[107907] in Cypherpunks
[ISN] Crypto can save lives (fwd)
daemon@ATHENA.MIT.EDU (jei@zor.hut.fi)
Thu Jan 28 00:35:34 1999
From: jei@zor.hut.fi
Date: Thu, 28 Jan 1999 07:14:48 +0200 (EET)
To: cypherpunks@toad.com
Reply-To: jei@zor.hut.fi
---------- Forwarded message ----------
Date: Wed, 27 Jan 1999 13:35:12 -0700 (MST)
From: mea culpa <jericho@dimensional.com>
To: InfoSec News <isn@repsec.com>
Subject: [ISN] Crypto can save lives
Forwarded From: Adam Bisaro <adbisaro@dg.dgtech.com>
http://www.zdnet.com/zdnn/stories/news/0,4586,2193928,00.html
Crypto can save lives
Human rights groups use encryption to fight back against repression.
By Alan Boyle, MSNBC
On the other hand, human rights groups are using strong cryptography and
other Internet tools to fight those same repressive governments. "A
growing percentage of human rights work will take place in cyberspace,"
one activist predicts.
Cyber-activism goes back almost as far as the Internet itself. But the
rise of the Internet in the developing world - even in countries ruled by
repressive regimes - has given activists an increasingly valuable lifeline
to supporters around the world.
The human rights dimension of the Internet was the theme of a session
Friday at the annual meeting of the American Association for the
Advancement of Science. "Human rights groups are relying on the Internet
more and more to speak out, document and draw the world's attention to
human rights violations," said Stephen Hansen of AAAS' Directorate for
Science and Policy Programs.
To be sure, there's a dark side as well as a bright side to the story:
Some governments are finding ways to eavesdrop on the Internet, just as
they monitor mail and phone communications. One need look no further than
the case of Web designer Lin Hai, who China sentenced Wednesday to two
years in prison for exchanging thousands of e-mail addresses with a
U.S.-based dissident publication. In cooperation with the Digital Freedom
Network, the AAAS mounted a Web-based e-mail campaign calling for Lin's
release, but to no avail. China isn't the only nation where dissidents
have been detained for their use of the Net. Similar cases have been
reported in Turkey, Bahrain and Indonesia.
Keeping Private
Hansen said human rights advocates had to take the same precautions they
would take using other means of communications.
"Messages can be intercepted. Creators of Web sites can be labeled as
subversive and arrested, as we have just seen in China. Live chatting on
the Internet can lend itself to eavesdropping, with the identity and
location of the participant easily discove red," he said. Among the
strategies Hansen and others said were being used to circumvent government
snoops: Web-based e-mail accounts, which can't easily be traced back to
the individual user. Anonymous remailers, which pass along e-mail
messages while concealing the identity of the sender. Proxy servers that
let Web surfers access sites without leaving an identifying trail.
One-to-one Internet Relay Chat sessions, which provide more
confidentiality than group chats. A rotating pool of Internet Protocol
addresses for Web servers. Alex Fowler, director of public affairs for the
Electronic Frontier Foundation, explained that governments sometimes block
Web access to specific IP numbers. By switching those numbers freque ntly,
the operators of banned sites might be able to dodge the blocking
software. Steganography, a coding technique that can hide data within
seemingly innocuous files such as a scanned image or audio clip. Strong
cryptography. Several experts said encryption was the most effective - and
most controversial - way to protect data from prying eyes. The AAAS'
Patrick Ball, who worked with human rights activists in Guatemala to
document human rights abuses by that nation's military, said each day's
work was stored on laptops as encrypted data, using Pretty Good Privacy
software. After the investigatio n was complete, PGP founder Philip
Zimmerman visited the country and was profusely thanked by Ball's
Guatemalan colleagues, Ball said. "Some said they thought strong
cryptography saved the lives of their witnesses," Ball recalled.
Ultimate solution
Even crypto isn't the ultimate solution, however. For one thing, it's
still against U.S. law to export encryption products stronger than the
56-bit standard, although the international availability of stronger
software is rendering such restrictions moot.
The same tools that make the Net safe for pro-democracy dissidents also
are used by computer break-in artists, pornographers, slanderers and other
evildoers, said Philip Reitinger, senior counsel for the U.S. Justice
Department's computer crime and intell ectual property section. Moreover,
some governments simply make the use of encryption illegal - thus giving
the official snoops a clearer pretext for arresting the sender or
recipient. "They can always take the person and hang them upside down
until he tells them what's in the message ... because when you see an
encrypted message, you know it's encrypted and you can see there's
something going on," said Eric Goldstein of Human Rights Wa tch.
Goldstein, whose report focused on cyber-rights in the Middle East and
North Africa, said some governments are putting a lot of effort into
Internet regulation. "It looks like the Tunisians studied everything that
cyber-liberties groups had been saying ... and then did the opposite," he
said. But he contended that once governments open the way for Internet
access, they cannot stop the eventual flow of "objectionable" information
online. The most they can do is buy time to make the adjustment to a more
pluralistic information era, Goldstein sai d. "Most experts give the
long-term edge to users, not governments," he said.
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
