The software was classed as munitions and one needed an arms dealer’s license to publish it, including online. The creator of PGP published the full source code as a book, as these are covered under first amendment rights.
The whole thing reads like this is weak encryption that doesn’t actually work and that is what they wanted people to have for that false sense of security. That’s wild
I don’t remember the details but I listened to a few podcasts on the topics and that what exactly how the hosts presented it
I mean, it’s not great, but it’s pretty good
the software was clsssified as munitions
lol wtf
Restricting import and export of “military-grade” encryption hardware is still a thing in some countries. And this reaction from boomer politicians is not too surprising if that’s how it is advertised, rather than “encryption implemented by every cheap-ass smart appliance out there”. Which is what RSA and ECDSA are.
Encryption has played deciding roles in warfare going back to ancient times
Like, I get wanting to not give your enemies cool toys, but the way they did it here is pretty funny. Why not just… Make a new, specific classification?
Playing Devil’s Advocate - If the classification of “munitions” effectively provided all the legal protections and requirements that they wanted to apply to encryption software, it would have been a lot of wasted time and effort to create a new classification and then update all the other legal documents to include and refer to that new classification.
Like, I don’t even want to guess how many references to “munitions” exist in various laws and regulations that would have then needed to be reviewed, amended, debated in committees, and ultimately voted on.
Because pizza is a vegetable and politicians are not the most competent bunch.
Lawmakers are lazy.
Making new laws is slow.
How did they use encryption in ancient times?
I cannot recommend this book enough: https://en.wikipedia.org/wiki/The_Code_Book and your local library should have it. It’s an entertaining read.
Damn, 7th century BC, that’s amazing.
Well the Caesar Cipher is named after you-know-who, who used it. And the subsequent Vigènere Cipher has been in use since medieval times.
I wonder how it worked for them given how simple this cipher is and that messages could take months to deliver.
Probably well enough, your basic footsoldier may not have been literate, and few were probably familiar enough with ciphers in general to know or be able to recognize the technique used.
I mean soldiers were not the ones who read messages from the generals encrypted or not, they just delivered them. The messages were also sealed so if the soldiers decided to break the seal they would probably deliver it to someone literate. So I wonder if there was an instance where Caesar or Augustus messages were intercepted, and how it turned out.
How does Voldemort play into this? Which of the Harry Potter books included Caesar?
Harry Potter Et Ille Imperator Et Gaulia
Fun fact: They made encryption on Ham/GMRS radios illegal because they didn’t want the average citizenry to have access to secure off-grid comms without government spyware on networks that they control.
Reject Smarphones, Return to Amateur Radios. Just modify some radios, add a raspberry pi to do enccyption on the voice before it gets transmitted.
THEY CANT ARREST US ALL! (seriously tho, I haven’t heard of the FCC actually doing anything, unless you were jamming the airport radios or something crazy)
I think FCC still takes it pretty seriously.
just use Meshtastic/LoRa. you can use encryption and you don’t need a Ham license. your output power is limited but I’ve heard of people getting 50+ miles of range for reception.
specifically, for ham you’re not allowed to obscure the meaning of your transmissions. this means no:
- symmetric cryptography
- numbers stations (one-time pad ciphers)
- communicating in codewords (“the Falcon has left the nest, over!”
but you can use:
- compression
- commercial telegraph codes (e.g. 22415 = “Partly cloudy with a chance of showers”), as long as you’re using a public codebook
- message authentication codes (to prevent forging messages)
- (arguably) asymmetric cryptography for signatures, identity challenge/response
- encrypted control messages for hobbyist satellites (special exemption)
so authentication is possible, just not privacy.
The primary reason is the FCC can’t tell if the encrypted transmissions are commercial or otherwise illegal. The amateur bands would be full of high frequency trading brokerages, drug traffickers, and spies.
It’s illegal on licensed HAM channels, but legal on unlicensed channels like the 2.4 and 5Ghz ranges
Don’t ask me why the distinction still remains
international treaties, for one. second because lack of encryption discourages commercial/non-hobbyist use. third because the spirit of Ham is for Hams to all listen and transmit to each other.
… this sounds like a fun project for the high school electronics club
Hell is a fun project for me too lol. I wonder if I could layer it with ggwave for shit and jiggles
…they definitely can arrest a bunch of people. A better way would be to challenge it in court.
Or you could use other protocols like LoRaWAN
Encryption using IP over HAM is still illegal - you can’t access Lemmy because it’s an HTTPS site, because we live in the 21st century.
Nothing stops anyone from running a webserver without ssl, there might be an instance that does it
I know, the point is that you’re broadcasting over the radio that you’re encrypting the data over the one medium were it’s illegal to encrypt the data because the FCC thinks it’s still 1989 or whatever when it comes to amateur radio. So it’s not just that you’re doing something illegal, you’re using a registered call sign and a really loud, easily triangulatable signal to do it. It’s like putting a movie poster-sized sign on your fence that says “Rattlesnake venom for sale, inquire within.” It’s not a sustainable practice.
Ultimately, the amateur radio crowd needs to get this law 47 CFR 97.113 changed to allow an exception for encrypted internet over radio and allow for modern communications standards. Personally, I expect that it would only take one House Rep willing to score any sort of win with rural voters for this to work right now.
