
custody, libel, etc.
|
||
|
- business dealings
|
||
|
- psychiatrists (under Tarasoff ruling) can have records
|
||
|
opened; whatever one may think of the need for crimes
|
||
|
confessed to shrinks to be reported, this is certainly a
|
||
|
new era
|
||
|
- Packwood diary case establishes the trend: diaries are no
|
||
|
longer sacrosanct
|
||
|
- An implication for crypto and Cypherpunks topics is that
|
||
|
diaries and similar records may be stored in encrypted
|
||
|
forms, or located in offshore locations. There may be more
|
||
|
and more use of offshore or encrypted records.
|
||
|
|
||
|
11.4. U.S. Intelligence Agencies: NSA, FinCEN, CIA, DIA, NRO, FBI
|
||
|
11.4.1. The focus here is on U.S. agencies, for various reasons. Most
|
||
|
Cypherpunks are currently Americans, the NSA has a dominant
|
||
|
role in surveillance technology, and the U.S. is the focus of
|
||
|
most current crypto debate. (Britain has the GCHQ, Canada has
|
||
|
its own SIGINT group, the Dutch have...., France has DGSE and
|
||
|
so forth, and...)
|
||
|
11.4.2. Technically, not all are equal. And some may quibble with my
|
||
|
calling the FBI an "intelligence agency." All have
|
||
|
surveillance and monitoring functions, albeit of different
|
||
|
flavors.
|
||
|
11.4.3. "Is the NSA involved in domestic surveillance?"
|
||
|
+ Not completely confirmed, but much evidence that the answer
|
||
|
is "yes":
|
||
|
* previous domestic surveillance (Operation Shamrock,
|
||
|
telegraphs, ITT, collusion with FBI, etc.)
|
||
|
* reciprocal arrangements with GCHQ (U.K.)
|
||
|
* arrangements on Indian reservations for microwave
|
||
|
intercepts
|
||
|
* the general technology allows it (SIGINT, phone lines)
|
||
|
* the National Security Act of 1947, and later
|
||
|
clarifications and Executive Orders, makes it likely
|
||
|
- And the push for Digital Telephony.
|
||
|
11.4.4. "What will be the effects of widespread crypto use on
|
||
|
intelligence collection?"
|
||
|
- Read Bamford for some stuff on how the NSA intercepts
|
||
|
overseas communications, how they sold deliberately-
|
||
|
crippled crypto machines to Third World nations, and how
|
||
|
much they fear the spread of strong, essentially
|
||
|
unbreakable crypto. "The Puzzle Palace" was published in
|
||
|
1982...things have only gotten worse in this regard since.
|
||
|
- Statements from senior intelligence officials reflect this
|
||
|
concern.
|
||
|
- Digital dead drops will change the whole espionage game.
|
||
|
Information markets, data havens, untraceable e-mail...all
|
||
|
of these things will have a profound effect on national
|
||
|
security issues.
|
||
|
- I expect folks like Tom Clancy to be writing novels about
|
||
|
how U.S. national security interests are being threatened
|
||
|
by "unbreakable crypto." (I like some Clancy novels, but
|
||
|
there's no denying he is a right-winger who's openly
|
||
|
critical of social trends, and that he believes druggies
|
||
|
should be killed, the government is necessary to ward off
|
||
|
evil, and ordinary citizens ought not to have tools the
|
||
|
government can't overcome.)
|
||
|
11.4.5. "What will the effects of crypto on conventional espionage?"
|
||
|
- Massive effects; watch out for this to be cited as a reason
|
||
|
to ban or restrict crypto--however pointless that may be.
|
||
|
+ Effects:
|
||
|
- information markets, a la BlackNet
|
||
|
- digital dead drops -- why use Coke cans near oak trees
|
||
|
when you can put messages into files and post them
|
||
|
worldwide, with untraceably? (but, importantly, with a
|
||
|
digital signature!)
|
||
|
- transparency of borders
|
||
|
- arms trade, arms deals
|
||
|
- virus, weaponry
|
||
|
11.4.6. NSA budget
|
||
|
- $27 billion over 6 years, give or take
|
||
|
- may actually increase, despite end of Cold War
|
||
|
- new threats, smaller states, spread of nukes, concerns
|
||
|
about trade, money-laundering, etc.
|
||
|
- first rule of bureaucracies: they always get bigger
|
||
|
+ NSA-Cray Computer supercomputer
|
||
|
+ press release, 1994-08-17, gives some clues about the
|
||
|
capabilities sought by the surveillance state
|
||
|
- "The Cray-3/SSS will be a hybrid system capable of
|
||
|
vector parallel processing, scalable parallel
|
||
|
processing and a combination of both. The system will
|
||
|
consist of a dual processor 256 million word Cray-3 and
|
||
|
a 512,000 processor 128 million byte single instruction
|
||
|
multiple data (SIMD) array......SIMD arrays of one
|
||
|
million processors are expected to be possible using
|
||
|
the current version of the Processor-In-Memory (PIM)
|
||
|
chips developed by the Supercomputing Research Center
|
||
|
once the development project is completed. The PIM chip
|
||
|
contains 64 single-bit processors and 128 kilobyte bits
|
||
|
of memory. Cray Computer will package PIM chips
|
||
|
utilizing its advanced multiple chip module packaging
|
||
|
technology. The chips are manufactured by National
|
||
|
Semiconductor Corporation."
|
||
|
- This is probably the supercomputer described in the
|
||
|
Gunter Ahrendt report
|
||
|
11.4.7. FINCEN, IRS, and Other Economic Surveillance
|
||
|
- Financial Crimes Enforcement Network, a consortium or task
|
||
|
force made up of DEA, DOJ, FBI, CIA, DIA, NSA, IRS, etc.
|
||
|
- set up in Arlington as a group to monitor the flows of
|
||
|
money and information
|
||
|
- eventually these groups will see the need to hack into
|
||
|
computer systems used by various groups that are under
|
||
|
investigation
|
||
|
- Cf. "Wired," either November or December, 1993
|
||
|
11.4.8. "Why are so many computer service, telecom, and credit agency
|
||
|
companies located near U.S. intelligence agency sites?"
|
||
|
+ For example, the cluster of telecom and credit reporting
|
||
|
agencies (TRW Credit, Transunion, etc.) in and around the
|
||
|
McLean/Langley area of Northern Virginia (including
|
||
|
Herndon, Vienna, Tyson's Corner, Chantilly, etc.)
|
||
|
- same thing for, as I recall, various computer network
|
||
|
providers, such as UUCP (or whatever), America Online,
|
||
|
etc.
|
||
|
- The least conspiratorial view: because all are located near
|
||
|
Washington, D.C., for various regulatory, lobbying, etc.
|
||
|
reasons
|
||
|
+ The most conspiratorial view: to ensure that the
|
||
|
intelligence agencies have easy access to communications,
|
||
|
direct landlines, etc.
