EFFector Online JULY 4, 1992
########## ########## ########## | LIBERTY, EQUALITY, CONNECTIVITY! |
########## ########## ########## | THE DECLARATION & BILL OF RIGHTS |
#### #### #### | |
######## ######## ######## | HOUSE TO NSF:RELAX ACCEPTABLE USE |
######## ######## ######## | |
#### #### #### | Howard Rheingold on |
########## #### #### | VIRTUAL COMMUNITIES, 1992 |
########## #### #### | (Third of three parts) |
=====================================================================|
EFFector Online JULY 4, 1992 Issue 3.0|
A Publication of the Electronic Frontier Foundation |
ISSN 1062-9424 |
=====================================================================|
*
%%
||____________________________________________
|| * * * * * * |==============================|
|| * * * * * |==============================|
|| * * * * * * |==============================|
|| * * * * * |==============================|
|| * * * * * * |==============================|
|| * * * * * |==============================|
|| * * * * * * |==============================|
|| * * * * * |==============================|
|| * * * * * * |==============================|
||============================================|
||============================================|
||============================================|
||============================================|
||============================================+
||
|| LIBERTY, EQUALITY, CONNECTIVITY!
|| A PEOPLE, UNITED, CAN NEVER BE DEFEATED!
|| 216 FOURTHS AND STILL GOING STRONG!
||
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
In CONGRESS, July 4, 1776.
A DECLARATION
By the REPRESENTATIVES of the
UNITED STATES OF AMERICA,
In GENERAL CONGRESS assembled.
_ _
\\ //HEN in the Course of human Events, it becomes necessary
\\/\// for one People to dissolve the Political bands which have
\/\/ connected them with another, and to assume among the
Powers of the Earth, the separate and equal station to which the
Laws of Nature and of Nature's God entitle them, a decent respect
to the Opinions of Mankind requires that they should declare the
causes which impel them to the Separation.
We hold these Truths to be self-evident, that all Men are created
equal, that they are endowed by their Creator with certain unalienable
rights, that among these are Life, Liberty, and the Pursuit of
Happiness--That to secure these Rights, Governments are instituted among
Men, deriving their just Powers from the Consent of the Governed, that
whenever any Form of Government becomes destructive of these Ends, it is
the Right of the People to alter or to abolish it, and to institute new
Government, laying its foundation on such Principles and organizing its
Powers in such Form, as to them shall seem most likely to effect their
Safety and Happiness. Prudence, indeed, will dictate that Governments
long established should not be changed for light and transient Causes;
and accordingly all Experience hath shown, that Mankind are more
disposed to suffer, while evils are sufferable, than to right themselves
by abolishing the Forms to which they are accustomed. But when a long
train of Abuses and Ursurpations, pursuing invariably the same Object,
evinces a Design to reduce them under absolute Despotism, it is their
Right, it is their Duty, to throw off such Government, and to provide
new Guards for their future Security.
* * * * * * * * * *
WE, THEREFORE, The Representatives of the UNITED STATES OF AMERICA,
in General Congress, Assembled, appealing to the Supreme Judge of the
world for the rectitude of our intentions, do, in the Name, and by
Authority of the good People of these Colonies, solemnly publish and
declare, That these United Colonies are, and of Right ought to be FREE
AND INDEPENDENT STATES; that they are Absolved from all Allegiance to
the British Crown, and that all political connection between them and
the State of Great Britain, is and ought to be totally dissolved; and
that as Free and Independent States, they have full Power to levy War,
conclude Peace, contract Alliance, establish commerce, and to do all
other Acts and Things which Independent States may of right do. And for
the support of this Declaration, with a firm reliance on the protection
of divine Providence, we mutually pledge to each other our Lives, our
Fortunes, and our sacred Honor.
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
THE BILL OF RIGHTS
1st Amendment
Congress shall make no law respecting an establishment of religion, or
prohibiting the free exercise thereof; or abridging the freedom of
speech, or of the press; or the right of the people peaceably to
assemble, and to petition the government for a redress of grievances.
2nd Amendment
A well-regulated militia being necessary to the security of a free
state, the right of the people to keep and bear arms shall not be
infringed.
3rd Amendment
No soldier shall, in time of peace, be quartered in any house, without
the consent of the owner; nor in time of war, but in a manner to be
prescribed by law.
4th Amendment
The right of the people to be secure in their persons, houses, papers,
and effects, against unreasonable searches and seizures, shall not be
violated; and no warrants shall issue, but upon probable cause,
supported by oath or affirmation, and particularly describing the place
to be searched and the persons or things to be seized.
5th Amendment
No person shall be held to answer for a capital, or otherwise infamous,
crime, unless on a presentment or indictment of a grand jury, except in
cases arising in the land or naval forces, or in the militia, when in
actual service, in time of war, or public danger; nor shall any person
be subject, for the same offence, to be twice put in jeopardy of life or
limb; nor shall be compelled, in any criminal case, to be a witness
against himself; nor be deprived of life, liberty, or property, without
due process of law; nor shall private property be taken for public use,
without just compensation.
6th Amendment
In all criminal prosecutions, the accused shall enjoy the right to a
speedy and public trial, by an impartial jury of the state and district
wherein the crime shall have been committed, which district shall have
been previously ascertained by law; and to be informed of the nature and
cause of the accusation; to be confronted with the witnesses against
him; to have compulsory process for obtaining witnesses in his favor;
and to have the assistance of counsel for his defence.
7th Amendment
In suits at common law, where the value in controversy shall exceed
twenty dollars, the right of trial by jury shall be preserved; and no
fact, tried by a jury, shall be otherwise re- examined in any court of
the United States than according to the rules of the common law.
8th Amendment
Excessive bail shall not be required, nor excessive fines imposed, nor
cruel and unusual punishment inflicted.
9th Amendment
The enumeration in the Constitution of certain rights shall not be
construed to deny or disparage others retained by the people.
10th Amendment
The powers not delegated to the United States shall not be construed to
extend to any suit in law or equity, commenced or prosecuted against one
of the United States by citizens of another State or by citizens or
subjects of any foreign state.
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-==--==--==-<>-==--==--==-
HOUSE ALLOWS NSF TO RELAX ACCEPTABLE USE POLICIES
This Monday (6/29) the House passed by voice vote Rep. Boucher's (D-VA)
bill to allow the NSF to relax current Acceptable Use Policies that
limit NSFNet traffic to that which is "in support of research and
education." This restriction prevent commercial traffic, such as the
offering of commercial information services, from passing over the
NSFNET backbone.
Boucher's bill amends the National Science Foundation Act of 1950 (42
USC 1862) to read:
"the Foundation is authorized to foster and support the development and
use of computer networks which may be used substantially for purposed
related to research and education in the sciences and engineering, if
the additional uses will tend to increase the overall capabilities of
the networks to support such research and education activities."
That is a long way of saying that commercial services may be offered for
sale over the NSFNET backbone provided those services would be
potentially valuable to the research and education community.
The identical provision is attached to the NASA Reauthorization bill now
pending before the Senate. Senate staff indicate they are hoping that
the provision will move through without much fuss. However, there is
some possible opposition from Department of Energy and other "mission
agencies'" who run large nets that interconnect with the NSF. These
agencies don't like to trend toward commercialization because, a) it
puts pressure on them to do the same, and b) it puts them just one hop a
away from an increasingly public network.
-==--==--==-<>-==--==--==-
[Note: Because of the length of this essay, this is the third of three
parts. Our readers are asked to take careful note of the author's
remarks at the end of this article.]
A SLICE OF LIFE IN MY VIRTUAL COMMUNITY
(Part Two)
by Howard Rheingold June 1992
(hlr@well.sf.ca.us)
[ Continued from EFFector Online 2.12 June 19, 1992. Available via
ftp.eff.org or by email from eff@eff.org]
Who Is The WELL?
One way to know what the WELL is like is to know something about the
kind of people who use it. It has roots in the San Francisco Bay Area,
and in two separate cultural revolutions that took place there in past
decades. The Whole Earth Catalog originally emerged from the
counterculture as Stewart Brand's way of providing access to tools and
ideas to all the communes who were exploring alternate ways of life in
the forests of Mendocino or the high deserts outside Santa Fe. The Whole
Earth Catalogs and the magazines they spawned, Co-Evolution Quarterly
and Whole Earth Review, have outlived the counterculture itself, since
they are still alive and raising hell after nearly 25 years. For many
years, the people who have been exploring alternatives and are open to
ideas that you don't find in the mass media have found themselves in
cities instead of rural communes, where their need for new tools and
ideas didn't go away.
The Whole Earth Catalog crew received a large advance in the mid-
1980s to produce an updated version, a project involving many
geographically-separated authors and editors, many of whom were using
computers. They bought a minicomputer and the license to Picospan, a
computer conferencing program, leased an office next to the magazine's
office, leased incoming telephone lines, set up modems, and the WELL was
born in 1985. The idea from the beginning was that the founders weren't
sure what the WELL would become, but they would provide tools for people
to build it into something useful. It was consciously a cultural
experiment, and the business was designed to succeed or fail on the
basis of the results of the experiment. The person Stewart Brand chose
to be the WELL's first director -- technician, manager, innkeeper, and
bouncer -- was Matthew McClure, not-coincidentally a computer-savvy
veteran of The Farm, one of the most successful of the communes that
started in the sixties. Brand and McClure started a low- rules,
high-tone discussion, where savvy networkers, futurists, misfits who had
learned how to make our outsiderness work for us, could take the
technology of CMC to its cultural limits.
The Whole Earth network -- the granola-eating utopians, the solar-
power enthusiasts, serious ecologists and the space-station crowd,
immortalists, Biospherians, environmentalists, social activists -- was
part of the core population from the beginning. But there were a couple
of other key elements. One was the subculture that happened ten years
after the counterculture era -- the personal computer revolution.
