Forwarded From: Adam Bisaro <adbisaroat_private> http://www.zdnet.com/zdnn/stories/news/0,4586,2193928,00.html Crypto can save lives Human rights groups use encryption to fight back against repression. By Alan Boyle, MSNBC On the other hand, human rights groups are using strong cryptography and other Internet tools to fight those same repressive governments. "A growing percentage of human rights work will take place in cyberspace," one activist predicts. Cyber-activism goes back almost as far as the Internet itself. But the rise of the Internet in the developing world - even in countries ruled by repressive regimes - has given activists an increasingly valuable lifeline to supporters around the world. The human rights dimension of the Internet was the theme of a session Friday at the annual meeting of the American Association for the Advancement of Science. "Human rights groups are relying on the Internet more and more to speak out, document and draw the world's attention to human rights violations," said Stephen Hansen of AAAS' Directorate for Science and Policy Programs. To be sure, there's a dark side as well as a bright side to the story: Some governments are finding ways to eavesdrop on the Internet, just as they monitor mail and phone communications. One need look no further than the case of Web designer Lin Hai, who China sentenced Wednesday to two years in prison for exchanging thousands of e-mail addresses with a U.S.-based dissident publication. In cooperation with the Digital Freedom Network, the AAAS mounted a Web-based e-mail campaign calling for Lin's release, but to no avail. China isn't the only nation where dissidents have been detained for their use of the Net. Similar cases have been reported in Turkey, Bahrain and Indonesia. Keeping Private Hansen said human rights advocates had to take the same precautions they would take using other means of communications. "Messages can be intercepted. Creators of Web sites can be labeled as subversive and arrested, as we have just seen in China. Live chatting on the Internet can lend itself to eavesdropping, with the identity and location of the participant easily discove red," he said. Among the strategies Hansen and others said were being used to circumvent government snoops: Web-based e-mail accounts, which can't easily be traced back to the individual user. Anonymous remailers, which pass along e-mail messages while concealing the identity of the sender. Proxy servers that let Web surfers access sites without leaving an identifying trail. One-to-one Internet Relay Chat sessions, which provide more confidentiality than group chats. A rotating pool of Internet Protocol addresses for Web servers. Alex Fowler, director of public affairs for the Electronic Frontier Foundation, explained that governments sometimes block Web access to specific IP numbers. By switching those numbers freque ntly, the operators of banned sites might be able to dodge the blocking software. Steganography, a coding technique that can hide data within seemingly innocuous files such as a scanned image or audio clip. Strong cryptography. Several experts said encryption was the most effective - and most controversial - way to protect data from prying eyes. The AAAS' Patrick Ball, who worked with human rights activists in Guatemala to document human rights abuses by that nation's military, said each day's work was stored on laptops as encrypted data, using Pretty Good Privacy software. After the investigatio n was complete, PGP founder Philip Zimmerman visited the country and was profusely thanked by Ball's Guatemalan colleagues, Ball said. "Some said they thought strong cryptography saved the lives of their witnesses," Ball recalled. Ultimate solution Even crypto isn't the ultimate solution, however. For one thing, it's still against U.S. law to export encryption products stronger than the 56-bit standard, although the international availability of stronger software is rendering such restrictions moot. The same tools that make the Net safe for pro-democracy dissidents also are used by computer break-in artists, pornographers, slanderers and other evildoers, said Philip Reitinger, senior counsel for the U.S. Justice Department's computer crime and intell ectual property section. Moreover, some governments simply make the use of encryption illegal - thus giving the official snoops a clearer pretext for arresting the sender or recipient. "They can always take the person and hang them upside down until he tells them what's in the message ... because when you see an encrypted message, you know it's encrypted and you can see there's something going on," said Eric Goldstein of Human Rights Wa tch. Goldstein, whose report focused on cyber-rights in the Middle East and North Africa, said some governments are putting a lot of effort into Internet regulation. "It looks like the Tunisians studied everything that cyber-liberties groups had been saying ... and then did the opposite," he said. But he contended that once governments open the way for Internet access, they cannot stop the eventual flow of "objectionable" information online. The most they can do is buy time to make the adjustment to a more pluralistic information era, Goldstein sai d. "Most experts give the long-term edge to users, not governments," he said. -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:17:27 PDT