I wouldn’t want to browse the web without ssl in 2025
Your only choice isn’t HAM
Yes, that was indeed a very interesting story:
Zimmermann challenged these regulations in an imaginative way. In 1995, he published the entire source code of PGP in a hardback book, via MIT Press, which was distributed and sold widely. Anyone wishing to build their own copy of PGP could cut off the covers, separate the pages, and scan them using an OCR program (or conceivably enter it as a type-in program if OCR software was not available), creating a set of source code text files. One could then build the application using the freely available GNU Compiler Collection. PGP would thus be available anywhere in the world. The claimed principle was simple: export of munitions—guns, bombs, planes, and software—was (and remains) restricted; but the export of books is protected by the First Amendment. The question was never tested in court with respect to PGP. In cases addressing other encryption software, however, two federal appeals courts have established the rule that cryptographic software source code is speech protected by the First Amendment (the Ninth Circuit Court of Appeals in the Bernstein case and the Sixth Circuit Court of Appeals in the Junger case)…
(Source)
Yep, we called them crypto wars
You’re referring to the Crypto Wars
https://en.wikipedia.org/wiki/Crypto_Wars
Darknet diaries has a great episode on it. Highly recommend.
Thank you. I’ve watched a bunch of Darkness diaries (Usually ones that people on external sites say “this one is really good, you should watch it”), but I’ve found it hard to get into (the perils of a podcast’s large backlog being compared to a highlight reel). I haven’t watched this episode though, so I look forward to checking it out
It was my first one. Highly recommend -
Also anyone with a civilian GPS couldn’t use it for precise measurement because they added a deliberate error into them. It also took twenty to thirty minutes to download a gif of Samantha Foxes tits. PGP was really popular then. There were version on every dial in BBS in the US. Without a doubt someone/anyone overseas that wanted it, had it. It was a joke of security theater and didn’t last.
It wasn’t an error, as such. They had just limited the resolution available for most people. It was called “Selected Availability”.
It was described at the time by every one including the government as a deliberate error. I knew it had a name attached to it but it is inconsequential. It caused the readings to jump around randomly making the resolution somewhere are fifty to seventy five feet. Bill the blowjob bubba clinton had it turned off during his administration.
”Thank god for crypto” That hits different now.
Yep I remember the scary text the came with certain software threatening superjail if you sent the exe overseas
As some from outside of the US, I also remember you had to pinky promise you are in the US to download the good version of Mozilla.
Jail Pro.
I had one of those t-shirts in the early 00s. Got it at a Goodwill and hung it on my wall for a while
I got one in the late 1990s. I wore it on a few trips from the US to Europe and was happily never jailed.
An annoyance that came shortly after was that they were not allowed to ship the Java Runtime Environment / Development Kit with a javax.crypto library that allowed for algorithms stronger than DES (such as AES, Twofish, Blowfish, …), or long passwords, iirc.
There was some way to download something extra (Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files) and fiddle it in, but with regulation in the US, I think.
I was quite sad when I made one of my early programs based on that and it turned out to be useless to US citizens, and hard to use for everyone else. I think I made a bouncycastle-based version later, but it was basically a full rewrite.
Edit: I’m starting to remember more absurdities of the time: Even with the JCE, the best algorithm for symmetric encryption was 3DES, which was not a legal requirement, just laziness of Sun Microsystems. While it was somewhat safe, it was less than ideal and really slow.
I made a bouncycastle-based version later
I enjoy how nonsensical this must sound to people unfamiliar with Java. 🙃
lol right, must sound like Treknobabble but for the 2000s. Heck, for kids these days, it’s probably as gibberish as original Treknobabble.
I bet distant future archaeologist, be they human or alien, will assemble the bits and pieces like this: Child worker programmers would work in these inflatable tiny castles on the soft floor with their laptops. That was the last attempt to revive feudalism. Why it didn’t catch on to other office jobs remains lost in the past.
Fun fact, Google pay and other “modern” payment processors still had to use 3DES until 2020 at least (might still do, I got out of the industry).
Not all heroes wear capes
deleted by creator
You’ll love to hear that Blu-ray’s format protection creators tried making illegal publishing the hexagesimal number “09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0”. https://en.m.wikipedia.org/wiki/Illegal_number#Background.
HD DVD, not Blu Ray, a competing format
I think both shared the same key: Archive link.
that came to prominence in May 2007 is an example of a number claimed to be a secret, and whose publication or inappropriate possession is claimed to be illegal in the United States
The article doesn’t even assert it’s illegal. Just asserts someone has said so.
AACS did push with DMCA complains to remove any referente of the number back in the day. However, another article claims “No one has been arrested or charged for finding or publishing the original key”.
You are right, thanks for the correction, will edit my comment.
It’s shocking to me the major events of my life that have fallen into the memory hole. It’s not just that younger people haven’t learned about them, older people have just filtered them out. It’s like we live in an eternal now that stretches infinitely in both directions, until it abruptly changes and yet another new reality becomes our new past and future.
That’s not new, often you can look at events boomers claim to have witnessed and find actual accounts completely different, like soldiers returning home from Vietnam and getting spit on and called baby killer, feminists burning bras.
You look back further and there’s so much discrepancy between accounts of the civil war and then reconstruction, and then second rise of the kkk during these events and just 2 decades later.
Alr how do I get this shirt?
