Forwarded From: Kjell Wooding <kwoodingat_private> http://www.codetalker.com/ Programmer faces crypto probe By Tim Clark Staff Writer, CNET NEWS.COM May 22, 1998, 11:40 a.m. PT URL: http://www.news.com/News/Item/0,4,22415,00.html A Silicon Valley programmer on Tuesday is slated to respond to a subpoena by an arm of the Commerce Department investigating whether a security plug-in that can be downloaded from his Web site violates U.S. laws barring the export of strong encryption. Charles Booher of Sync Systems, who wrote the SecureOffice encryption module while recovering from his third bout with cancer, said he will show up at the San Jose, California, offices of the Office of Export Enforcement, as ordered. "Sync Systems is basically me and a program I put together that nobody's paid attention to so far except for the export administration," Booher said in an interview. "I've got a regular 9 to 5 job. I do disk drive testers for a living. Crypto is just sort of like a hobby for me." Commerce Department officials declined to comment on the matter, citing departmental policy not to discuss issues that may or may not be under investigation. However, a copy of the subpoena posted on Booher's site indicates the government is investigating whether his Sync Systems has distributed 168-bit triple DES (data encryption standard) crypto software. U.S. laws generally require government approval to distribute encryption technology that is stronger than 56 bits outside the U.S. except to financial institutions. Even government approvals often require a promise that the seller will initiate a "key recovery" system within several years. Key recovery and key escrow systems give law enforcement agencies--with court approval--and businesses access to cryptographic keys that can be used to decrypt scrambled data. Booher's subpoena requires him to turn over business records, notes of phone conversations and meetings, email messages, fax transmissions, and export documents that might shed light on where the encryption software may have been distributed. But Booher said he doesn't have most of the requested information. "Basically, the documents aren't there," he said. SecureOffice hasn't been a hot-selling product, Booher said. The download from his Web site allows 40 free uses of the software, but users then can request a key to unlock the software for future uses. So far, two people have requested that key, and Booher isn't charging for it. "Basically, there has been zero interest. It has not been an overwhelming response," he said. Except from the Commerce Department, which requested Booher's source code. He has declined to turn it over so far. -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:54:22 PDT