|
||
|
- credit reporting agencies need to clear identities that
|
||
|
are fabricated for the intelligence agencies, WitSec,
|
||
|
etc. (the three major credit agencies have to be
|
||
|
complicit in these creations, as the "ghosts" show up
|
||
|
immediately when past records are cross-correlated)
|
||
|
- As Paul Ferguson, Cypherpunk and manager at US Sprint,
|
||
|
puts it: "We're located in Herndon, Virginia, right
|
||
|
across the street from Dulles Airport and a hop, skip &
|
||
|
jump down the street from the new NRO office. ,-)"
|
||
|
[P.F., 1994-08-18]
|
||
|
11.4.9. Task Force 157, ONI, Kissinger, Castle Bank, Nugan Hand Bank,
|
||
|
CIA
|
||
|
11.4.10. NRO building controversy
|
||
|
- and an agency I hadn't seen listed until August, 1994: "The
|
||
|
Central Imagery Office"
|
||
|
11.4.11. SIGINT listening posts
|
||
|
+ possible monkeywrenching?
|
||
|
- probably too hard, even for an EMP bomb (non-nuclear,
|
||
|
that is)
|
||
|
11.4.12. "What steps is the NSA taking?"
|
||
|
* besides death threats against Jim Bidzos, that is
|
||
|
* Clipper a plan to drive competitors out (pricing, export
|
||
|
laws, harassment)
|
||
|
* cooperation with other intelligence agencies, other nations
|
||
|
- New World Order
|
||
|
* death threats were likely just a case of bullying...but
|
||
|
could conceivably be part of a campaign of terror--to shut
|
||
|
up critics or at least cause them to hesitate
|
||
|
|
||
|
11.5. Surveillance in Other Countries
|
||
|
11.5.1. Partly this overlaps on the earlier discussion of crypto laws
|
||
|
in other countries.
|
||
|
11.5.2. Major Non-U.S. Surveillance Organizations
|
||
|
+ BnD -- Bundesnachrichtendienst
|
||
|
- German security service
|
||
|
- BND is seeking constitutional amendment, buy may not need
|
||
|
it, as the mere call for it told everyone what is already
|
||
|
existing
|
||
|
- "vacuum cleaner in the ether"
|
||
|
- Gehlen...Eastern Front Intelligence
|
||
|
- Pullach, outside Munchen
|
||
|
- they have always tried to get the approval to do domestic
|
||
|
spying...a key to power
|
||
|
+ Bundeskriminalamt (BKA) -- W. German FBI
|
||
|
- HQ is at Wiesbaden
|
||
|
- bomb blew up there when being examined, killing an
|
||
|
officer (related to Pan Am/Lockerbie/PFLP-GC)
|
||
|
- sign has double black eagles (back to back)
|
||
|
- BVD -- Binnenlandse Veiligheids Dienst, Dutch Internal
|
||
|
Security Service
|
||
|
+ SDECE
|
||
|
- French intelligence (foreign intelligence), linked to
|
||
|
Greepeace ship bombing in New Zealand?
|
||
|
- SDECE had links to the October Surprise, as some French
|
||
|
agents were in on the negotiations, the arms shipments
|
||
|
out of Marseilles and Toulon, and in meetings with
|
||
|
Russbacher and the others
|
||
|
- DST, Direction de la Surveillance du Territoire,
|
||
|
counterespionage arm of France (parallel to FBI)
|
||
|
+ DSGE, Direction GŽnŽrale de la SŽcuritŽ ExtŽriere
|
||
|
- provides draft deferments for those who deliver stolen
|
||
|
information
|
||
|
+ Sweden, Forsvarets Radioanstalt ("Radio Agency of the
|
||
|
Defense")
|
||
|
- cracked German communications between occupied Norway and
|
||
|
occupied Denmark
|
||
|
- Beurling, with paper and pencil only
|
||
|
+ Mossad, LAKAM, Israel
|
||
|
+ HQ in Tel Aviv, near HQ of AMAN, military intelligence
|
||
|
- doesn't HQ move around a lot?
|
||
|
- LAKAM (sp?), a supersecret Israeli intelligence
|
||
|
agency...was shown the PROMIS software in 1983
|
||
|
+ learned of the Pakistani success in building an atom bomb
|
||
|
and took action against the Pakistani leadership:
|
||
|
destruction of the plane carrying the President (Zia?)
|
||
|
and some U.S. experts
|
||
|
- Mossad knew of DIA and CIA involvement in BCCI
|
||
|
financing of Pakistani atom bomb efforts (and links to
|
||
|
other arms dealers that allowed triggers and the like
|
||
|
to reach Pakistan)
|
||
|
- revelations by Vanunu were designed to scare the Arab and
|
||
|
Muslim world-and to send a signal that the killing of
|
||
|
President Zia was to be the fate of any Pakistani leader
|
||
|
who continued the program
|
||
|
11.5.3. They are very active, though they get less publicity than do
|
||
|
the American CIA, NSA, FBI, etc.
|
||
|
|
||
|
11.6. Surveillance Methods and Technology
|
||
|
11.6.1. (some of this gets speculative and so may not be to
|
||
|
everyone's liking)
|
||
|
11.6.2. "What is TEMPEST and what's the importance of it?"
|
||
|
- TEMPEST apprarently stands for nothing, and hence is not an
|
||
|
acronym, just a name. The all caps is the standard
|
||
|
spelling.
|
||
|
- RF emission, a set of specs for complying
|
||
|
- Van Eyck (or Van Eck?) radiation
|
||
|
+ Mostly CRTs are the concern, but also LCD panels and the
|
||
|
internal circuitry of the PCs, workstations, or terminals.
|
||
|
- "Many LCD screens can be read at a distance. The signal
|
||
|
is not as strong as that from the worst vdus, but it is
|
||
|
still considerable. I have demonstrated attacks on Zenith
|
||
|
laptops at 10 metres or so with an ESL 400 monitoring
|
||
|
receiver and a 4m dipole antenna; with a more modern
|
||
|
receiver, a directional antenna and a quiet RF
|
||
|
environment there is no reason why 100 metres should be
|
||
|
impossible." [Ross Anderson, Tempest Attacks on Notebook
|
||
|
Computers ???, comp.security.misc, 1994-08-31]
|
||
|
11.6.3. What are some of the New Technologies for Espionage and
|
||
|
Surveillance
|
||
|
+ Bugs
|
||
|
+ NSA and CIA have developed new levels of miniaturized
|
||
|
bugs
|
||
|
- e.g., passive systems that only dribble out intercepted
|
||
|
material when interrogated (e.g., when no bug sweeps
|
||
|
are underway)
|
||
|
- many of these new bugging technologies were used in the
|
||
|
John Gotti case in New York...the end of the Cold War
|
||
|
meant that many of these technologies became available
|
||
|
for use by the non-defense side
|
||
|
- the use of such bugging technology is a frightening
|
||
|
development: conversations can be heard inside sealed
|
||
|
houses from across streets, and all that will be
|
||
|
required is an obligatory warrant
|
||
|
+ DRAM storage of compressed speech...6-bit companded,
|
||
|
frequency-limited, so that 1 sec of speech takes
|
||
|
50Kbits, or 10K when compressed, for a total of 36 Mbits
|
||
|
per hour-this will fit on a single chip
|
||
|
- readout can be done from a "mothership" module (a
|
||
|
larger bug that sits in some more secure location)
|
||
|
- or via tight-beam lasers
|
||
|
+ Bugs are Mobile
|
||
|
- can crawl up walls, using the MIT-built technology for
|
||
|
microrobots
|
||
|
- some can even fly for short distances (a few klicks)
|
||
|
+ Wiretaps
|
||
|
- so many approaches here
|
||
|
- phone switches are almost totally digital (a la ESS IV)
|
||
|
- again, software hacks to allow wiretaps
|
||
|
+ Vans equipped to eavesdrop on PCs and networks
|
||
|
+ TEMPEST systems
|
||
|
+ technology is somewhat restricted, companies doing this
|
||
|
work are under limitations not to ship to some
|
||
|
customers
|
||
|
- no laws against shielding, of course
|
||
|
- these vans are justified for the "war on drugs" and
|
||
|
weapons proliferation controle efforts (N.E.S.T., anti-
|
||
|
Iraq, etc.)