Personal computers and the PC industry were created by young iconoclasts
who wanted to have whizzy tools and change the world. Whole Earth had
honored them, including the outlaws among them, with the early Hacker's
Conferences. The young computer wizards, and the grizzled old hands who
were still messing with mainframes, showed up early at the WELL because
the guts of the system itself -- the UNIX operating system and "C"
language programming code -- were available for tinkering by responsible
craftsmen.
A third cultural element that made up the initial mix of the WELL,
which has drifted from its counterculture origins in many ways, were the
deadheads. Books and theses have been written about the subculture that
have grown up around the band, the Grateful Dead. The deadheads have a
strong feeling of community, but they can only manifest it en masse when
the band has concerts. They were a community looking for a place to
happen when several technology-savvy deadheads started a "Grateful Dead
Conference" on the WELL. GD was so phenomenally successful that for the
first several years, deadheads were by far the single largest source of
income for the enterprise.
Along with the other elements came the first marathon swimmers in
the new currents of the information streams, the futurists and writers
and journalists. The New York Times, Business Week, the San Francisco
Chronicle, Time, Rolling Stone, Byte, the Wall Street Journal all have
journalists that I know personally who drop into the WELL as a listening
post. People in Silicon Valley lurk to hear loose talk among the pros.
Journalists tend to attract other journalists, and the purpose of
journalists is to attract everybody else: most people have to use an old
medium to hear news about the arrival of a new medium.
Things changed, both rapidly and slowly, in the WELL. There were
about 600 members of the WELL when I joined, in the summer of 1985. It
seemed that then, as now, the usual ten percent of the members did 80%
of the talking. Now there are about 6000 people, with a net gain of
about a hundred a month. There do seem to be more women than other parts
of cyberspace. Most of the people I meet seem to be white or Asian;
African-Americans aren't missing, but they aren't conspicuous or even
visible. If you can fake it, gender and age are invisible, too. I'd
guess the WELL consists of about 80% men, 20% women. I don't know
whether formal demographics would be the kind of thing that most WELL
users would want to contribute to. It's certainly something we'd
discuss, argue, debate, joke about.
One important social rule was built into Picospan, the software that
the WELL lives inside: Nobody is anonymous. Everybody is required to
attach their real "userid" to their postings. It is possible to use
pseudonyms to create alternate identities, or to carry metamessages, but
the pseudonyms are always linked in every posting to the real userid. So
individual personae -- whether or not they correspond closely to the
real person who owns the account -- are responsible for the words they
post. In fact, the first several years, the screen that you saw when you
reached the WELL said "You own your own words." Stewart Brand, the
WELL's co-founder likes epigrams: "Whole Earth," "Information wants to
be free." "You own your own words." Like the best epigrams, "You own
your own words" is open to multiple interpretations. The matter of
responsibility and ownership of words is one of the topics WELLbeings
argue about endlessly, so much that the phrase has been abbreviated to
"YOYOW," As in, "Oh no, another YOYOW debate."
Who are the WELL members, and what do they talk about? I can tell
you about the individuals I have come to know over six years, but the
WELL has long since been something larger than the sum of everybody's
friends. The characteristics of the pool of people who tune into this
electronic listening post, whether or not they every post a word in
public, is a strong determinant of the flavor of the "place." There's a
cross-sectional feeling of "who are we?" that transcends the
intersecting and non-intersecting rings of friends and acquaintances
each individual develops.
My Neighborhood On The WELL
Every CMC system gives users tools for creating their own sense of
place, by customizing the way they navigate through the database of
conferences, topics, and responses. A conference or newsgroup is like a
place you go. If you go to several different places in a fixed order, it
seems to reinforce the feeling of place by creating a customized
neighborhood that is also shared by others. You see some of the same
users in different parts of the same neighborhood. Some faces, you see
only in one context -- the parents conference, the Grateful Dead tours
conference, the politics or sex conference.
My home neighborhood on the WELL is reflected in my ".cflist," the
file that records my preferences about the order of conferences I visit.
It is always possible to go to any conference with a command, but with a
.cflist you structure your online time by going from conference to
specified conference at regular intervals, reading and perhaps
responding in several ongoing threads in several different places.
That's the part of the art of discourse where I have found that the
computer adds value to the intellectual activity of discussing formally
distinct subjects asynchronously, from different parts of the world,
over extending periods, by enabling groups to structure conversations by
topic, over time.
My .cflist starts, for sentimental reasons, with the Mind
conference, the first one I hosted on the WELL, since 1985. I've changed
my .cflist hundreds of times over the years, to add or delete
conferences from my regular neighborhood, but I've always kept Mind in
the lede. The entry banner screen for the Mind conference used to
display to each user the exact phase of the moon in numbers and ASCII
graphics every time they logged in to the conference. But the volunteer
programmer who had created the "phoon" program had decided to withdraw
it, years later, in a dispute with WELL management. There is often a
technological fix to a social problem within this particular universe.
Because the WELL seems to be an intersection of many different cultures,
there have been many experiments with software tools to ameliorate
problems that seemed to crop up between people, whether because of the
nature of the medium or the nature of the people. A frighteningly
expensive pool of talent was donated by volunteer programmers to create
tools and even weapons for WELL users to deal with each other. People
keep giving things to the WELL, and taking them away. Offline readers
and online tools by volunteer programmers gave others increased power to
communicate.
The News conference is what's next. This is the commons, the place
where the most people visit the most often, where the most outrageous
off-topic proliferation is least pernicious, where the important
announcements about the system or social events or major disputes or new
conferences are announced. When an earthquake or fire happens, News is
where you want to go. Immediately after the 1989 earthquake and during
the Oakland fire of 1991, the WELL was a place to check the damage to
the local geographic community, lend help to those who need it, and get
first-hand reports. During Tienamen square, the Gulf War, the Soviet
Coup, the WELL was a media-funnel, with snippets of email from Tel-Aviv
and entire newsgroups fed by fax machines in China, erupting in News
conference topics that grew into fast-moving conferences of their own.
During any major crisis in the real world, the routine at our house is
to turn on CNN and log into the WELL.
After News is Hosts, where the hottest stuff usually happens. The
hosts community is a story in itself. The success of the WELL in its
first five years, all would agree, rested heavily on the efforts of the
conference hosts -- online characters who had created the character of
the first neighborhoods and kept the juice flowing between one another
all over the WELL, but most pointedly in the Hosts conference. Some
spicy reading in the Archives conference originated from old hosts'
disputes - and substantial arguments about the implications of CMC for
civil rights, intellectual property, censorship, by a lot of people who
know what they are talking about, mixed liberally with a lot of other
people who don't know what they are talking about, but love to talk
anyway, via keyboard and screen, for years on end.
In this virtual place, the pillars of the community and the worst
offenders of public sensibilities are in the same group -- the hosts.
At their best and their worst, this ten percent of the online population
put out the words that the other ninety percent keep paying to read.
Like good hosts at any social gathering, they make newcomers welcome,
keep the conversation flowing, mediate disputes, clean up messes, and
throw out miscreants, if need be. A WELL host is part salon keeper, part
saloon keeper, part talk-show host, part publisher. The only power to
censor or to ban a user is the hosts' power. Policy varies from host to
host, and that's the only policy. The only justice for those who misuse
that power is the forced participation in weeks of debilitating and
vituperative post-mortem.
The hosts community is part long-running soap opera, part town
meeting, bar-room brawl, anarchic debating society, creative groupmind,
bloody arena, union hall, playpen, encounter group. The Hosts conference
is extremely general, from technical questions to personal attacks. The
Policy conference is supposed to be restricted to matters of what WELL
policy is, or ought to be. The part-delusion, part-accurate perception
that the hosts and other users have strong influence over WELL policy is
part of what feeds debate here, and a strong element in the libertarian
reputation of the stereotypical WELLite. After fighting my way through a
day's or hour's worth of the Hot New Dispute in News, Hosts, and Policy,
I check on the conferences I host -- Info, Virtual Communities, Virtual
Reality. After that my .cflist directs me, at the press of the return
key, to the first new topic or response in the Parenting, Writers',
Grateful Dead tours, Telecommunication, Macintosh, Weird, Electronic
Frontier Foundation, Whole Earth, Books, Media, Men on the WELL,
Miscellaneous, and Unclear conferences.
Grabbing attention in the Commons is a powerful act. Some people
seem drawn to performing there; others burst out there in acts of
desperation, after one history of frustration or another. Dealing with
people who are so consistently off-topic or apparently deeply grooved
into incoherence, long-windedness, scatology, is one of the events that
challenges a community to decide what its values really are, or ought to
be.
Something is happening here. I'm not sure anybody understands it
yet. I know that the WELL and the net is an important part of my life
and I have to decide for myself whether this is a new way to make
genuine commitments to other human beings, or a silicon-induced illusion
of community. I urge others to help pursue that question in a variety of
ways, while we have the time. The political dimensions of CMC might lead
to situations that would pre-empt questions of other social effects;
responses to the need for understanding the power- relationships
inherent in CMC are well represented by the Electronic Frontier
Foundation and others. We need to learn a lot more, very quickly, about
what kind of place our minds are homesteading.
The future of virtual communities is connected to the future of
everything else, starting with the most precious thing people have to
gain or lose -- political freedom. The part played by communication
technologies in the disintegration of communism, the way broadcast
television pre-empted the American electoral process, the power of fax
and CMC networks during times of political repression like Tienamen
Square and the Soviet Coup attempt, the power of citizen electronic
journalism, the power-maneuvering of law enforcement and intelligence
agencies to restrict rights of citizen access and expression in
cyberspace, all point to the future of CMC as a close correlate of
future political scenarios. More important than civilizing cyberspace is
ensuring its freedom as a citizen-to-citizen communication and
publication medium; laws that infringe equity of access to and freedom
of expression in cyberspace could transform today's populist empowerment
into yet another instrument of manipulation. Will "electronic democracy"
be an accurate description of political empowerment that grows out of
the screen of a computer? Or will it become a brilliant piece of
disinfotainment, another means of manipulating emotions and
manufacturing public opinion in the service of power.
