Encryption now illegal?
So design a coded system and you go to jail? The madness of Biden and his club...
They must shit there pants for the people with some IQ :-)
On a sunny day (Tue, 16 Mar 2021 00:13:53 -0700) it happened John Robertson snipped-for-privacy@flippers.com wrote in snipped-for-privacy@giganews.com:
It says: "Canadian sentenced for selling encrypted phones to criminals" That is differrent: Customer: Can I have this phone? Seller: Are you a criminal? Customer: No I am a good guy. Seller: OK here it is :-)
This happened in 2019 under Trump's watch.
John
It certainly is in France. It's merely tolerated for certain applications.
Jeroen Belleman
Yes, it is very different.
Making or selling something that can be used for multiple purposes, including some criminal uses, is one thing. Doing so for something whose only realistic use is criminal is another. There is a line here, from pure white (like selling hammers, even though some are used to smash windows and break into houses) to pure black (selling a DIY meth lab kit). I don't know the details of this company and its customer - and nor do you - but it sounds like the authorities see them as very much at the black end of the scale. The fact that a few of your devices are bought by dissidents behind the Great Firewall of China (or whatever) does not excuse you if you know that 95% of your customers are organised criminals. The right to privacy is like the right to free speech - it is critical to our society and way of life, but it is not without its limits.
I think the Electronic Frontier Foundation guy put it well:
""" We contacted the Electronic Frontier Foundation today about this case and about the legality of selling encrypted devices. EFF Senior Staff Attorney Andrew Crocker responded, "Providing an encrypted communications platform to the public is not and should not be illegal, regardless of whether users of the platform engage in illegal activity. In this case, the defendant is accused of knowingly aiding criminal enterprises, which is a separate matter." """
On a sunny day (Tue, 16 Mar 2021 08:44:43 -0000 (UTC)) it happened John Doe snipped-for-privacy@message.header wrote in <s2pr5r$jo5$ snipped-for-privacy@dont-email.me:
It is not difficult for Big Sucker to call a company making encryption stuff criminal, like they do with China, Russia, Venezuela, Iran, you name it wherever they want to rule next.
Who realy is a criminal ? Who defines that? One in one counry is a hero in an other. OTP encryption is as old as the world. And when? Selling hash was a crime, booze in the old days the same, just a bunch of flipping any which way the wind of support for their egos blows polly tick sians . BLOWS? Oh yea.. grrr
France once outlawed the ownership of semaphore flags. Sekrit military technology, that is...
Telecommunication is still a hot issue in many countries, and severely regulated.
Jeroen Belleman
He was a deliberate accessory to crimes. That would be illegal if he knowingly sold them paper clips to pick locks.
People no doubt died.
How about zipping files with a password? A double or triple encrypted zip couldn't be cracked.
Maybe, but the more likely thing is that they'll make you pay an exorbitant fine or simply lock you up. Isn't that how it works in the US too? IIRC, the inventor of PGP got into some trouble for publishing his work.
Jeroen Belleman
He was investigated but no charges were ever filed.
Will some government intercept every email and see if it contains an encrypted file? Probably not. They'll look for criminal activity first. It is illegal to use the US mail or telephone systems to assist criminal activity. It used to be a criminal offense to mail an erotic letter to your wife.
Millions of people could send one another emails full of random binary data attachments. Imagine a city full of supercomputers struggling with that.
It's not likely if there is no suspicion of malfeasance, I suppose.
Isn't that what the NSA is reputed to be doing?
Jeroen Belleman
Seems to me that with enormous memory sticks and USB hard drives, people would use one-time-pads for unbreakable messages.
They worked around that by printing the listings in book form, using a very OCR-able typeface -- and adding a checksum of the expected contents of each (eventually) digitized page to the bottom of each print page.
"Are you telling me I can't publish a *book*?"
It's the same bloody story - it started under Trump's presidency as per my link - you do realize that law enforcement agencies are supposed to be independent of the president, unless he appoints toadies.
Now who can we think of who did that?
John
Unbreakable cryptography is extremely simple. The RSA algorithm is well understood, and straightforward to implement (though it's a challenge to do it efficiently). The biggest key that has been broken (to the public knowledge) is 829 bits long - and the work needed to break keys by integer factorisation increases exponentially by bit size. 1024 bit keys will likely be feasible some day - if you are the NSA and are willing to spend months of computer time at the task. 2048 bit keys are beyond any reasonable expectation, and 4096 bit keys are beyond any unreasonable expectation (including with dramatic new algorithms). By the time you get to 8192 bit keys, there isn't enough energy in the universe to do the calculations - as every calculation has a minimum energy requirement, regardless of the method. (Quantum computing, for example, does not get around this.)
People selling vastly expensive "quantum encryption systems" will tell you that quantum computers will break RSA because Shor's algorithm scales in polynomial time, not exponential time. They helpfully omit that it needs scaling in size too, and the polynomials involved are big. Medium-sized RSA keys would need billions of qbits staying coherent for months, when getting more than a dozen qbits to keep stable for milliseconds needs top-class engineering. The current record for factoring a number with Shor's algorithm is 21 (the number 21, not a
21-bit number). They tried to factor 35 too, but the errors accumulated too fast.In practice, 2048 bit RSA keys may be considered perfectly secure. Anyone trying to break it will use the three B's (burglary, bribery or blackmail) or rubber hose cryptoanalysis. So anything bigger does not strengthen the protection.
LOL!
Just as bad if not worse. At least if you are convicted you get a finite sentence.
In 2013, an article on "Zimmermann's Law" quoted Phil Zimmermann as saying "The natural flow of technology tends to move in the direction of making surveillance easier", and "the ability of computers to track us doubles every eighteen months",
Lol. What a lack of imagination. I bet it would take Jan about 15 minutes to figure out the flaw in that idea and how to get around it.
When you know nothing of technology, you should not try to analyze it. One time pads are just random numbers (with a casual use of the profane word, "just'). How to generate them is the first mistake, potentially. The second is thinking your one time pad is secure from being snooped. It had to be shared between two people. How does that happen in a practical and effective manner?
In the circles that worry with such stuff, one time pads are one of the lesser methods of secure comms because of many factors. In our circles the biggest reason one time pads are not used is, "Oh, look! Shiny!"
I have tried to get CMs to understand a need for security of my design information. They think having a login password does the trick. <face-palm>
ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.