|
||
|
+ Long-distance listening
|
||
|
- parabolic reflectors, noise cancellation (from any off-
|
||
|
axis sources), high gain amplification, phoneme analysis
|
||
|
- neural nets that learn the speech patterns and so can
|
||
|
improve clarity
|
||
|
+ lip-reading
|
||
|
- with electronically stabilized CCD imagers, 3000mm lenses
|
||
|
- neural net-based lip-reading programs, with learning
|
||
|
systems capable of improving performance
|
||
|
- for those in sensitive positions, the availability of new
|
||
|
bugging methods will accelerate the conversion to secure
|
||
|
systems based on encrypted telecommunications and the
|
||
|
avoidance of voice-based systems
|
||
|
11.6.4. Digital Telephony II is a major step toward easier
|
||
|
surveillance
|
||
|
11.6.5. Citizen tracking
|
||
|
+ the governments of the world would obviously like to trace
|
||
|
the movements, or at least the major movements, of their
|
||
|
subjects
|
||
|
- makes black markets a bit more difficult
|
||
|
- surfaces terrorists, illegal immigrants, etc. (not
|
||
|
perfectly)
|
||
|
+ allows tracking of "sex offenders"
|
||
|
- who often have to register with the local police,
|
||
|
announce to their neighbors their previous crimes, and
|
||
|
generally wear a scarlet letter at all times--I'm not
|
||
|
defending rapists and child molesters, just noting the
|
||
|
dangerous precedent this is setting
|
||
|
- because its the nature of bureaucracies to want to know
|
||
|
where "their" subjects are (dossier society = accounting
|
||
|
society...records are paramount)
|
||
|
+ Bill Stewart has pointed out that the national health care
|
||
|
systems, and the issuance of social security numbers to
|
||
|
children, represent a way to track the movements of
|
||
|
children, through hospital visits, schools, etc. Maybe even
|
||
|
random check points at places where children gather (malls,
|
||
|
schools, playgrounds, opium dens, etc.)
|
||
|
- children in such places are presumed to have lesser
|
||
|
rights, hence...
|
||
|
- this could all be used to track down kidnapped children,
|
||
|
non-custodial parents, etc.
|
||
|
- this could be a wedge in the door: as the children age,
|
||
|
the system is already in place to continue the tracking
|
||
|
(about the right timetable, too...start the systme this
|
||
|
decade and by 2010 or 2020, nearly everybody will be in
|
||
|
it)
|
||
|
- (A true paranoid would link these ideas to the child
|
||
|
photos many schools are requring, many local police
|
||
|
departments are officially assisting with, etc. A dossier
|
||
|
society needs mug shots on all the perps.)
|
||
|
- These are all reasons why governments will continue to push
|
||
|
for identity systems and will seek to derail efforts at
|
||
|
providing anonymity
|
||
|
+ Surveillance and Personnel Identification
|
||
|
+ cameras that can recognize faces are placed in many
|
||
|
public places, e.g., airports, ports of entry, government
|
||
|
buildings
|
||
|
- and even in some private places, e.g., casinos, stores
|
||
|
that have had problems with certain customers, banks
|
||
|
that face robberies, etc.
|
||
|
+ "suspicious movements detectors"
|
||
|
+ cameras that track movements, loitering, eye contact
|
||
|
with other patrons
|
||
|
+ neural nets used to classify behvaiors
|
||
|
- legal standing not needed, as these systems are
|
||
|
used only to trigger further surveillance, not to
|
||
|
prove guilt in a court of law
|
||
|
- example: banks have cameras, by 1998, that can
|
||
|
identify potential bank robbers
|
||
|
- camera images are sent to a central monitoring
|
||
|
facility, so the usual ploy of stopping the silent
|
||
|
alarm won't work
|
||
|
- airports and train stations (fears of terrorists),
|
||
|
other public places
|
||
|
11.6.6. Cellular phones are trackable by region...people are getting
|
||
|
phone calls as they cross into new zones, "welcoming" them
|
||
|
- but it implies that their position is already being tracked
|
||
|
11.6.7. coming surveillance, Van Eck, piracy, vans
|
||
|
- An interesting sign of things to come is provided in this
|
||
|
tale from a list member: "In Britain we have 'TV detector
|
||
|
Vans'. These are to detect licence evaders (you need to pay
|
||
|
an annual licence for the BBC channels). They are provided
|
||
|
by the Department of Trade and Industry. They use something
|
||
|
like a small minibus and use Van Eck principles. They have
|
||
|
two steerable detectors on the van roof so they can
|
||
|
triangulate. But TV shops have to notify the Government of
|
||
|
buyers - so that is the basic way in which licence evaders
|
||
|
are detected. ... I read of a case on a bulletin board
|
||
|
where someone did not have a TV but used a PC. He got a
|
||
|
knock on the door. They said he appeared to have a TV but
|
||
|
they could not make out what channel he was watching!
|
||
|
[Martin Spellman, <mspellman@cix.compulink.co.uk>, 1994-
|
||
|
0703]
|
||
|
- This kind of surveillance is likely to become more and more
|
||
|
common, and raises serious questions about what _other_
|
||
|
information they'll look for. Perhaps the software piracy
|
||
|
enforcers (Software Publishers Association) will look for
|
||
|
illegal copies of Microsoft Word or SimCity! (This area
|
||
|
needs more discussion, obviously.)
|
||
|
11.6.8. wiretaps
|
||
|
- supposed to notify targets within 90 days, unless extended
|
||
|
by a judge
|
||
|
- Foreign Intelligence Surveillance Act cases are exempt from
|
||
|
this (it is likely that Cypherpunks wiretapped, if they
|
||
|
have been, for crypto activities fall under this
|
||
|
case...foreigners, borders being crossed, national security
|
||
|
implications, etc. are all plausible reasons, under the
|
||
|
Act)
|
||
|
|
||
|
11.7. Surveillance Targets
|
||
|
11.7.1. Things the Government May Monitor
|
||
|
- besides the obvious things like diplomatic cable traffic,
|
||
|
phone calls from and to suspected terrorists and criminals,
|
||
|
etc.