Who controls what kinds of information is communicated in the
international networks where virtual communities live? Who censors, and
what is censored? Who safeguards the privacy of individuals in the face
of technologies that make it possible to amass and retrieve detailed
personal information about every member of a large population? The
answers to these political questions might make moot any more abstract
questions about cultures in cyberspace. Democracy itself depends on the
relatively free flow of communications. The following words by James
Madison are carved in marble at the United States Library of Congress:
"A popular government without popular information, or the means of
acquiring it, is but a prologue to a farce or a tragedy, or perhaps
both. Knowledge will forever govern ignorance, and a people who mean to
be their own governors must arm themselves with the power which
knowledge gives." It is time for people to arm themselves with power
about the future of CMC technology.
Who controls the market for relationships? Will the world's
increasingly interlinked, increasingly powerful, decreasingly costly
communications infrastructure be controlled by a small number of very
large companies? Will cyberspace be privatized and parceled out to those
who can afford to buy into the auction? If political forces do not seize
the high ground and end today's freewheeling exchange of ideas, it is
still possible for a more benevolent form of economic control to stunt
the evolution of virtual communities, if a small number of companies
gain the power to put up toll-roads in the information networks, and
smaller companies are not able to compete with them.
Or will there be an open market, in which newcomers like Apple or
Microsoft can become industry leaders? The playing field in the global
telecommunications industry will never be level, but the degree of
individual freedom available through telecommunication technologies in
the future may depend upon whether the market for goods and services in
cyberspace remains open for new companies to create new uses for CMC.
I present these observations as a set of questions, not as answers.
I believe that we need to try to understand the nature of CMC,
cyberspace, and virtual communities in every important context --
politically, economically, socially , culturally, cognitively. Each
different perspective reveals something that the other perspectives do
not reveal. Each different discipline fails to see something that
another discipline sees very well. We need to think as teams here,
across boundaries of academic discipline, industrial affiliation,
nation, to understand, and thus perhaps regain control of, the way human
communities are being transformed by communication technologies. We
can't do this solely as dispassionate observers, although there is
certainly a huge need for the detached assessment of social science.
But community is a matter of the heart and the gut as well as the head.
Some of the most important learning will always have to be done by
jumping into one corner or another of cyberspace, living there, and
getting up to your elbows in the problems that virtual communities face.
References:
Sara Kiesler, "The Hidden Messages in Computer Networks," Harvard
Business Review, January-February 1986.
J.C.R. Licklider, Robert Taylor, and E. Herbert, "The Computer as a
Communication Device," International Science and Technology, April 1978.
Ray Oldenburg, "The Great Good Place: Cafes, Coffee Shops, Community
Centers, Beauty Parlors, General Stores, Bars, Hangouts, and How They
Get You Through The Day," New York: Paragon House, 1991.
M. Scott Peck, M.D., "The Different Drum: Community Making and
Peace," New York: Touchstone, 1987.
Howard Rheingold, "Tools for Thought," Simon & Schuster 1986.
Note: In 1988, _Whole Earth Review_ published my article, "Virtual
Communities." Four years later, I reread it and realized that I had
learned a few things, and that the world I was observing had changed.
So I rewrote it. The original version is available on the WELL as
/uh/72/hlr/virtual_communities88.
Portions of this will appear in "Globalizing Networks: Computers and
International Communication," edited by Linda Harasim and Jan Walls for
MIT press. Portions of this will appear in "Virtual Communities," by
Howard Rheingold, Addison-Wesley. Portions of this may find their way
into Whole Earth Review.
This is a world-readable file, and I think these are important issues;
encourage distribution, but I do ask for fair use: Don't remove my name
from my words when you quote or reproduce them, don't change them, and
don't impair my ability to make a living with them.
Howard Rheingold
Editor, Whole Earth Review
27 Gate Five Road
Sausalito, CA 94965
Tel: 415 332 1716
Fax: 415 332 3110
Internet: hlr@well.sf.ca.us
(This is the last of three parts.)
-==--==--==-<>-==--==--==-
MEMBERSHIP IN THE ELECTRONIC FRONTIER FOUNDATION
If you support our goals and our work, you can show that support by
becoming a member now. Members receive our quarterly newsletter,
EFFECTOR, our bi-weekly electronic newsletter, EFFector Online (if you
have an electronic address that can be reached through the Net), and
special releases and other notices on our activities. But because we
believe that support should be freely given, you can receive these
things even if you do not elect to become a member.
Our memberships are $20.00 per year for students, $40.00 per year for
regular members. You may, of course, donate more if you wish.
Our privacy policy: The Electronic Frontier Foundation will never, under
any circumstances, sell any part of its membership list. We will, from
time to time, share this list with other non-profit organizations whose
work we determine to be in line with our goals. If you do not grant
explicit permission, we assume that you do not wish your membership
disclosed to any group for any reason.
---------------- EFF MEMBERSHIP FORM ---------------
Mail to: The Electronic Frontier Foundation, Inc.
155 Second St. #30
Cambridge, MA 02141
I wish to become a member of the EFF I enclose:$__________
$20.00 (student or low income membership)
$40.00 (regular membership)
$100.00(Corporate or company membership.
This allows any organization to
become a member of EFF. It allows
such an organization, if it wishes
to designate up to five individuals
within the organization as members.)
| I enclose an additional donation of $___________
Name:______________________________________________________
Organization:______________________________________________
Address: __________________________________________________
City or Town: _____________________________________________
State:_______ Zip:________ Phone:( )_____________(optional)
FAX:( )____________________(optional)
Email address: ______________________________
I enclose a check [ ] .
Please charge my membership in the amount of $_____________
to my Mastercard [ ] Visa [ ] American Express [ ]
Number:____________________________________________________
Expiration date: ____________
Signature: ________________________________________________
Date:______________________
I hereby grant permission to the EFF to share my name with
other non-profit groups from time to time as it deems
appropriate [ ] .
Initials:___________________________
Your membership/donation is fully tax deductible.
=====================================================================|
EFFector Online is published by |
The Electronic Frontier Foundation |
155 Second Street, Cambridge MA 02141 |
Phone:(617)864-0665 FAX:(617)864-0866 |
Internet Address: eff@eff.org |
Reproduction of this publication in electronic media is encouraged |
To reproduce signed articles individually, |
please contact the authors for their express permission. |
=====================================================================|
"LIFE, LIBERTY, AND THE PURSUIT OF CONNECTIVITY."
########## ########## ########## | RAPID GROWTH OF ONLINE SERVICES
########## ########## ########## | ONE BBSCON /EFF LIBRARY/ USENET
#### #### #### |
######## ######## ######## | JOHN PERRY BARLOW ON
######## ######## ######## | THE NSA, THE FBI, ENCRYPTION,
#### #### #### | AND WIRE-TAPPING
########## #### #### |
########## #### #### | THE TAO TE CHIP
=====================================================================
EFFector Online JULY 29, 1992 Issue 3.1 / Part 1
A Publication of the Electronic Frontier Foundation
ISSN 1062-9424
=====================================================================
ONLINE SERVICES EXPERIENCE SOLID GROWTH OVER PAST 5 YEARS
WITH MORE FORECAST FOR THE NEAR FUTURE
A new study released by SIMBA Information, a research group based in
Wilton, Connecticut, says sales by online services increased by 61.1
percent in the last five years. The trend will continue over the next five
years, says SIMBA, with a projected increase of 48%.
By 1996, the online information market should be worth about $14.2 billion
annually. Business uses will consume the lion's share of this market by a
factor of 24 to 1. Regardless of this, the services used by consumers were
the fastest growing segment of the market in the 1990-1991 period. This
growth in consumer use is expected to increase by 145 percent over the next
five years.
The report, "Online Services: 1992 Review, Trends, and Forecast" was
written for SIMBA by analyst Chris Elwell.
Other items in the report of interest: Subscribers to online services
numbered 5.4 million at the end of 1991, an increase of 18% over 1990.
Leading online services (CompuServe, Genie, Prodigy, etc.) reported an
aggregate sales growth of nearly 7% in 1991 from 1990 levels.
Some of the more notable conclusions of this report are:
#North American-based online services account for 57% of
worldwide sales,with rapid growth in the near term.
#More than half of the growth in online subscribers in 1991
was accounted for by Prodigy.
#One out of every five home computers has a modem.
#As the Regional Bell companies enter the online services
arena, the initial focal point of their efforts will be
online directory publishing.
#Even though the report gives detailed profiles of 35 major
players, it notes that most online services and database
publishers are relatively small operations.
-==--==--==-<>-==--==--==-
EFF to Crash The ONE BBSCON
August 13-16, Stouffer Concourse Hotel, Denver Colorado.
The ONE BBSCON is the major BBS conference of the year, hosting seminars in
such topics as How to make your BBS profitable; What is Internet?; FidoNet,
RelayNet, INet, et. al.; Graphics over a Modem; Learn from the Winners; as
well hosting an exhibition attended by vendors of BBS-related products.
And EFF will be there with a booth as well. We'll be doing the usual
booth-related activities such as handing out literature and selling
t-shirts; however, we're more interested in talking with the members of the
BBS community and learning what it needs from EFF. Along with seminars on
BBSs and the Law, EFF staff counsel Shari Steele will be presenting a talk
on the EFF at which we will be looking for feedback. If you'll be
attending, do stop by either the booth or the seminar and tell us what you
think.
