Transport-level encryption with Tcpcrypt

Posted Aug 26, 2010 13:37 UTC (Thu) by csigler (subscriber, #1224)
In reply to: Transport-level encryption with Tcpcrypt by djao
Parent article: Transport-level encryption with Tcpcrypt

> The NSA is far too secretive for anyone to procure
> a reliable citation for such allegations.

You should have ended your comment with the above sentence. I'm not saying the NSA doesn't want to read all traffic on the Internet. However, you have _no_ proof for your claim. It is based on sheer speculation and approaches tinfoil hat-worthiness.

Clemmitt

to post comments

Transport-level encryption with Tcpcrypt

Posted Aug 26, 2010 14:23 UTC (Thu) by djao (guest, #4263) [Link] (2 responses)

To be clear, I'm not claiming that the NSA actually did block encryption software in the 1970s. I have no proof of that.

What I am claiming is that their actions of 1970 are largely irrelevant. The NSA unquestionably did block encryption software in the 1990s, and in doing so heavily damaged the development of the internet. Against that backdrop, the events of the 1970s, whether positive or negative, have no more significance than a rounding error. If the sentence you point out from the article is indeed an error, it is an extremely minor one. The major thrust of the claim (that the NSA held back public use of encryption software) is correct, even if the timeline is off.

Transport-level encryption with Tcpcrypt

Posted Aug 26, 2010 16:31 UTC (Thu) by zooko (guest, #2589) [Link] (1 responses)

Journalists (and indeed, everyone who posts things that are going to preserved for posterity, which means all of us) should strive for accuracy. If Jake can tell us from whom he heard this rumor or what else he heard about it, then that might help us learn something.

If it doesn't matter whether the rumor is true or false, then one can omit it just as well as include it.

One reason that I object to printing unsubstantiated rumors is that it reduces the credibility and impact of truths. NSA did indeed block distribution of crypto in the 1990's through means both legal (export regs, Clipper chip) and shady (pressuring Netscape and Cisco to cripple security products), and in fact they were still doing it as recently as 2007 when they pressured Sun (without any legal justification that I can see) to omit the crypto accelerator from the GPL'ed source code of the UltraSparc T2.

These things matter to me! I don't want people to be complacent or ignorant of a powerful, shadowy, ill-regulated organization interfering with freedom of speech, freedom of commerce, and democracy! Accusing them of things without evidence only serves to inure people to their real offences.

Transport-level encryption with Tcpcrypt

Posted Aug 26, 2010 16:45 UTC (Thu) by jake (editor, #205) [Link]

> If Jake can tell us from whom he heard this rumor or what else he
> heard about it, then that might help us learn something.

I read it (somewhere) within the last week or so ... as I was writing the article I did some Googling and even poking through my (voluminous) browser history to see if I could find it. The fact that I didn't should probably have made me shy away from saying it.

"It has been said ..." was basically a cop-out ... my apologies ...

If I do come up with a reference I'll post it here.

jake

Transport-level encryption with Tcpcrypt

Posted Aug 26, 2010 16:03 UTC (Thu) by gmaxwell (guest, #30048) [Link]

The fact of the NSA disrupting the public introduction and even _discussion_ of cryptographic techniques isn't really up for debate. It's stated fairly plainly in their own documents: http://cryptome.org/0001/nsa-meyer.htm

From the horses (formerly top secret) mouth: "NSA hunted diligently for a way to stop cryptography from going public."

Though I've never seen any disclosure specific to the arpanet, it would be a logical consequence of the chilling effect of their academic suppression in other areas even absent direct intervention.

But really... would you have done differently in their shoes?