|
||
|
+ links between Congressmen and foreign embassies
|
||
|
- claims in NYT (c. 9-19-91) that CIA had files on
|
||
|
Congressmen opposing aid to Contras
|
||
|
+ Grow lamps for marijuana cultivation
|
||
|
- raids on hydroponic supply houses and seizure of mailing
|
||
|
lists
|
||
|
- records of postings to alt.drugs and alt.psychoactive
|
||
|
- vitamin buyers clubs
|
||
|
+ Energy consumption
|
||
|
- to spot use of grow lamps
|
||
|
+ but also might be refined to spot illegal aliens being
|
||
|
sheltered or any other household energy consumption
|
||
|
"inconsistent with reported uses"
|
||
|
- same for water, sewage, etc.
|
||
|
+ raw chemicals
|
||
|
- as with monitors on ammonium nitrate and other bomb
|
||
|
materials
|
||
|
- or feedstock for cocaine production (recall various
|
||
|
seizures of shipments of chemicals to Latin America)
|
||
|
- checkout of books, a la FBI's "Library Awareness Program"
|
||
|
of around 1986 or so
|
||
|
- attendance at key conferences, such as Hackers Conference
|
||
|
(could have scenes involving this), Computer Security
|
||
|
Conference
|
||
|
11.7.2. Economic Intelligence (Spying on Corporations, Foreign and
|
||
|
Domestic)
|
||
|
+ "Does the NSA use economic intelligence data obtained in
|
||
|
intercepts?"
|
||
|
- Some of us speculate that this is so, that this has been
|
||
|
going on since the 1960s at least. For example, Bamford
|
||
|
noted in 1982 that the NSA had foreknowledge of the plans
|
||
|
by the British to devalue the pound in the late 1970s,
|
||
|
and knowledge of various corporate plans.
|
||
|
- The NSA clears codes used by the CIA, so it seem
|
||
|
impossible for the NSA not to have known about CIA drug
|
||
|
smuggling activities. The NSA is very circumspect,
|
||
|
however, and rarely (or never) comments.
|
||
|
+ there have been calls for the government to somehow help
|
||
|
American business and overall competitiveness by "levelling
|
||
|
the playing field" via espionage
|
||
|
- especially as the perceived threat of the Soviet bloc
|
||
|
diminishes and as the perceived threat of Japan and
|
||
|
Germany increases
|
||
|
- leaders of the NSA and CIA have even talked openly about
|
||
|
turning to economic surveillance
|
||
|
+ Problems with this proposal:
|
||
|
- illegal
|
||
|
- unethical
|
||
|
+ who gets the intelligence information? Does NSA just call
|
||
|
up Apple and say "We've intercepted some message from
|
||
|
Taiwan that describe their plans for factories. Are you
|
||
|
interested?"
|
||
|
- the U.S. situation differs from Japan and MITI (which
|
||
|
is often portrayed as the model for how this ought to
|
||
|
work) in that we have many companies with little or no
|
||
|
history of obeying government recommendations
|
||
|
+ and foreign countries will likely learn of this espionage
|
||
|
and take appropriate measures
|
||
|
- e.g., by increasing encryption
|
||
|
11.7.3. War on Drugs and Money Laundering is Causing Increase in
|
||
|
Surveillance and Monitoring
|
||
|
- monitoring flows of capital, cash transactions, etc.
|
||
|
- cooperation with Interpol, foreign governments, even the
|
||
|
Soviets and KGB (or whatever becomes of them)
|
||
|
- new radar systems are monitoring light aircraft, boats,
|
||
|
etc.
|
||
|
|
||
|
11.8. Legal Issues
|
||
|
11.8.1. "Can my boss monitor my work?" "Can my bankruptcy in 1980 be
|
||
|
used to deny me a loan?" etc.
|
||
|
- Libertarians have a very different set of answers than do
|
||
|
many others: the answer to all these questions is mostly
|
||
|
"yes," morally (sorry for the normative view).
|
||
|
11.8.2. Theme: to protect some rights, invasion of privacy is being
|
||
|
justified
|
||
|
- e.g., by forcing employer records to be turned over, or of
|
||
|
seizing video rental records (on the grounds of catching
|
||
|
sexual deviants)
|
||
|
- various laws about employee monitoring
|
||
|
11.8.3. Government ID cards, ability to fake identities
|
||
|
- The government uses its powers to forge credentials, with
|
||
|
the collusion of the major credit agencies (who obviously
|
||
|
see these fake identities "pop into existence full-blown."
|
||
|
- WitSec, FINCen, false IDs, ties to credit card companies
|
||
|
- DEA stings, Heidi in La Jolla, Tava, fake tax returns, fake
|
||
|
bank applications, fake IDs
|
||
|
- the "above it all" attitude is typical of this...who guards
|
||
|
the guardians?
|
||
|
- WitSec, duplicity
|
||
|
11.8.4. Legalities of NSA surveillance
|
||
|
- read Bamford for some circa 1982 poinra
|
||
|
- UK-USA
|
||
|
- ECPA
|
||
|
- national security exemptions
|
||
|
- lots of confusion; however, the laws have never had any
|
||
|
real influence, and I cannot imagine the NSA being sued!
|
||
|
|
||
|
11.9. Dossiers and Data Bases
|
||
|
11.9.1. "The dossier never forgets"
|
||
|
+ any transgressions of any law in any country can be stored
|
||
|
indefinitely, exposing the transgressor to arrest and
|
||
|
detention anytime he enters a country with such a record on
|
||
|
him
|
||
|
- (This came up with regard to the British having quaint
|
||
|
ideas about computer security, hacking, and data privacy;
|
||
|
it is quite possible that an American passing through
|
||
|
London could be detained for some obscure violation years
|
||
|
in the past.)
|
||
|
- this is especially worrisome in a society in which legal
|
||
|
codes fill entire rooms and in which nearly every day
|
||
|
produces some violation of some law
|
||
|
11.9.2. "What about the privacy issues with home shopping, set-top
|
||
|
boxes, advertisers, and the NII?"
|
||
|
- Do we want our preferences in toothpaste fed into databases
|
||
|
so that advertisers can target us? Or that our food
|
||
|
purchases be correlated and analyzed by the government to
|
||
|
spot violations of the Dietary Health Act?
|
||
|
- First, laws which tell people what records they are
|
||
|
"allowed" to keep are wrong-headed, and lead to police
|
||
|
state inspections of disk drives, etc. The so-called "Data
|
||
|
Privacy" laws of several European nations are a nightmare.
|
||
|
Strong crypto makes them moot.
|
||
|
- Second, it is mostly up to people to protect what they want
|
||
|
protected, not to pass laws demanding that others protect
|
||
|
it for them.