For more information on ONE BBSCON, contact
ONE, Inc.
4255 S. Buckley Road
Suite 308
Aurora, Colorado 80013
(303)693-5252
Note: There is no email address. Leaves room for improvement.
-==--==--==-<>-==--==--==-
UPDATE ON THE EFF LIBRARY
The EFF Library was set up over a year ago when it became clear that,
regardless of the digital revolution, we were being overwhelmed by a wave
of hard copy. At that time, we had a backlog of around 1,000 documents,
books and magazines concerning issues relevant to the Electronic Frontier.
We engaged a professional librarian, Hae Young Wang, to bring order to
chaos, and to provide us with a method that would enable us to file and
retrieve material necessary to the work of the foundation.
Today, the EFF library in Cambridge houses over 2,300 items. The holdings
cover journal articles, newspaper articles, conference proceedings, court
documents, legislation, magazines, books, and brochures. The subject areas
include such things as information infrastructure, computers and civil
liberties, intellectual property and copyrights, and EFF archives.
The Library also maintains over 130 subscriptions to magazines and
newsletters.
In addition, the EFF library maintains, classifies and indexes EFF's
anonymous ftp archive files. These files, which are accessible to everyone
with Internet access, have recently been re-organized into what we hope is a
more user-friendly and informative manner. In the EFF ftp directory, you
can find documents about the EFF, back issues of its online newsletter,
notes on eff-issues, historical items, legal issues, current legislation,
local chapters, and a host of other material germane to the Electronic
Frontier.
While the ftp files are open to all, the EFF Library can now serve only the
staff here and in Washington. We hope to be able to provide service to EFF
members and the general public in the future, as funding and staffing
allow.
In the meantime, we have recently acquired new scanning software which we
hope will reduce the work involved in moving hard-copy information into
digital form. With this in place we will be adding items to the anonymous
ftp archive at an increased rate throughout the rest of the summer.
Recent additions to the EFF ftp files are:
The EFF Open Platform Proposal. This is the full text of the
EFF's plan to create a national public network through the
deployment of ISDN technology.
(pub/EFF/papers/open-platform-proposal)
Howard Rhinegold's "A Slice of Life in My Virtual Community".
This meditation on what it means to be online in 1992 was
first serialized in EFFector Online.
(pub/EFF/papers/cyber/life-in-virtual-community)
Senator Al Gore's High-Tech Bill (S.2937) as introduced on July
1, 1992. This bill provides funding to both NSF and NASA to
develop technology for "digital libraries", huge data bases
that store text, imagery, video, and sound and are accessible
over computer networks like NSFNET. The bill also funds
development of prototype "digital libraries" around the
country. This is the full-text of this bill along with the
press release from Gore's office announcing the bill.
(pub/EFF/legislation/gore-bill-1992)
An information packet on the GPO/WINDO legislation before congress
as S.2813/H.R. 2772. This discusses the function of the proposed
"gateway" for online public access to government databases. From
the Taxpayers Assets Project.
(pub/EFF/legislation/gpo-windo-info)
These files are also available through WAIS as eff-documents.src. WAIS
clients are available for the Mac, PC, NeXT, X11, and GNU Emacs
environments via anonymous ftp from think.com. A "guest" WAIS client is
available by telnetting to quake.think.com and logging in as 'wais'.
To retrieve these files via email, send mail to archive-server@eff.org,
containing (in the body of the message) the command
send eff <path from pub/EFF>
So to get the Gore bill, you would send
send eff legislation/gore-bill-1992
If you have any trouble obtaining these documents, send email to
ftphelp@eff.org.
-==--==--==-<>-==--==--==-
UNCLEAR ON USENET INTERNET?
Veteran members of the Internet know, through osmosis, the difference
between Internet and Usenet. Still, newcomers are often confused since the
two seem to be, at times, used interchangeably. To provide for an ultimate
answer, we turned to Chris Davis (ckd), star sysadmin at eff.org. He said:
"The definitive answer is long and mostly uninteresting except to
pedants like me :).
"The Internet is that collection of connected TCP/IP networks. Roughly
speaking, if you can connect directly to 'nic.ddn.mil' with telnet, you're
on the Internet. You may be able to get Internet mail without being on the
Internet proper (say, if you're on America Online).
"USENET is that set of machines and people who interchange USENET
messages. A large number of USENET sites are on the Internet, and many
Internet sites get USENET. Many USENET sites are NOT on the Internet,
however, getting their news via dialup lines, satellite receivers, magnetic
tape shipments (no kidding), and the like. Roughly speaking, you're on
USENET if you get the 'news.announce.important' newsgroup.
"They are related in that they are partially congruent and often
confused with each other :) but they are not the same network."
-==--==--==-<>-==--==--==-
Decrypting the Puzzle Palace
by
John Perry Barlow
barlow@eff.org
"A little sunlight is the best disinfectant."
--Justice Louis Brandeis
Over a year ago, in a condition of giddier innocence than I enjoy today, I
wrote the following about the discovery of Cyberspace:
"Imagine discovering a continent so vast that it may have no other side.
Imagine a new world with more resources than all our future greed might
exhaust, more opportunities than there will ever be entrepreneurs enough to
exploit, and a peculiar kind of real estate which expands with
development."
One less felicitous feature of this terrain which I hadn't noticed then is
what seems to be a long-encamped and immense army of occupation.
This army represents interests which are difficult to define, guards the
area against unidentified enemies, meticulously observes almost every
activity undertaken there, and continuously prevents most who inhabit its
domain from drawing any blinds against such observation.
It marshals at least 40,000 troops, owns the most advanced computing
resources in the world, and uses funds the dispersal of which does not fall
under any democratic review.
Imagining this force won't require from you the inventive powers of a
William Gibson. The American Occupation Army of Cyberspace exists. Its
name is the National Security Agency.
It may be argued that this peculiar institution inhibits free trade, has
directly damaged American competitiveness, and poses a threat to liberty
anywhere people communicate with electrons. It's principal function, as
miff colleague John Gilmore puts it, is "wire-tapping the world," which it
is free to do without a warrant from any judge.
It is legally constrained from domestic surveillance, but precious few
people are in a good position to watch what, how, or whom the NSA watches.
And those who are tend to be temperamentally sympathetic to its objectives
and methods. They like power, and power understands the importance of
keeping it own secrets and learning everyone else's.
Whether it is meticulously ignoring every American byte or not, the NSA is
certainly pursuing policies which will render our domestic affairs
transparent to anyone who can afford big digital hardware. Such policies
could have profound consequences on our liberty and privacy.
More to point, the role of the NSA in the area of domestic privacy needs to
be assessed in the light of other recent federal initiatives which seem
directly aimed at permanently denying privacy to the inhabitants of
Cyberspace, whether foreign or American.
Finally it seems a highly opportune time, directly following our
disorienting victory in the Cold War, to ask if the threats from which the
NSA purportedly protects us from are as significant as the hazards its
activities present.
Like most Americans I'd never given much thought to the NSA until recently.
(Indeed its very existence was a secret for much of my life. Beltway types
used to joke that NSA stood for "No Such Agency.")
I vaguely knew that it was another of the 12 or so shadowy federal spook
houses which were erected shortly after the Iron Curtain with the purpose
of stopping its further advance. It derives entirely from a memorandum sent
by Harry Truman on October 24, 1952 to Secretary of State Dean Acheson and
Defense Secretary Robert Lovatt. This memo, the official secrecy of which
remained unpenetrated for almost 40 years, created the NSA, placed it under
the authority of the Secretary of Defense, and charged it with monitoring
and decoding any signal transmission relevant to the security of the United
States.
Even after I started noticing the NSA, my natural immunity to paranoia
combined with a general belief in the incompetence of all bureaucracies...
especially those whose inefficiencies are unmolested by public scrutiny...
to mute any sense of alarm. But this was before I began to understand the
subterranean battles raging over data encryption and the NSA's role in
them. Lately, I'm less sanguine.
Encryption may be the only reliable method for conveying privacy to the
inherently public domain of Cyberspace. I certainly trust it more than
privacy protection laws. Relying on government to protect your privacy is
like asking a peeping tom to install your window blinds.
In fact, we already have a strong-sounding federal law protecting our
electronic privacy, the Electronic Communications Privacy Act or ECPA. But
this law has not particular effective in those areas were electronic
eavesdropping is technically easy. This is especially true in the area of
cellular phone conversations, which, under the current analog transmission
standard, are easily accessible to anyone from the FBI to you.
The degree of law enforcement apprehension over secure cellular encryption
provides mute evidence of how seriously they've been taking ECPA. They are
moving on a variety of fronts to see that robust electronic privacy
protection systems don't become generally available to the public. Indeed,
the current administration may be so determined to achieve this end that
they may be willing to paralyze progress in America's most promising
technologies rather than yield on it.
Push is coming to shove in two areas of communications technology: digital
transmission of heretofore analog signals and the encryption of transmitted
data.
As the communications service providers move to packet switching, fiber
optic transmission lines, digital wireless, ISDN and other advanced
techniques, what have been discrete channels of continuous electrical
impulses, voices audible to anyone with alligator clips on the right wires,
are now becoming chaotic blasts of data packets, readily intelligible only
to the sender and receiver. This development effectively forecloses
traditional wire-tapping techniques, even as it provides new and different
opportunities for electronic surveillance.
It is in the latter area where the NSA knows its stuff. A fair percentage
of the digital signals dispatched on planet Earth must pass at some point
through the NSA's big sieve in Fort Meade, Maryland, 12 underground acres
of the heaviest hardware in the computing world. There, unless these
packets are also encrypted with a particularly knotty algorithm, sorting
them back into their original continuity is not so difficult.
