[968] in cryptography@c2.net mail archive
Re: Arguments for good crypto and against GAK.
daemon@ATHENA.MIT.EDU (tzeruch@ceddec.com)
Fri Jun 6 20:19:23 1997
Date: Fri, 6 Jun 1997 18:18:25 -0400
From: tzeruch@ceddec.com
To: cryptography@c2.net
In-Reply-To: <199706062052.NAA28140@blacklodge.c2.net>
Execellent Post! I will have to remember the details to explain to some
of my nontechnical friends.
How to cheer the FBI and show the non-need of GAK:
[the following is technical - what can be done, not political - what
should be done, so don't assume I support or don't support doing these
things]
I have brought up one more point. The FBI is so good, it does not need
GAK. I like reading some of the real-crime stories about how the FBI got
the goods on the mob. In many of the cases, the meeting was in the
private, secured home or apartment where they would have difficulty
wiretapping. In two cases, they broke in and didn't leave any trace, but
managed to plant a wiretap. The stories are very interesting and show the
FBI in a good light. But it also shows that they are creative enough not
to need technological panaceas.
In one case, one agent got as far as the living room, and saw a unique
lamp. The FBI obtained a copy and planted a bug inside, broke in, and
swapped lamps. They then were able to record several months worth of
conversations.
If the wiretap is that important for them to get a warrant, I don't think
there is anyone on the list who could not (I am not saying they would)
silently compromise a computer system of a mobster or terrorist if they
could get access to the system, maybe with a virus. (And this is why there
is the big issue of physical security and validity which is too often
overlooked - have you recompiled your pgp lately?).
Since PGP's source is available, the FBI could plant an altered version
that would do something like use a fixed number for one of the primes on
the mobster's or terrorist's laptop. You could also do something similar
to the session keys with SSL.
If the FBI is too technically challenged to do even this, I don't think
that GAK will help - but they have proved in the past that they are smart
enough so that they don't need it.