|
||
|
- In practice, this means either use cash or make
|
||
|
arrangements with banks and credit card companies that will
|
||
|
protect privacy. Determining if they have or not is another
|
||
|
issue, but various ideas suggest themselves (John Gilmore
|
||
|
says he often joins groups under variants of his name, to
|
||
|
see who is selling his name to mailing lists.)
|
||
|
- Absent any laws which forbid them, privacy-preserving
|
||
|
credit card companies will likely spring up if there's a
|
||
|
market demand. Digital cash is an example. Other variants
|
||
|
abound. Cypherpunks should not allow such alternatives to
|
||
|
be banned, and should of course work on their own such
|
||
|
systems.
|
||
|
11.9.3. credit agencies
|
||
|
- TRW Credit, Transunion, Equifax
|
||
|
- links to WitSec
|
||
|
11.9.4. selling of data bases, linking of records...
|
||
|
- several states have admitted to selling their driver's
|
||
|
license data bases
|
||
|
|
||
|
11.10. Police States and Informants
|
||
|
11.10.1. Police states need a sense of terror to help magnify the
|
||
|
power or the state, a kind of "shrechlichkeit," as the Nazis
|
||
|
used to call it. And lots of informants. Police states need
|
||
|
willing accomplices to turn in their neighbors, or even their
|
||
|
parents, just as little Pavel Morozov became a Hero of the
|
||
|
Soviet People by sending his parents to their deaths in
|
||
|
Stalin's labor camps for the crime of expressing negative
|
||
|
opinions about the glorious State.
|
||
|
- (The canonization of Pavel Morozov was recently repudiated
|
||
|
by current Russian leaders--maybe even by the late-Soviet
|
||
|
era leades, like Gorbachev--who pointed out the corrosive
|
||
|
effects of encouraging families to narc on each
|
||
|
other...something the U.S. has forgotten...will it be 50
|
||
|
years before our leaders admit that having children turn in
|
||
|
Daddy for using "illegal crypto" was not such a good idea?)
|
||
|
11.10.2. Children are encouraged in federally-mandated D.A.R.E.
|
||
|
programs to become Junior Narcs, narcing their parents out to
|
||
|
the cops and counselors who come into their schools.
|
||
|
11.10.3. The BATF has a toll-free line (800-ATF-GUNS) for snitching on
|
||
|
neighbors who one thinks are violating the federal gun laws.
|
||
|
(Reports are this is backfiring, as gun owners call the
|
||
|
number to report on local liberal politicians and gun-
|
||
|
grabbers.)
|
||
|
11.10.4. Some country we live in, eh? (Apologies to non-U.S. readers,
|
||
|
as always.)
|
||
|
11.10.5. The implications for use of crypto, for not trusting others,
|
||
|
etc., are clear
|
||
|
11.10.6. Dangers of informants
|
||
|
+ more than half of all IRS prosecutions arise out of tips by
|
||
|
spouses and ex-spouses...they have the inside dope, the
|
||
|
motive, and the means
|
||
|
- a sobering thought even in the age of crypto
|
||
|
+ the U.S. is increasing a society of narcs and stool
|
||
|
pigeons, with "CIs" (confidential informants), protected
|
||
|
witnesses (with phony IDs and lavish lifestyles), and with
|
||
|
all sorts of vague threats and promises
|
||
|
- in a system with tens of thousands of laws, nearly all
|
||
|
behavior breaks at least some laws, often unavoidably,
|
||
|
and hence a powerful sword hangs over everyone's head
|
||
|
- corrosion of trust, especially within families (DARE
|
||
|
program in schools encourages children to narc on their
|
||
|
parents who are "substance abusers"!)
|
||
|
|
||
|
11.11. Privacy Laws
|
||
|
11.11.1. Will proposed privacy laws have an effect?
|
||
|
+ I suspect just the opposite: the tangled web of laws-part
|
||
|
of the totalitarian freezeout-will "marginalize" more
|
||
|
people and cause them to seek ways to protect their own
|
||
|
privacy and protect themselves from sanctions over their
|
||
|
actions
|
||
|
+ free speech vs. torts, SLAPP suits, sedition charges,
|
||
|
illegal research, etc.
|
||
|
- free speech is vanishing under a torrent of laws,
|
||
|
licensing requirements, and even zoning rules
|
||
|
+ outlawing of work on drugs, medical procedures, etc.
|
||
|
- against the law to disseminate information on drug use
|
||
|
(MDMA case at Stanford), on certain kinds of birth
|
||
|
control
|
||
|
- "If encrytion is outlawed, only outlaws will have
|
||
|
encryption."
|
||
|
+ privacy laws are already causing encryption ("file
|
||
|
protection") to be mandatory in many cases, as with medical
|
||
|
records, transmission of sensitive files, etc.
|
||
|
- by itself this is not in conflict with the government
|
||
|
requirement for tappable access, but the practical
|
||
|
implementation of a two-tier system-secure against
|
||
|
civilian tappers but readable by national security
|
||
|
tappers-is a nightmare and is likely impossible to
|
||
|
achieve
|
||
|
11.11.2. "Why are things like the "Data Privacy Laws" so bad?"
|
||
|
- Most European countries have laws that limit the collection
|
||
|
of computerized records, dossiers, etc., except for
|
||
|
approved uses (and the governments themselves and their
|
||
|
agents).
|
||
|
- Americans have no such laws. I've heard calls for this,
|
||
|
which I think is too bad.
|
||
|
- While we may not like the idea of others compiling dossiers
|
||
|
on us, stopping them is an even worse situation. It gives
|
||
|
the state the power to enter businesses, homes, and examine
|
||
|
computers (else it is completely unenforceable). It creates
|
||
|
ludicrous situations in which, say, someone making up a
|
||
|
computerized list of their phone contacts is compiling an
|
||
|
illegal database! It makes e-mail a crime (those records
|
||
|
that are kept).
|
||
|
- they are themselves major invasions of privacy
|
||
|
- are you going to put me in jail because I have data bases
|
||
|
of e-mail, Usenet posts, etc.?
|
||
|
- In my opinion, advocates of "privacy" are often confused
|
||
|
about this issue, and fail to realize that laws about
|
||
|
privacy often take away the privacy rights of _others_.
|
||
|
(Rights are rarely in conflict--contract plus self-privacy
|
||
|
take care of 99% of situations where rights are purported
|
||
|
to be in conflict.)
|
||
|
11.11.3. on the various "data privacy laws"
|
||
|
- many countries have adopted these data privacy laws,
|
||
|
involving restrictions on the records that can be kept, the
|
||
|
registration of things like mailing lists, and heavy
|
||
|
penalties for those found keeping computer files deemed
|
||
|
impermissable
|
||
|
- this leads to invasions of privacy....this very Cypherpunks
|
||
|
list would have to be "approved" by a bureaucrat in many
|
||
|
countries...the oportunites (and inevitabilities) of abuse
|
||
|
are obvious
|
||
|
- "There is a central contradiction running through the
|
||
|
dabase regulations proposed by many so-called "privacy
|
||
|
advocates". To be enforceable they require massive
|
||
|
government snooping into database activities on our
|
||
|
workstatins and PCs, especially the activities of many
|
||
|
small at-home businesses (such as mailing list
|
||
|
entrepreneurs who often work out of the home).