Last spring, alarmed at a future in which it would have to sort through an
endless fruit salad of encrypted bits, the FBI persuaded Senator Joseph
Biden to include language in Senate Bill 266 which would have directed
providers of electronic communications services and devices (such as
digital cellular phone systems or other multiplexed communications
channels) to implement only such encryption methods as would assure
governmental ability to extract from the data stream the plain text of any
voice or data communications in which it took a legal interest. It was if
the government had responded to a technological leap in lock design by
requiring building contractors to supply it with skeleton keys to every
door in America.
The provision raised wide-spread concern in the computer community, which
was better equipped to understand its implications than the general public,
and in August of last year, the Electronic Frontier Foundation, in
cooperation with Computer Professionals for Social Responsibility and other
industry groups, successfully lobbied to have it removed from the bill.
Our celebration was restrained. We knew we hadn't seen the last of it. For
one thing, the movement to digital communications does create some serious
obstacles to traditional wire-tapping procedures. I fully expected that law
enforcement would be back with new proposals, which I hoped might be ones
we could support. But what I didn't understand then, and am only now
beginning to appreciate, was the extent to which this issue had already
been engaged by the NSA in the obscure area of export controls over data
encryption algorithms.
Encryption algorithms, despite their purely defensive characteristics, have
been regarded by the government of this country as weapons of war for many
years. If they are to be employed for privacy (as opposed to
authentication) and they are any good at all, their export is licensed
under State Department's International Traffic in Arms Regulations or ITAR.
The encryption watchdog is the NSA. It has been enforcing a policy, neither
debated nor even admitted to, which holds that if a device or program
contains an encryption scheme which the NSA can't break fairly easily, it
will not be licensed for international sale.
Aside for marveling at the silliness of trying to embargo algorithms, a
practice about as practicable as restricting the export of wind, I didn't
pay much attention to the implications of NSA encryption policies until
February of this year. It was then that I learned about the deliberations
of an obscure group of cellular industry representatives called the Ad Hoc
Authentication Task Force, TR45.3 and of the influence which the NSA has
apparently exercised over their findings.
In the stately fashion characteristic of standard-setting bodies, this
group has been working for several years on a standard for digital cellular
transmission, authentication, and privacy protection to be known by the
characteristically whimsical telco moniker IS-54B.
In February they met near Giants Stadium in East Rutherford, NJ. At that
meeting, they recommended, and agreed not to publish, an encryption scheme
for American-made digital cellular systems which many sophisticated
observers believe to be intentionally vulnerable. It was further thought
by many observers that this "dumbing down" had been done indirect
cooperation with the NSA.
Given the secret nature of the new algorithm, its actual merits were
difficult to assess. But many cryptologists believe there is enough in the
published portions of the standard to confirm that it isn't any good.
One cryptographic expert, one of two I spoke with who asked not to be
identified lest the NSA take reprisals against his company, said:
"The voice privacy scheme, as opposed to the authentication scheme, is
pitifully easy to break. It involves the generation of two "voice privacy
masks" each 260 bits long. They are generated as a byproduct of the
authentication algorithm and remain fixed for the duration of a call. The
voice privacy masks are exclusive_ORed with each frame of data from the
vocoder at the transmitter. The receiver XORs the same mask with the
incoming data frame to recover the original plain text. Anyone familiar
with the fundamentals of cryptanalysis can easily see how weak this scheme
is."
And indeed, Whitfield Diffie, co-inventor of Public Key cryptography and
arguably the dean of this obscure field, told me this about the fixed
masks:
"Given that description of the encryption process, there is no need for the
opponents to know how the masks were generated. Routine cryptanalytic
operations will quickly determine the masks and remove them.''
Some on committee claimed that possible NSA refusal of export licensing had
no bearing on the algorithm they chose. But their decision not to publish
the entire method and expose it to cryptanalytical abuse (not to mention
ANSI certification) was accompanied by the following convoluted
justification:
"It is the belief of the majority of the Ad Hoc Group, based on our current
understanding of the export requirements, that a published algorithm would
facilitate the cracking of the algorithm to the extent that its fundamental
purpose is defeated or compromised."(Italics added.)
Now this is a weird paragraph any way you parse it, but its most singular
quality is the sudden, incongruous appearance of export requirements in a
paragraph otherwise devoted to algorithmic integrity. In fact, this
paragraph is itself code, the plain text of which goes something like this:
"We're adopting this algorithm because, if we don't, the NSA will slam an
export embargo on all domestically manufactured digital cellular phones."
Obviously, the cellular phone systems manufacturers and providers are not
going to produce one model for overseas sale and another for domestic
production. Thus, a primary effect of NSA-driven efforts to deny some
unnamed foreign enemy secure cellular communications is on domestic
security. The wireless channels available to private Americans will be
cloaked in a mathematical veil so thin that, as one crypto-expert put it,
"Any county sheriff with the right PC-based black box will be able to
monitor your cellular conversations."
When I heard him say that, it suddenly became clear to me that, whether
consciously undertaken with that goal or not, the most important result of
the NSA's encryption embargoes has been the future convenience of domestic
law enforcement. Thanks to NSA export policies, they will be assured that,
as more Americans protect their privacy with encryption, it will be of a
sort easily penetrated by authority.
I find it increasingly hard to imagine this is not their real objective as
well. Surely, they must be aware of how ineffectual their efforts have been
in keeping good encryption out of inimical military possession. An
algorithm is somewhat less easily stopped at the border than, say, a
nuclear reactor. As William Neukom, head of Microsoft Legal puts it, "The
notion that you can control this technology is comical."
I became further persuaded that this was the case upon hearing, from a
couple of sources, that the Russians have been using the possibly
uncrackable (and American) RSA algorithm in their missile launch codes for
the last ten years and that, for as little as five bucks, one can get a
software package called Crypto II on the streets of Saint Petersburg which
includes both RSA and DES encryption systems.
Nevertheless, the NSA has been willing to cost American business a lot of
revenue rather than allow domestic products with strong encryption into the
global market.
While it's impossible to set a credible figure on what that loss might add
up to, it's high. Jim Bidzos, whose RSA Data Security licenses RSA, points
to one major Swiss bid in which a hundred million dollar contract for
financial computer terminals went to a European vendor after American
companies were prohibited by the NSA from exporting a truly secure network.
The list of export software containing intentionally broken encryption is
also long. Lotus Notes ships in two versions. Don't count on much
protection from the encryption in the export version. Both Microsoft and
Novell have been thwarted in their efforts to include RSA in their
international networking software, despite frequent publication of the
entire RSA algorithm in technical publications all over the world.
With hardware, the job has been easier. NSA levied against the inclusion of
a DES chip in the AS/390 series IBM mainframes in late 1990 despite the
fact that, by this time, DES was in widespread use around the world,
including semi-official adoption by our official enemy, the USSR.
I now realize that Soviets have not been the NSA's main concern at any time
lately. Naively hoping that, with the collapse of the Evil Empire, the NSA
might be out of work, I then learned that, given their own vigorous crypto
systems and their long use of some embargoed products, the Russians could
not have been the threat from whom this forbidden knowledge was to be kept.
Who has the enemy been then? I started to ask around.
Cited again and again as the real object of the embargoes were Third-World
countries. terrorists and... criminals. Criminals, most generally
drug-flavored, kept coming up, and nobody seemed terribly concerned that
some of their operations might be located in areas supposedly off-limits to
NSA scrutiny.
Presumably the NSA is restricted from conducting American surveillance by
both the Foreign Intelligence Surveillance Act of 1978 (FISA) and a series
of presidential directives, beginning with one issued by President Ford
following Richard Nixon's bold misuse of the NSA, in which he explicitly
directed the NSA to conduct widespread domestic surveillance of political
dissidents and drug users.
But whether or not FISA has actually limited the NSA's abilities to conduct
domestic surveillance seemed less relevant the more I thought about it. A
better question to ask was, "Who is best served by the NSA's encryption
export policies?" The answer is clear: domestic law enforcement. Was this
the result of some spook plot between NSA and, say, the Department of
Justice? Not necessarily.
Certainly in the case of the digital cellular standard, cultural congruity
between foreign intelligence, domestic law enforcement, and what somebody
referred to as "spook wannabes on the TR45.3 committee" might have a lot
more to do with the its eventual flavor than any actual whisperings along
the Potomac.
[continued in Effector Online 3.1 Part 2]
EFFector Online JULY 22, 1992 Issue 3.1 / end of Part 1
=====================================================================
EFFector Online JULY 29, 1992 Issue 3.1 / Part 2
A Publication of the Electronic Frontier Foundation
ISSN 1062-9424
=====================================================================
[Decrypting the Puzzle Palace by John Perry Barlow - continued - ]
Unable to get anyone presently employed by the NSA to comment on this or
any other matter and with little opportunity to assess the NSA's
congeniality toward domestic law enforcement from the inside, I
approached a couple of old hands for a highly distilled sample of
intelligence culture.
I called Admirals Stansfield Turner and Bobby Ray Inman. Not only had their
Carter administration positions as, respectively, CIA and NSA Directors,
endowed them with considerable experience in such matters, both are
generally regarded to be somewhat more sensitive to the limits of
democratic power than their successors. None of whom seemed likely to
return my calls anyway.
My phone conversations with Turner and Inman were amiable enough, but they
didn't ease my gathering sense that the NSA takes an active interest in
areas which are supposedly beyond its authorized field of scrutiny.
Turner started out by saying he was in no position to confirm or deny any
suspicions about direct NSA-FBI cooperation on encryption, but he didn't
think I was being exactly irrational in raising the question. In fact, he
genially encouraged me to investigate the matter further.
He also said that while a sub rosa arrangement between the NSA and the
Department of Justice to compromise domestic encryption would be
"injudicious," he could think of no law, including FISA (which he helped
design), which would prevent it.
