[ISN] Crypto can save lives

From: mea culpa (jerichoat_private)
Date: Wed Jan 27 1999 - 12:35:12 PST

  • Next message: mea culpa: "[ISN] Hiring hackers to protect systems"

    Forwarded From: Adam Bisaro <adbisaroat_private>
    Crypto can save lives
    Human rights groups use encryption to fight back against repression.
    By Alan Boyle, MSNBC
    On the other hand, human rights groups are using strong cryptography and
    other Internet tools to fight those same repressive governments. "A
    growing percentage of human rights work will take place in cyberspace,"
    one activist predicts.
    Cyber-activism goes back almost as far as the Internet itself. But the
    rise of the Internet in the developing world - even in countries ruled by
    repressive regimes - has given activists an increasingly valuable lifeline
    to supporters around the world.
    The human rights dimension of the Internet was the theme of a session
    Friday at the annual meeting of the American Association for the
    Advancement of Science.  "Human rights groups are relying on the Internet
    more and more to speak out, document and draw the world's attention to
    human rights violations," said Stephen Hansen of AAAS' Directorate for
    Science and Policy Programs.
    To be sure, there's a dark side as well as a bright side to the story: 
    Some governments are finding ways to eavesdrop on the Internet, just as
    they monitor mail and phone communications. One need look no further than
    the case of Web designer Lin Hai, who China sentenced Wednesday to two
    years in prison for exchanging thousands of e-mail addresses with a
    U.S.-based dissident publication.  In cooperation with the Digital Freedom
    Network, the AAAS mounted a Web-based e-mail campaign calling for Lin's
    release, but to no avail.  China isn't the only nation where dissidents
    have been detained for their use of the Net. Similar cases have been
    reported in Turkey, Bahrain and Indonesia.
    Keeping Private
    Hansen said human rights advocates had to take the same precautions they
    would take using other means of communications.
    "Messages can be intercepted. Creators of Web sites can be labeled as
    subversive and arrested, as we have just seen in China. Live chatting on
    the Internet can lend itself to eavesdropping, with the identity and
    location of the participant easily discove red," he said.  Among the
    strategies Hansen and others said were being used to circumvent government
    snoops:  Web-based e-mail accounts, which can't easily be traced back to
    the individual user.  Anonymous remailers, which pass along e-mail
    messages while concealing the identity of the sender.  Proxy servers that
    let Web surfers access sites without leaving an identifying trail.
    One-to-one Internet Relay Chat sessions, which provide more
    confidentiality than group chats.  A rotating pool of Internet Protocol
    addresses for Web servers. Alex Fowler, director of public affairs for the
    Electronic Frontier Foundation, explained that governments sometimes block
    Web access to specific IP numbers. By switching those numbers freque ntly,
    the operators of banned sites might be able to dodge the blocking
    software.  Steganography, a coding technique that can hide data within
    seemingly innocuous files such as a scanned image or audio clip.  Strong
    cryptography. Several experts said encryption was the most effective - and
    most controversial - way to protect data from prying eyes.  The AAAS'
    Patrick Ball, who worked with human rights activists in Guatemala to
    document human rights abuses by that nation's military, said each day's
    work was stored on laptops as encrypted data, using Pretty Good Privacy
    software. After the investigatio n was complete, PGP founder Philip
    Zimmerman visited the country and was profusely thanked by Ball's
    Guatemalan colleagues, Ball said.  "Some said they thought strong
    cryptography saved the lives of their witnesses," Ball recalled.
    Ultimate solution
    Even crypto isn't the ultimate solution, however. For one thing, it's
    still against U.S. law to export encryption products stronger than the
    56-bit standard, although the international availability of stronger
    software is rendering such restrictions moot.
    The same tools that make the Net safe for pro-democracy dissidents also
    are used by computer break-in artists, pornographers, slanderers and other
    evildoers, said Philip Reitinger, senior counsel for the U.S. Justice
    Department's computer crime and intell ectual property section.  Moreover,
    some governments simply make the use of encryption illegal - thus giving
    the official snoops a clearer pretext for arresting the sender or
    recipient.  "They can always take the person and hang them upside down
    until he tells them what's in the message ... because when you see an
    encrypted message, you know it's encrypted and you can see there's
    something going on," said Eric Goldstein of Human Rights Wa tch.
    Goldstein, whose report focused on cyber-rights in the Middle East and
    North Africa, said some governments are putting a lot of effort into
    Internet regulation.  "It looks like the Tunisians studied everything that
    cyber-liberties groups had been saying ... and then did the opposite," he
    said.  But he contended that once governments open the way for Internet
    access, they cannot stop the eventual flow of "objectionable" information
    online. The most they can do is buy time to make the adjustment to a more
    pluralistic information era, Goldstein sai d.  "Most experts give the
    long-term edge to users, not governments," he said.
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: Internet Security Institute [www.isi-sec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:17:27 PDT