|
||
|
|
||
|
"Thus, the upshot of these so-called "privacy" regulations
|
||
|
is to destroy our last shreds of privacy against
|
||
|
government, and calm us into blindly letting even more of
|
||
|
the details of our personal lives into the mainframes of
|
||
|
the major government agencies and credit reporting
|
||
|
agenices, who if they aren't explicitly excepted from the
|
||
|
privacy laws (as is common) can simply evade them by using
|
||
|
offshore havesn, mutual agreements with foreign
|
||
|
investigators, police and intelligence agencies." [Jim
|
||
|
Hart, 1994-09-08]
|
||
|
11.11.4. "What do Cypherpunks think about this?"
|
||
|
+ divided minds...while no one likes being monitored, the
|
||
|
question is how far one can go to stop others from being
|
||
|
monitored
|
||
|
- "Data Privacy Laws" as a bad example: tramples on freedom
|
||
|
to write, to keep one's computer private
|
||
|
11.11.5. Assertions to data bases need to be checked (credit,
|
||
|
reputation, who said what, etc.)
|
||
|
- if I merely assert that Joe Blow no longer is employed, and
|
||
|
this spreads...
|
||
|
|
||
|
11.12. National ID Systems
|
||
|
11.12.1. "National ID cards are just the driver's licenses on the
|
||
|
Information Superhighway." [unknown...may have been my
|
||
|
coining]
|
||
|
11.12.2. "What's the concern?"
|
||
|
11.12.3. Insurance and National Health Care will Produce the "National
|
||
|
ID" that will be Nearly Unescapable
|
||
|
- hospitals and doctors will have to have the card...cash
|
||
|
payments will evoke suspicion and may not even be feasible
|
||
|
11.12.4. National ID Card Arguments
|
||
|
- "worker's permit" (another proposal, 1994-08, that would
|
||
|
call for a national card authorizing work permission)
|
||
|
- immigration, benefit
|
||
|
- possible tie-in to the system being proposed by the US
|
||
|
Postal Service: a registry of public keys (will they also
|
||
|
"issue" the private-public key pair?)
|
||
|
- software key escrow and related ideas
|
||
|
- "I doubt that one would only have to "flash" your card and
|
||
|
be on your way. More correctly, one would have to submit
|
||
|
to being "scanned" and be on your way. This would also
|
||
|
serve to be a convienient locator tag if installed in the
|
||
|
toll systems and miscellaneous "security checkpoints". Why
|
||
|
would anyone with nothing to hide care if your every move
|
||
|
could be monitored? Its for your own good, right? Pretty
|
||
|
soon sliding your ID into slots in everyplace you go will
|
||
|
be common." [Korac MacArthur, comp.org.eff.talk, 1994-07-
|
||
|
25]
|
||
|
11.12.5. "What are some concerns about Universal ID Cards?"
|
||
|
- "Papierren, bitte! Schnell!
|
||
|
- that they would allow traceability to the max (as folks
|
||
|
used to say)... tracking of movements, erosion of privacy
|
||
|
- that they would be required to be used for banking
|
||
|
transactions, Net access, etc. (As usual, there may be
|
||
|
workarounds, hacks, ...)
|
||
|
- "is-a-person" credentially, where government gets involved
|
||
|
in the issuance of cryptographic keys (a la the USPS
|
||
|
proposal), where only "approved uses" are allowed, etc.
|
||
|
- timestamps, credentials
|
||
|
11.12.6. Postal Service trial balloon for national ID card
|
||
|
- "While it is true that they share technology, their intent
|
||
|
and purpose is very different. Chaum's proposal has as its
|
||
|
intent and purpose to provide and protect anonymity in
|
||
|
financial transactions. The intent and purpose of the US
|
||
|
Postal Service is to identify and authenticate you to the
|
||
|
government and to guarantee the traceability of all
|
||
|
financial transactions." [WHMurray, alt.privacy, 1994-07-
|
||
|
04]
|
||
|
11.12.7. Scenario for introduction of national ID cards
|
||
|
- Imagine that vehicle registrations require presentation of
|
||
|
this card (gotta get those illegals out of their cars, or,
|
||
|
more benignly, the bureaucracy simply makes the ID cars
|
||
|
part of their process).
|
||
|
- Instantly this makes those who refuse to get an ID card
|
||
|
unable to get valid license tags. (Enforcement is already
|
||
|
pretty good....I was pulled over a couple of times for
|
||
|
either forgetting to put my new stickers on, or for driving
|
||
|
with Oregon expired tags.)
|
||
|
+ The "National Benefits Card," for example, is then required
|
||
|
to get license plate tags.and maybe other things, like car
|
||
|
and home insurance, etc. It would be very difficult to
|
||
|
fight such a card, as one could not drive, could not pay
|
||
|
taxes ("Awhh!" I hear you say, but consider the penalties,
|
||
|
the tie-ins with employers, etc. You can run but you can't
|
||
|
hide.)
|
||
|
- the national ID card would presumably be tied in to
|
||
|
income tax filings, in various ways I won't go into here.
|
||
|
The Postal Service, aiming to get into this area I guess,
|
||
|
has floated the idea of electronic filing, ID systems,
|
||
|
etc.
|
||
|
11.12.8. Comments on national ID cards
|
||
|
- That some people will be able to skirt the system, or that
|
||
|
the system will ultimately be unenforceable, does not
|
||
|
lessen the concern. Things can get real tough in the
|
||
|
meantime.
|
||
|
- I see great dangers here, in tying a national ID card to
|
||
|
transactions we are essentially unable to avoid in this
|
||
|
society: driving, insurance (and let's not argue
|
||
|
insurance...I mean it is unavoidable in the sense of legal
|
||
|
issues, torts, etc.), border crossings, etc. Now how will
|
||
|
one file taxes without such a card if one is made mandatory
|
||
|
for interactions with the government? Saying "taxes are not
|
||
|
collectable" is not an adequate answer. They may not be
|
||
|
collectible for street punks and others who inhabit the
|
||
|
underground economy, but they sure are for most of us.
|
||
|
|
||
|
11.13. National Health Care System Issues
|
||
|
11.13.1. Insurance and National Health Care will Produce the "National
|
||
|
ID" that will be Nearly Unescapable
|
||
|
- hospitals and doctors will have to have the card...cash
|
||
|
payments will evoke suspicion and may not even be feasible
|
||
|
11.13.2. I'm less worried that a pharmacist will add me to some
|
||
|
database he keeps than that my doctor will be instructed to
|
||
|
compile a dossier to government standards and then zip it off
|
||
|
over the Infobahn to the authorities.