Most alarmingly, this gentleman who has written eloquently on the hazards
of surveillance in a democracy did not seem terribly concerned that our
digital shelters are being rendered permanently translucent by and to the
government.
He said, "A threat could develop...terrorism, narcotics, whatever...where
the public would be pleased that all electronic traffic was open to
decryption. You can't legislate something which forecloses the possibility
of meeting that kind of emergency."
Admiral Inman had even more enthusiasm for assertive governmental
supervision. Although he admitted no real knowledge of the events behind
the new cellular encryption standard, he wasn't the least disturbed to hear
that it might be flawed.
And, despite the fact that his responsibilities as NSA Director had been
restricted to foreign intelligence, he seemed a lot more comfortable
talking about threats on the home front.
"The Department of Justice," he began, "has a very legitimate worry. The
major weapon against white collar crime has been the court-ordered wiretap.
If the criminal elements go to using a high quality cipher, the principal
defense against narcotics traffic is gone." This didn't sound like a guy
who, were he still head of NSA, would rebuff FBI attempts to get a little
help from his agency.
He brushed off my concerns about the weakness of the cellular encryption
standard. "If all you're seeking is personal privacy, you can get that with
a very minimal amount of encipherment."
Well, I wondered, Privacy from whom?
And he seemed to regard real, virile encryption to be something rather like
a Saturday Night Special. "My answer," he said, "would be legislation
which would make it a criminal offense to use encrypted communication to
conceal criminal activity."
Wouldn't that render all encrypted traffic automatically suspect? I asked.
"Well, he said, "you could have a registry of institutions which can
legally use ciphers. If you get somebody using one who isn't registered,
then you go after him."
You can have my encryption algorithm, I thought to myself, when you pry my
cold dead fingers from its private key.
It wasn't a big sample, but it was enough to gain a better appreciation of
the cultural climate of the intelligence community. And these guys are the
liberals. What legal efficiencies might their Republican successors be
willing to employ to protect the American Way?
Without the comfortably familiar presence of the Soviets to hate and fear,
we can expect to see a sharp increase in over-rated bogeymen and virtual
states of emergency. This is already well under way. I think we can expect
our drifting and confused hardliners to burn the Reichstag repeatedly until
they have managed to extract from our induced alarm the sort of government
which makes them feel safe.
This process has been under way for some time. One sees it in the war on
terrorism, against which pursuit "no liberty is absolute," as Admiral
Turner put it. This, despite the fact that, during last year for which I
have a solid figure, 1987, only 7 Americans succumbed to terrorism.
You can also see it clearly under way in the War on Some Drugs. The Fourth
Amendment to the Constitution has largely disappeared in this civil war.
And among the people I spoke with, it seemed a common canon that drugs (by
which one does not mean Jim Beam, Marlboros, Folger's, or Halcion) were a
sufficient evil to merit the government's holding any more keys it felt the
need for.
One individual close to the committee said that at least some of the
aforementioned "spook wannabes" on the committee were "interested in weak
cellular encryption because they considered warrants not to be "practical"
when it came to pursuing drug dealers and other criminals using cellular
phones."
In a miscellaneously fearful America, where the people cry for shorter
chains and smaller cages, such privileges as secure personal communications
are increasingly regarded as expendable luxuries. As Whitfield Diffie put
it, "From the consistent way in which Americans seem to put security ahead
of freedom, I rather fear that most of them would prefer that all
electronic traffic was open to government decryption right now if they had
given it any thought."
In any event, while I found no proof of an NSA-FBI conspiracy to gut the
American cellular phone encryption standard, it seemed clear to me that
none was needed. The same results can be delivered by a cultural
"auto-conspiracy" between like-minded hardliners and cellular companies who
will care about privacy only when their customers do.
You don't have to be a hand-wringing libertarian like me to worry about the
domestic consequences of the NSA's encryption embargoes. They are also, as
stated previously, bad for business, unless, of course, the business of
America is no longer business but, as sometimes seems the case these days,
crime control.
As Ron Rivest (the "R" in RSA) said to me, "We have the largest information
based economy in the world. We have lots of reasons for wanting to protect
information, and weakening our encryption systems for the convenience of
law enforcement doesn't serve the national interest."
But by early March, it had become clear that this supposedly business-
oriented administration had made a clear choice to favor cops over commerce
even if the costs to the American economy were to become extremely high.
A sense of White House seriousness in this regard could be taken from their
response to the first serious effort by Congress to bring the NSA to task
for its encryption embargoes. Rep. Mel Levine (D-Calif.) proposed an
amendment to the Export Administration Act to transfer mass market software
controls to the Commerce Department, which would relax the rules. The
administration responded by saying that they would veto the entire bill if
the Levine amendment remained attached to it.
Even though it appeared the NSA had little to fear from Congress, the
Levine amendment may have been part of what placed the agency in a
bargaining mood for the first time. They entered into discussions with the
Software Publishers Association who, acting primarily on behalf of
Microsoft and Lotus, got to them to agree "in principle" to a streamlined
process for export licensing of encryption which might provide for more
robust standards than have been allowed previously.
But the negotiations between the NSA and the SPA were being conducted
behind closed doors, with the NSA-imposed understanding that any agreement
they reached would be set forth only in a "confidential" letter to
Congress. As in the case of the digital cellular standard, this would
eliminate the public scrutiny by cryptography researchers which anneals
genuinely hardened encryption.
Furthermore, some cryptographers worried that the encryption key lengths to
which the SPA appeared willing to restrict its member publishers might be
too short to provide much defense against the sorts of brute-force
decryption assaults which advances in processor technology will yield in
the fairly near future. And brute force has always been the NSA's strong
suit.
Whether accurate or not, the impression engendered by the style of the
NSA-SPA negotiations was not one of unassailable confidence. The lack of it
will operate to the continued advantage of foreign manufacturers in an era
when more and more institutions are going to be concerned about the privacy
of their digital communications.
But the economic damage which the NSA-SPA agreement might cause would be
minor compared to what would result from a startling new federal
initiative, the Department of Justice's proposed legislation on digital
telephony. If you're wondering what happened to the snooping provisions
which were in Senate Bill 266, look no further. They're back. And they're
bigger and bolder than ever.
They are contained in a sweeping proposal which have been made by the
Justice Department to the Senate Commerce Committee for legislation which
would "require providers of electronic communications services and private
branch exchanges to ensure that the Government's ability to lawfully
intercept communications is unimpeded by the introduction of advanced
digital telecommunications technology or any other telecommunications
technology."
Amazingly enough, this really means what it says: before any advance in
telecommunications technology can be deployed, the service providers and
manufacturers must assure the cops that they can tap into it. In other
words, development in digital communications technology must come to a
screeching halt until Justice can be assured that it will be able to grab
and examine data packets with the same facility they have long enjoyed with
analog wire-tapping.
It gets worse. The initiative also provides that, if requested by the
Attorney General, "any Commission proceeding concerning regulations,
standards or registrations issued or to be issued under authority of this
section shall be closed to the public." This essentially places the
Attorney General in a position to shut down any telecommunications advance
without benefit of public hearing.
When I first heard of the digital telephony proposal, I assumed it was a
kind of bargaining chip. I couldn't imagine it was serious. But it now
appears they are going to the mattresses on this one.
Taken together with NSA's continued assertion of its authority over
encryption, a pattern becomes clear. The government of the United States is
so determined to maintain law enforcement's traditional wire-tapping
abilities in the digital age that it is willing to fundamentally cripple
the American economy to do so. This may sound hyperbolic, but I believe it
is not.
The greatest technology advantage this country presently enjoys is in the
areas of software and telecommunications. Furthermore, thanks in large part
to the Internet, much of America is already wired for bytes, as significant
an economic edge in the Information Age as the existence of a railroad
system was for England one hundred fifty years ago.
If we continue to permit the NSA to cripple our software and further convey
to the Department of Justice the right to stop development the Net without
public input, we are sacrificing both our economic future and our
liberties. And all in the name of combating terrorism and drugs.
This has now gone far enough. I have always been inclined to view the
American government as pretty benign as such creatures go. I am generally
the least paranoid person I know, but there is something scary about a
government which cares more about putting its nose in your business than it
does about keeping that business healthy.
As I write this, a new ad hoc working group on digital privacy, coordinated
by the Electronic Frontier Foundation, is scrambling to meet the challenge.
The group includes representatives from organizations like AT&T, the
Regional Bells, IBM, Microsoft, the Electronic Mail Association and about
thirty other companies and public interest groups.
Under the direction of Jerry Berman, EFF's Washington office director, and
John Podesta, a capable lobbyist and privacy specialist who helped draft
the ECPA, this group intends to stop the provisions in digital telephony
proposal from entering the statute books.
We also intend to work with federal law enforcement officials to address
their legitimate concerns. We don't dispute their need to conduct some
electronic surveillance, but we believe this can be assured by more
restrained methods than they're proposing.
We are also preparing a thorough examination of the NSA's encryption export
policies and looking into the constitutional implications of those
policies. Rather than negotiating behind closed doors, as the SPA has been
attempting to do, America's digital industries have a strong self-interest
in banding together to bring the NSA's procedures and objectives into the
sunlight of public discussion.
Finally, we are hoping to open a dialog with the NSA. We need to develop a
better understanding of their perception of the world and its threats. Who
are they guarding us against and how does encryption fit into that
endeavor? Despite our opposition to their policies on encryption export, we
assume that NSA operations have some merit. But we would like to be able to
rationally balance the merits against the costs.
We strongly encourage any organization which might have a stake in the
future of digital communication to become involved. Letters expressing your
concern may be addressed to: Sen. Ernest Hollings, Chairman, Senate
Commerce Committee, U.S. Senate, Washington, DC and to Don Edwards,
Chairman, Subcommitee on Constitutional Rights, House Judiciary Committee.
