Tankar 1998-12-29
Jag var och såg filmen  igår och den var mycket tänkvärd. Den
handlar om hur Amerikanska myndigheter bevakar medborgarna via sateliter och modern
teknik. Hur de regelmässigt söker igenom E-Post med program som söker efter
nyckelord.Det var en intressant film som blottlägger de risker som tekniken medför vad
gäller den personliga integriteten. Mycket av det som filmen berättade är en verklighet idag. NSA som
är den myndighet som söker av Internet efter E-Post med text som innehåller ord som
terrorister använder i sitt språkbruk får givetvis även med en del privat E-Post när
de scannar nätet. Jag blev lite nyfiken hur detta förhöll sig och hittade en site som
berättade om detta. Givetvis är detta hemligt och inget som myndigheter berättar om.
Läs här om SPY Station F83 som i en artikel från Sunday Times
avslöjar hur spionaget går till i Storbrittanien. Vad skall man då göra för att
skydda sig mot att andra läser vad man skriver i sin privata E-Post? Ett program som jag
själv använder är Pretty Good Privacy
eller PGP. PGP krypterar E-Post samt bifogade filer vilket gör att det krävs dagar,
veckor eller år att dekryptera en fil utan den korresponderande nyckeln. Varför ska man
då kryptera sin E-post? Varför stoppar man en del brev i kuvert? Ja, läs vad en av
skaparna av PGP, Philip Zimmermann skriver i PGP's user guide:
Why Do You Need PGP? By
Philip Zimmermann
====================
It's personal. It's private. And it's no one's business but yours.
You may be planning a political campaign, discussing your taxes, or having an illicit
affair. Or you may be doing something that you
feel shouldn't be illegal, but is. Whatever it is, you don't want
your private electronic mail (E-mail) or confidential documents read
by anyone else. There's nothing wrong with asserting your privacy.
Privacy is as apple-pie as the Constitution.
Perhaps you think your E-mail is legitimate enough that encryption is unwarranted. If you
really are a law-abiding citizen with nothing to hide, then why don't you always send your
paper mail on postcards?
Why not submit to drug testing on demand? Why require a warrant for police searches of
your house? Are you trying to hide something?
You must be a subversive or a drug dealer if you hide your mail
inside envelopes. Or maybe a paranoid nut. Do law-abiding citizens
have any need to encrypt their E-mail?
What if everyone believed that law-abiding citizens should use
postcards for their mail? If some brave soul tried to assert his
privacy by using an envelope for his mail, it would draw suspicion.
Perhaps the authorities would open his mail to see what he's hiding.
Fortunately, we don't live in that kind of world, because everyone
protects most of their mail with envelopes. So no one draws suspicion by asserting their
privacy with an envelope. There's safety in numbers. Analogously, it would be nice if
everyone routinely used encryption for all their E-mail, innocent or not, so that no one
drew suspicion by asserting their E-mail privacy with encryption. Think of it as a form of
solidarity.
Today, if the Government wants to violate the privacy of ordinary
citizens, it has to expend a certain amount of expense and labor to
intercept and steam open and read paper mail, and listen to and
possibly transcribe spoken telephone conversation. This kind of
labor-intensive monitoring is not practical on a large scale. This
is only done in important cases when it seems worthwhile.
More and more of our private communications are being routed through electronic channels.
Electronic mail is gradually replacing
conventional paper mail. E-mail messages are just too easy to
intercept and scan for interesting keywords. This can be done
easily, routinely, automatically, and undetectably on a grand scale.
International cablegrams are already scanned this way on a large
scale by the NSA.
We are moving toward a future when the nation will be crisscrossed
with high capacity fiber optic data networks linking together all our
increasingly ubiquitous personal computers. E-mail will be the norm for everyone, not the
novelty it is today. The Government will
protect our E-mail with Government-designed encryption protocols.
Probably most people will acquiesce to that. But perhaps some people will prefer their own
protective measures.
Senate Bill 266, a 1991 omnibus anti-crime bill, had an unsettling
measure buried in it. If this non-binding resolution had become real
law, it would have forced manufacturers of secure communications
equipment to insert special "trap doors" in their products, so that
the Government can read anyone's encrypted messages. It reads: "It
is the sense of Congress that providers of electronic communications services and
manufacturers of electronic communications service equipment shall insure that
communications systems permit the Government to obtain the plain text contents of voice,
data, and other communications when appropriately authorized by law." This measure
was defeated after rigorous protest from civil libertarians and industry groups.
In 1992, the FBI Digital Telephony wiretap proposal was introduced to Congress. It would
require all manufacturers of communications
equipment to build in special remote wiretap ports that would enable the FBI to remotely
wiretap all forms of electronic communication from FBI offices. Although it never
attracted any sponsors in Congress in 1992 because of citizen opposition, it was
reintroduced in 1994.
Most alarming of all is the White House's bold new encryption policy initiative, under
development at NSA since the start of the Bush administration, and unveiled April 16th,
1993. The centerpiece of this initiative is a Government-built encryption device, called
the
"Clipper" chip, containing a new classified NSA encryption
algorithm. The Government is encouraging private industry to design it into all their
secure communication products, like secure phones, secure FAX, etc. AT&T is now
putting the Clipper into their secure voice products. The catch: At the time of
manufacture, each Clipper chip will be loaded with its own unique key, and the Government
gets to keep a copy, placed in escrow. Not to worry, though-- the Government promises that
they will use these keys to read your traffic only when duly authorized by law. Of course,
to make Clipper completely effective, the next logical step would be to outlaw other forms
of cryptography.
If privacy is outlawed, only outlaws will have privacy. Intelligence
agencies have access to good cryptographic technology. So do the big arms and drug
traffickers. So do defense contractors, oil companies, and other corporate giants. But
ordinary people and grassroots political organizations mostly have not had access to
affordable "military grade" public-key cryptographic technology. Until now.
PGP empowers people to take their privacy into their own hands.
There's a growing social need for it. That's why I wrote it.
Hela texten finns på/More on: ftp://ftp.pgpi.com/pub/pgp/2.x/doc/pgpdoc1.txt |
|