|
||
|
11.13.3. Dangers and issues of National Health Care Plan
|
||
|
- tracking, national ID card
|
||
|
- "If you think the BATF is bad, wait until the BHCRCE goes
|
||
|
into action. "What is the BHCRCE?" you ask. Why, it the
|
||
|
Burea of Health Care Reform Compliance Enforcement - the
|
||
|
BATF, FBI, FDA, CIA and IRS all rolled into one." [Dave
|
||
|
Feustel, talk.politics.guns, 1994-08-19]
|
||
|
- Bill Stewart has pointed out the dangers of children having
|
||
|
social security numbers, of tracking systems in schools and
|
||
|
hospitals, etc.
|
||
|
|
||
|
11.14. Credentials
|
||
|
11.14.1. This is one of the most overlooked and ignored aspects of
|
||
|
cryptology, especially of Chaum's work. And no one in
|
||
|
Cypherpunks or anywhere else is currently working on "blinded
|
||
|
credentials" for everyday use.
|
||
|
11.14.2. "Is proof of identity needed?"
|
||
|
- This question is debated a lot, and is important. Talk of a
|
||
|
national ID card (what wags call an "internal passport") is
|
||
|
in the air, as part of health care, welfare, and
|
||
|
immigration legislation. Electronic markets make this also
|
||
|
an issue for the ATM/smart card community. This is also
|
||
|
closely tied in with the nature of anonymous reamailers
|
||
|
(where physical identity is of course generally lacking).
|
||
|
+ First, "identity" can mean different things:
|
||
|
- Conventional View of Identity: Physical person, with
|
||
|
birthdate, physical characteristics, fingerprints, social
|
||
|
security numbers, passports, etc.--the whole cloud of
|
||
|
"identity" items. (Biometric.)
|
||
|
- Pseudonym View of Identity: Persistent personnas,
|
||
|
mediated with cryptography. "You are your key."
|
||
|
- Most of us deal with identity as a mix of these views: we
|
||
|
rarely check biometric credentials, but we also count on
|
||
|
physical clues (voice, appearance, etc.). I assume that
|
||
|
when I am speaking to "Duncan Frissell," whom I've never
|
||
|
met in person, that he is indeed Duncan Frissell. (Some
|
||
|
make the jump from this expectation to wanting the
|
||
|
government enforce this claim, that is, provided I.D.)
|
||
|
+ It is often claimed that physical identity is important in
|
||
|
order to:
|
||
|
- track down cheaters, welchers, contract breakes, etc.
|
||
|
- permit some people to engage in some transactions, and
|
||
|
forbid others to (age credentials, for drinking, for
|
||
|
example, or---less benignly--work permits in some field)
|
||
|
- taxation, voting, other schemes tied to physical
|
||
|
existence
|
||
|
+ But most of us conduct business with people without ever
|
||
|
verifying their identity credentials...mostly we take their
|
||
|
word that they are "Bill Stewart" or "Scott Collins," and
|
||
|
we never go beyond that.
|
||
|
- this could change as digital credentials proliferate and
|
||
|
as interactions cause automatic checks to be made (a
|
||
|
reason many of us have to support Chaum's "blinded
|
||
|
credentials" idea--without some crypto protections, we'll
|
||
|
be constantly tracked in all interactions).
|
||
|
+ A guiding principle: Leave this question of whether to
|
||
|
demand physical ID credentials up to the *parties
|
||
|
involved*. If Alice wants to see Bob's "is-a-person"
|
||
|
credential, and take his palmprint, or whatever, that's an
|
||
|
issue for them to work out. I see no moral reason, and
|
||
|
certainly no communal reason, for outsiders to interfere
|
||
|
and insist that ID be produced (or that ID be forbidden,
|
||
|
perhaps as some kind of "civil rights violation"). After
|
||
|
all, we interact in cyberspace, on the Cypherpunks list,
|
||
|
without any such external controls on identity.
|
||
|
- and business contracts are best negotiated locally, with
|
||
|
external enforcement contracted by the parties (privately-
|
||
|
produced law, already seen with insurance companies,
|
||
|
bonding agents, arbitration arrangements, etc.)
|
||
|
- Practically speaking, i.e., not normatively speaking,
|
||
|
people will find ways around identity systems. Cash is one
|
||
|
way, remailers are another. Enforcement of a rigid identity-
|
||
|
based system is difficult.
|
||
|
11.14.3. "Do we need "is-a-person" credentials for things like votes
|
||
|
on the Net?"
|
||
|
- That is, any sysadmin can easily create as many user
|
||
|
accounts as he wishes. And end users can sign up with
|
||
|
various services under various names. The concern is that
|
||
|
this Chicago-style voting (fictitious persons) may be used
|
||
|
to skew votes on Usenet.
|
||
|
- Similar concerns arise elsewhere.
|
||
|
- In my view, this is a mighty trivial reason to support "is-
|
||
|
a-person" credentials.
|
||
|
11.14.4. Locality, credentials, validations
|
||
|
+ Consider the privacy implications of something so simple as
|
||
|
a parking lot system. Two main approaches:
|
||
|
- First Approach. Cash payment. Car enters lot, driver pays
|
||
|
cash, a "validation" is given. No traceability exists.
|
||
|
(There's a small chance that one driver can give his
|
||
|
sticker to a new driver, and thus defraud the parking
|
||
|
lot. This tends not to happen, due to the inconveniences
|
||
|
of making a market in such stickers (coordinating with
|
||
|
other car, etc.) and because the sticker is relatively
|
||
|
inexpensive.)
|
||
|
- Second Approach. Billing of driver, recording of license
|
||
|
plates. Traceability is present, especially if the local
|
||
|
parking lot is tied in to credit card companies, DMV,
|
||
|
police, etc. (these link-ups are on the wish list of
|
||
|
police agencies, to further "freeze out" fugitives, child
|
||
|
support delinquents, and other criminals).
|
||
|
- These are the concerns of a society with a lot of
|
||
|
electronic payments but with no mechanisms for preserving
|
||
|
privacy. (And there is currently no great demand for this
|
||
|
kind of privacy, for a variety of reasons, and this
|
||
|
undercuts the push for anonymous credential methods.)
|
||
|
- An important property of true cash (gold, bank notes that
|
||
|
are well-trusted) is that it settles immediately, requiring
|
||
|
no time-binding of contracts (ability to track down the
|
||
|
payer and collect on a bad transaction)
|
||
|
|
||
|
11.15. Records of all UseNet postings
|
||
|
11.15.1. (ditto for CompuServe, GEnie, etc.) will exist
|
||
|
11.15.2. "What kinds of monitoring of the Net is possible?"
|
||
|
- Archives of all Usenet traffic. This is already done by
|
||
|
commercial CD-ROm suppliers, and others, so this would be
|
||
|
trivial for various agencies.
|
||
|
- Mail archives. More problematic, as mail is ostensibly not
|
||
|
public. But mail passes through many sites, usually in
|
||
|
unencrypted form.
|
||
|
- Traffic analysis. Connections monitored. Telnet, ftp, e-
|
||
|
mail, Mosaid, and other connections.
|
||
|
- Filtered scans of traffic, with keyword-matched text stored
|
||
|
in archives.