(I would appreciate hearing those concerns myself. Feel free to copy me
with those letters at my physical address, c/o P.O. Box 1009, Pinedale, WY
82941 or in Cyberspace, barlow@eff.org.)
If your organization is interested in becoming part of the digital privacy
working group, please contact EFF's Washington office at: 666 Pennsylvania
Avenue SE, Suite 303, Washington, DC 20003, 202/544- 9237, FAX:
202/547-5481. EFF also encourages individuals interested in these issues to
join the organization. Contact us at: Electronic Frontier Foundation, 155
Second Street, Cambridge, MA 02141,617/864- 0665, eff-request@eff.org.
The legal right to express oneself is meaningless if there is no secure
medium through which that expression may travel. By the same token, the
right to hold certain unpopular opinions is forfeit unless one can discuss
those opinions with others of like mind without the government listening in.
Even if you trust the current American government, as I am still largely
inclined to, there is a kind of corrupting power in the ability to create
public policy in secret while assuring that the public will have little
secrecy of its own.
In its secrecy and technological might, the NSA already occupies a very
powerful position. And conveying to the Department of Justice what amounts
to licensing authority for all communications technology would give it a
control of information distribution rarely asserted over English-speaking
people since Oliver Cromwell's Star Chamber Proceedings.
Are there threats, foreign or domestic, which are sufficiently grave to
merit the conveyance of such vast legal and technological might? And even
if the NSA and FBI may be trusted with such power today, will they always
be trustworthy? Will we be able to do anything about it if they aren't?
Senator Frank Church said of NSA technology in 1975 words which are more
urgent today:
"That capability at any time could be turned around on the American people
and no American would have any privacy left. There would be no place to
hide. If this government ever became a tyranny, the technological capacity
that the intelligence community has given the government could enable it to
impose total tyranny. There would be no way to fight back, because the most
careful effort to combine together in resistance to the government, no
matter how privately it was done, is within the reach of the government to
know. Such is the capacity of this technology."
San Francisco, California
May, 1992
Reprinted from Communications of the ACM, June 1992
by permission of the author
-==--==--==-<>-==--==--==-
from THE TAO TE CHIP
by Jeffrey Sorrenson
sorensen@ecse.rpi.edu
(with help from Steven Mitchell and Lao Tzu)
2
When users see one GUI as beautiful,
other user interfaces become ugly.
When users see some programs as winners,
other programs become lossage.
Pointers and NULLs reference each other.
High level and assembler depend on each other.
Double and float cast to each other.
High-endian and low-endian define each other.
While and until follow each other.
Therefore the Guru
programs without doing anything
and teaches without saying anything.
Warnings arise and he lets them come;
processes are swapped and he lets them go.
He has but doesn't possess,
acts but doesn't expect.
When his work is done, he deletes it.
That is why it lasts forever.
80
If a system is administered wisely,
its users will be content.
They enjoy hacking their code
and don't waste time implementing
labor-saving shell scripts.
Since they dearly love their accounts,
they aren't interested in other machines.
There may be telnet, rlogin, and ftp,
but these don't access any hosts.
There may be an arsenal of cracks and malware,
but nobody ever uses them.
People enjoy reading their mail,
take pleasure in being with their newsgroups,
spend weekends working at their terminals,
delight in the doings at the site.
And even though the next system is so close
that users can hear its key clicks and biff beeps,
they are content to die of old age
without ever having gone to see it.
-==--==--==-<>-==--==--==-
MEMBERSHIP IN THE ELECTRONIC FRONTIER FOUNDATION
If you support our goals and our work, you can show that support by
becoming a member now. Members receive our quarterly newsletter,
EFFECTOR, our bi-weekly electronic newsletter, EFFector Online (if you
have an electronic address that can be reached through the Net), and
special releases and other notices on our activities. But because we
believe that support should be freely given, you can receive these
things even if you do not elect to become a member.
Our memberships are $20.00 per year for students, $40.00 per year for
regular members. You may, of course, donate more if you wish.
Our privacy policy: The Electronic Frontier Foundation will never, under
any circumstances, sell any part of its membership list. We will, from
time to time, share this list with other non-profit organizations whose
work we determine to be in line with our goals. If you do not grant
explicit permission, we assume that you do not wish your membership
disclosed to any group for any reason.
---------------- EFF MEMBERSHIP FORM ---------------
Mail to: The Electronic Frontier Foundation, Inc.
155 Second St. #31
Cambridge, MA 02141
I wish to become a member of the EFF I enclose:$__________
$20.00 (student or low income membership)
$40.00 (regular membership)
$100.00(Corporate or company membership.
This allows any organization to
become a member of EFF. It allows
such an organization, if it wishes
to designate up to five individuals
within the organization as members.)
| I enclose an additional donation of $___________
Name:______________________________________________________
Organization:______________________________________________
Address: __________________________________________________
City or Town: _____________________________________________
State:_______ Zip:________ Phone:( )_____________(optional)
FAX:( )____________________(optional)
Email address: ______________________________
I enclose a check [ ] .
Please charge my membership in the amount of $_____________
to my Mastercard [ ] Visa [ ] American Express [ ]
Number:____________________________________________________
Expiration date: ____________
Signature: ________________________________________________
Date:______________________
I hereby grant permission to the EFF to share my name with
other non-profit groups from time to time as it deems
appropriate [ ] .
Initials:___________________________
Your membership/donation is fully tax deductible.
=====================================================================
EFFector Online is published by
The Electronic Frontier Foundation
155 Second Street, Cambridge MA 02141
Phone: +1 617 864 0665 FAX: +1 617 864 0866
Internet Address: eff@eff.org
Reproduction of this publication in electronic media is encouraged
To reproduce signed articles individually,
please contact the authors for their express permission.
=====================================================================
This newsletter is printed on 100% recycled electrons.
########## ########## ########## |
########## ########## ########## |
#### #### #### |
######## ######## ######## | THE FUTURE OF NSFNET
######## ######## ######## |
#### #### #### |
########## #### #### |
########## #### #### |
=====================================================================
EFFector Online August 19, 1992 Issue 3.2
A Publication of the Electronic Frontier Foundation
ISSN 1062-9424
=====================================================================
GETTING A HANDLE ON THE FUTURE OF NSFNET
by Andrew Blau (blau@eff.org)
A Report on the July 23 Meeting
of the Communications Policy Forum
in Washington, D.C.
The National Science Foundation (NSF) is responsible for the NSFNet.
Originally a network created to link a handful of supercomputing
centers serving the U.S. research and education community, NSFNet
became the backbone of the Internet in this country, now serving
millions of people and thousands of organizations. Since 1987, the
NSF has contracted with a partnership of Merit Network, Inc., IBM
and MCI to provide and manage these "backbone network services.
That contract will expire in November of this year.
In order to award a contract for the next phase of the NSFNet's
growth and management, NSF staff is preparing a solicitation that
will describe the network that the NSF wants and invite interested
organizations to bid to become the provider of those services.
However, before releasing the final solicitation that will be bid
on, the NSF released a draft and asked for public comment on it.
Comments were to be filed by August 3rd of this year.
In response to this, EFF, which administers the Communications
Policy Forum in Washington, DC convened a roundtable on July 23 to
bring together a wide cross-section of groups that would either be
bidding on the new contract or would be affected by its outcome.
Also attending the meeting were members of the NSF staff. The
meeting itself, in order to stimulate an open exchange of views, was
"off-the-record" in that while notes on the sense of the speakers
were maintained, no speaker was directly quoted.
The Proposed New Shape of NSFNet
The Draft Solicitation describes a new architecture for the NSFNet.
It specifies certain requirements for those who are interested in
providing these services.
Until now, the "backbone network services" that lie at the heart of
the NSFNet worked as a single package. This package was a trunk for
connecting regional or "mid-level" networks across the country. It
was provided by an organization that also controlled access to the
backbone and directed traffic on it. In recent years, this
arrangement created a sense of unfairness among competitors in the
independent commercial sector who are eager to provide network
services and Internet connections.
In order to address these and other concerns, the Draft Solicitation
proposes that the next generation will split this package into two
distinct units. The first unit would be a "very high speed backbone"
or "vBNS". The second unit would provide a number of "network access
points" or "NAPs." The entity responsible for providing the NAPs
will also be the Routing Authority that oversees network traffic.
The draft also specifies some requirements for the new architecture.
First the vBNS must operate at 155 mbps or higher. Second, it must
connect to all NAPs. Third, it must provide high speed interregional
connectivity. Fourth it must be restricted to research and education
traffic only. Fifth, the NAPs must operate at speeds of at least 100
mbps, may connect any number of networks to each other or the vBNS,
and are open to any kind of traffic. Finally, the vBNS provider and
the NAP manager must be two different entities.
Reactions at the CPF
Two major themes emerged from the nearly six hours of discussion at
the July 23rd CPF meeting.
First, there has been substantial lack of shared understanding about
some of the draft's key elements. Among items mentioned were such
basic questions as what is a NAP, what is the vBNS, how will they
relate, are there ways of connecting to the vBNS without going
through a NAP, how many NAPs will there be and where will they be
located, what will it cost to connect to a NAP and how will charges
be set?
Second, it became clear that there were many important issues about
which the NSF remained "intentionally silent." Most obviously, the
draft has no guidelines to suggest how bids will be evaluated. In
addition, the draft is silent about how this generation of the
NSFNet intersects with the development of the NREN. It does not
suggest how prices for NAP attachment will be set, and when. The
draft fails to address the procedure for starting a non-NSF
sponsored NAP and connecting to the vBNS. The draft also fails to
illuminate how the NSF determines when a technology is no longer
"experimental" and can be provided commercially without further
government funding.
