---------- Forwarded message ---------- Date: Mon, 10 Sep 2001 00:55:51 -0400 From: Ronald L. Rivest <rivestat_private> To: cryptographyat_private, farberat_private Subject: SSSCA = Digital Rectal Thermometer Security Act ? Hi all -- I just sat down and read the proposed text of the Holling's SSSCA bill. http://cryptome.org/sssca.htm Boy is this bill breathtaking in its breadth! I have tried to understand its language. It says in Section 101: "It is unlawful to manufacture, import, offer to the public, provide or otherwise traffic in any interactive digital device that does not include and utilize certified security technologies that adhere to the security systems standards adopted under section 104." and says in Section 109: "The term "interactive digital device" means any machine, device, product, software, or technology, whether or not included with or as part of some other machine, device, product, software, or technology, that is designed, marketed or used for the primary purpose of, and that is capable of, storing, retrieving, processing, performing, transmitting, receiving, or copying information in digital form." Putting 2+2 together, we see that essentially all digital devices and software will have to have "certified security technologies" in them. Anything that works primarily with digital data is covered. My feeble brain came up with the following list of things that would have to be secured. I'm sure you can think of lots more. -- All bar-code scanners -- All computer-controlled ignition systems -- All metro ticket readers -- All digital watches and calculators -- All ATM machines -- All digital cellular phones -- All digital answering machines -- All GPS receivers -- All sports scoreboards and the marquee signs in Times Square -- All electronic parking meters -- Almost all lab equipment (everything is digital these days) -- All software, for sure -- All digital cameras and digital movie cameras -- All PC's and game consoles -- All remote key-entry systems and most home security systems -- All stop-light controllers Well, I should leave some of the fun to you. But of course my favorite should be listed: -- All digital rectal thermometers Presumably some staffers will try to rescue this laughable (albeit a bit scary) lobbyist-written proposal. Of course, just letting the bill die is probably best. But if they want to fix things, they should consider adding language that makes it ILLEGAL to sell copy-protection technology that doesn't permit at least -- fair use, including time-shifting and making a reasonable number of copies for personal or educational use, or for backups, -- free use of a copyrighted item once the copyright has expired (This list should be expanded.) But in any case, making any security technology *mandatory* on all digital devices and computers is clearly a non-starter. Why, we'd probably have to close down all the country's computer science departments (can't have these kids making unsecured devices, you know, even if it is their homework assignment to build a computer...) Cheers, Ron Rivest Ronald L. Rivest Room 324, 200 Technology Square, Cambridge MA 02139 Tel 617-253-5880, Fax 617-258-9738, Email <rivestat_private> --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomoat_private - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue Sep 11 2001 - 01:54:32 PDT