|
||
|
11.15.3. Records: note that private companies can do the same thing,
|
||
|
except that various "right to privacy" laws may try to
|
||
|
interfere with this
|
||
|
- which causes its own constitutional privacy problems, of
|
||
|
course
|
||
|
11.15.4. "How can you expect that something you sent on the UseNet to
|
||
|
several thousand sites will not be potentially held against
|
||
|
you? You gave up any pretense of privacy when you broadcast
|
||
|
your opinions-and even detailed declarations of your
|
||
|
activities-to an audience of millions. Did you really think
|
||
|
that these public messages weren't being filed away? Any
|
||
|
private citizen would find it almost straightforward to sort
|
||
|
a measly several megabytes a day by keywords, names of
|
||
|
posters, etc." [I'm not sure if I wrote this, or if someone
|
||
|
else who I forgot to make a note of did]
|
||
|
11.15.5. this issue is already coming up: a gay programmer who was
|
||
|
laid-off discussed his rage on one of the gay boards and said
|
||
|
he was thinking of turning in his former employer for
|
||
|
widespread copying of Autocad software...an Autodesk employee
|
||
|
answered him with "You just did!"
|
||
|
11.15.6. corporations may use GREP and On Location-like tools to
|
||
|
search public nets for any discussion of themselves or their
|
||
|
products
|
||
|
- by big mouth employees, by disgruntled customers, by known
|
||
|
critics, etc.
|
||
|
- even positive remarks that may be used in advertising
|
||
|
(subject to various laws)
|
||
|
11.15.7. the 100% traceability of public postings to UseNet and other
|
||
|
bulletin boards is very stifling to free expression and
|
||
|
becomes one of the main justifications for the use of
|
||
|
anonymous (or pseudononymous) boards and nets
|
||
|
- there may be calls for laws against such compilation, as
|
||
|
with the British data laws, but basically there is little
|
||
|
that can be done when postings go to tens of thousands of
|
||
|
machines and are archived in perpetuity by many of these
|
||
|
nodes and by thousands of readers
|
||
|
- readers who may incorporate the material into their own
|
||
|
postings, etc. (hence the absurdity of the British law)
|
||
|
|
||
|
11.16. Effects of Surveillance on the Spread of Crypto
|
||
|
11.16.1. Surveillance and monitoring will serve to increase the use of
|
||
|
encryption, at first by people with something to hide, and
|
||
|
then by others
|
||
|
- a snowballing effect
|
||
|
- and various government agencies will themselves use
|
||
|
encryption to protect their files and their privacy
|
||
|
11.16.2. for those in sensitive positions, the availability of new
|
||
|
bugging methods will accelerate the conversion to secure
|
||
|
systems based on encrypted telecommunications and the
|
||
|
avoidance of voice-based systems
|
||
|
11.16.3. Surveillance Trends
|
||
|
+ Technology is making citizen-unit surveillance more and
|
||
|
more trivial
|
||
|
+ video cameras on every street corners are technologically
|
||
|
easy to implement, for example
|
||
|
- or cameras in stores, in airports, in other public
|
||
|
places
|
||
|
- traffic cameras
|
||
|
- tracking of purchases with credit cards, driver's
|
||
|
licenses, etc.
|
||
|
- monitoring of computer emissions (TEMPEST issues, often a
|
||
|
matter of paranoid speculation)
|
||
|
+ interception of the Net...wiretapping, interception of
|
||
|
unencrypted communications, etc.
|
||
|
- and compilation of dossier entries based on public
|
||
|
postings
|
||
|
+ This all makes the efforts to head-off a person-tracking,
|
||
|
credentials-based society all the more urgent.
|
||
|
Monkeywrenching, sabotage, public education, and
|
||
|
development of alternatives are all needed.
|
||
|
- If the surveillance state grows as rapidly as it now
|
||
|
appears to be doing, more desperate measures may be
|
||
|
needed. Personally, I wouldn't shed any tears if
|
||
|
Washington, D.C. and environs got zapped with a terrorist
|
||
|
nuke; the innocents would be replaced quickly enough, and
|
||
|
the death of so many political ghouls would surely be
|
||
|
worth it. The destruction of Babylon.
|
||
|
+ We need to get the message about "blinded credentials"
|
||
|
(which can show some field, like age, without showing all
|
||
|
fields, including name and such) out there. More
|
||
|
radically, we need to cause people to question why
|
||
|
credentials are as important as many people seem to
|
||
|
think.
|
||
|
- I argue that credentials are rarely needed for mutually
|
||
|
agreed-upon transactions
|
||
|
|
||
|
11.17. Loose Ends
|
||
|
11.17.1. USPS involvement in electronic mail, signatures,
|
||
|
authentication (proposed in July-August, 1994)
|
||
|
+ Advantages:
|
||
|
- many locations
|
||
|
- a mission already oriented toward delivery
|
||
|
+ Disadvantages:
|
||
|
- has performed terribly, compared to allowed compettion
|
||
|
(Federal Express, UPS, Airborne, etc.)
|
||
|
- it's linked to the goverment (now quasi-independent, but
|
||
|
not really)
|
||
|
- could become mandatory, or competition restricted to
|
||
|
certain niches (as with the package services, which
|
||
|
cannot have "routes" and are not allowed to compete in
|
||
|
the cheap letter regime)
|
||
|
- a large and stultified bureaucracy, with union labor
|
||
|
- Links to other programs (software key escrow, Digital
|
||
|
Telephony) not clear, but it seems likely that a quasi-
|
||
|
governemt agency like the USPS would be cooperative with
|
||
|
government, and would place limits on the crypto systems
|
||
|
allowed.
|
||
|
11.17.2. the death threats
|
||
|
+ An NSA official threatened to have Jim Bidzos killed if he
|
||
|
did not change his position on some negotiation underway.
|
||
|
This was reported in the newspaper and I sought
|
||
|
confirmation:
|
||
|
- "Everything reported in the Merc News is true. I am
|
||
|
certain that he wasnot speaking for the agency, but when
|
||
|
it happened he was quite serious, at least appeared to
|
||
|
be. There was a long silence after he made the threat,
|
||
|
with a staring contest. He was quite intense.
|
||
|
|
||
|
"I respect and trust the other two who were in the room
|
||
|
(they were shocked and literally speechless, staring into
|
||
|
their laps) and plan to ask NSA for a written apology and
|
||
|
confirmation that he was not speaking for the agency.
|
||
|
We'll see if I get it. If the incident made it into
|
||
|
their trip reports, I have a chance of getting a letter."
|
||
|
[jim@RSA.COM (Jim Bidzos), personal communication, posted
|
||
|
with permission to talk.politics.crypto, 1994-06-28]
|
||
|
11.17.3. False identities...cannot just be "erased" from the computer
|
||
|
memory banks. The web of associations, implications, rule
|
||
|
firings...all mean that simple removal (or insertion of a
|
||
|
false identity) produces discontinuities, illogical
|
||
|
developments, holes...history is not easily changed.
|