Additional issues came from the various constituencies around the
table who brought with them very different concerns. For example,
the research and education community appreciated that the draft
seemed to make it easier to access commercial services through the
Internet, yet expressed concern that the new architecture would
disrupt the regional arrangements that allow costs to be shared.
These cost sharing arrangements, they argue, foster more widespread
connectivity, and disrupting them could reduce rather than increase
the number of networked institutions.
Commercial network service providers expressed a range of opinions.
Some supported the basic architecture, although suggested certain
modifications, such as that the Routing Authority be separate from
the entity that manages the NAPs. Others argued that the draft
continues to unfairly distort the marketplace for network services
by subsidizing standard connections such as e-mail.
Local telephone companies, who have not previously been involved in
the development of the NSFNet, pointed out that the NSF was
proposing a new commercial network without taking into account the
infrastructure and regulatory boundaries of the nation's local
exchange telephone companies. Since the breakup of the Bell System,
for example, the Baby Bells cannot transport traffic across certain
regional boundaries. If the NSF's architecture does not put a NAP
in every one of these regions, then these network providers are
automatically excluded from full participation.
Following the meeting, the EFF staff prepared a summary of the major
issues that arose during the course of the discussion and circulated
it to all those in attendance. The EFF also submitted it to the NSF as
a record of important concerns that the EFF believes should be
considered in preparing the final solicitation. In addition, the EFF
asked the NSF to resubmit a draft solicitation for public comment
before issuing a final version.
* * * * *
Want more information?
For more information about the NSFNet draft solicitation and bidding
process, contact our Washington office at eff.org. DC staff members
Danny Weitzner(djw@eff.org) and Andrew Blau (blau@eff.org), as well as
Jerry Berman (jberman@eff.org), the Director of the Washington office,
have all been working on this issue.
About the Communications Policy Forum
The Communications Policy Forum, a project administered by the EFF,
provides consumer and public interest groups, telecommunications
companies, computer industry groups and policy makers a common forum
in which to discuss telecommunications issues and exchange views in
a non-partisan setting. The CPF also undertakes non-partisan
research. It is co-sponsored with the Consumer Federation of
America and the ACLU.
-==--==--==-<-==--==--==-
MEMBERSHIP IN THE ELECTRONIC FRONTIER FOUNDATION
If you support our goals and our work, you can show that support by
becoming a member now. Members receive our quarterly newsletter,
EFFECTOR, our bi-weekly electronic newsletter, EFFector Online (if you
have an electronic address that can be reached through the Net), and
special releases and other notices on our activities. But because we
believe that support should be freely given, you can receive these
things even if you do not elect to become a member.
Our memberships are $20.00 per year for students, $40.00 per year for
regular members. You may, of course, donate more if you wish.
Our privacy policy: The Electronic Frontier Foundation will never, under
any circumstances, sell any part of its membership list. We will, from
time to time, share this list with other non-profit organizations whose
work we determine to be in line with our goals. If you do not grant
explicit permission, we assume that you do not wish your membership
disclosed to any group for any reason.
---------------- EFF MEMBERSHIP FORM ---------------
Mail to: The Electronic Frontier Foundation, Inc.
155 Second St. #32
Cambridge, MA 02141
I wish to become a member of the EFF I enclose:$__________
$20.00 (student or low income membership)
$40.00 (regular membership)
$100.00(Corporate or company membership.
This allows any organization to
become a member of EFF. It allows
such an organization, if it wishes
to designate up to five individuals
within the organization as members.)
| I enclose an additional donation of $___________
Name:______________________________________________________
Organization:______________________________________________
Address: __________________________________________________
City or Town: _____________________________________________
State:_______ Zip:________ Phone:( )_____________(optional)
FAX:( )____________________(optional)
Email address: ______________________________
I enclose a check [ ] .
Please charge my membership in the amount of $_____________
to my Mastercard [ ] Visa [ ] American Express [ ]
Number:____________________________________________________
Expiration date: ____________
Signature: ________________________________________________
Date:______________________
I hereby grant permission to the EFF to share my name with
other non-profit groups from time to time as it deems
appropriate [ ] .
Initials:___________________________
Your membership/donation is fully tax deductible.
=====================================================================
EFFector Online is published by
The Electronic Frontier Foundation
155 Second Street, Cambridge MA 02141
Phone: +1 617 864 0665 FAX: +1 617 864 0866
Internet Address: eff@eff.org
Reproduction of this publication in electronic media is encouraged
To reproduce signed articles individually,
please contact the authors for their express permission.
=====================================================================
This newsletter is printed on 100% recycled electrons.
########## ########## ########## | THE EFF AND THE FBI: Two Letters
########## ########## ########## |
#### #### #### |
######## ######## ######## | ONE BBSCON REPORTS
######## ######## ######## | At Play in the Field of the Boards
#### #### #### | Dueling BBSCONS
########## #### #### |
########## #### #### |
=====================================================================
EFFector Online August 24, 1992 Issue 3.3
A Publication of the Electronic Frontier Foundation
ISSN 1062-9424
=====================================================================
THE EFF AND THE FBI: An exchange of views
This is an exchange of letters in the Wall Street Journal between
the Director of the FBI, William Sessions and EFF's Staff Counsel, Mike
Godwin.
August 4,1992
FBI Must Keep Up With Wonks & Hackers
Re your July 9 article about a very successful "computer hackers"
investigation conducted by the FBI and the Secret Service ("Wiretap
Inquiry Spurs Computer Hacker Charges"): The article mentions that
court-ordered electronic surveillance was a critical part of the
investigation and that the FBI is seeking laws to make it easier to tap
computer systems. Mike Godwin, general counsel for the Electronic
Frontier Foundation, said that "the success in this case 'undercuts' the
argument that new laws are needed." I believe the opposite to be the
case. This investigation clearly demonstrates why legislation is
absolutely necessary.
What Mr. Godwin is referring to is a legislative proposal on behalf of
law enforcement to ensure that as telecommunications technology
advances, the ability of law enforcement to conduct court-ordered
electronic surveillance is not lost. Without the legislation, it is
almost certain that will occur. The proposal is not directed at
computer systems, but pertains to telephone service providers and
equipment manufacturers.
In 1968, Congress carefully considered and passed legislation setting
forth the exacting procedure by which court authorization to conduct
electronic surveillance can be obtained. Since that time it has become
an invaluable investigative tool in combating serious and often life-
threatening crimes such as terrorism, kidnapping, drugs and organized
crime. The 1968 law contemplates cooperation by the telecommunications
service providers in implementing these court orders. The proposed
legislation only clarifies that responsibility by making it clearly
applicable regardless of the technology deployed.
Absent legislation, the ability to conduct successful investigations
such as the one mentioned in your article will certainly be jeopardized.
The deployment of digital telecommunications equipment that is not
designed to meet the need for law enforcement to investigate crime and
enforce the laws will have that effect. No new authority is needed or
requested. All the legislation would do if enacted is ensure that the
status quo is maintained and the ability granted by Congress in 1968
preserved.
William S. Sessions
Director, FBI, Department of Justice
Wall Street Journal, August 4, 1992
August 14, 1992
Letters to the Editor
The Wall Street Journal:
200 Liberty Street
New York, NY 10281
In his Aug. 4 letter to the editor, FBI Director William Sessions
disagrees with my quoted opinion that the FBI's success in a
computer-wiretap case "'undercuts' the argument that new laws are
needed." His disagreement doesn't disturb me too much; it's the kind of
thing over which reasonable people can disagree.
What does disturb me, however, is Sessions's claim about the FBI's
initiative to require the phone companies (and other
communications-service providers, like CompuServe) to build wiretapping
capabilities into their systems. Says Sessions, apparently without
irony:
"No new authority is needed or requested. All the legislation would if
enacted is ensure that the status quo is maintained and the ability [of
law enforcement to implement wiretaps] is preserved." Earlier, Sessions
says the proposed legislation "only clarifies [the phone companies']
responsibility" to cooperate with properly authorized law enforcement
under the 1968 Wiretap Act.
What Sessions does not mention, however, is that his legislation would,
among other things, allow the government to impose upon those phone
companies and communications-service providers who do not build
wiretapping into their systems "a civil penalty of $10,000 per day for
each day in violation." By any standards other than those of Sessions
and the FBI, this constitutes "new authority." If this proposal "only
clarifies" providers' obligations under the 1968 Act, one shudders to
imagine what Sessions would call an "expansion" of law-enforcement
authority.
MIKE GODWIN
Staff Counsel
Electronic Frontier Foundation
Cambridge, Massachusetts
-==--==--==-<-==--==--==-
At Play in the Field of the Boards: Report on ONE BBSCON
August 13-16, 1992.
by Steve Cisler (sac@apple.com)
Validating the BBS Ticket
Our plane punched down through the low clouds a half hour late into
Denver. A short shuttle ride and you're at the Stouffer Concourse Hotel
the site of the Online Networking Exposition and BBS Convention ONE
BBSCon. This was to be the first ecumenical gathering of bulletin board
system operators (sysops), hardware and software vendors, and
programmers that spanned the DOS, Unix, and Macintosh worlds. There had
once been annual meetings of Fidonet sysops, but the parent organization
had folded even as the number of BBS systems continued to explode.
Jack Rickard, President of ONE, Inc. and publisher of Boardwatch
Magazine <jack.rickard@boardwatch.com> had partnered up with Phil
Becker, author of TBBS software, to organize a trade show for BBS
operators that would be inexpensive enough to attract those running
their boards as hobbies but featured tutorials and panels with subjects
attractive to entrepreneurs who have mounted and maintained successful
business systems with four, eight, on up to 64 phone lines for their
clients.
Most of us in the online world are stratified in our interests when it
comes to networking and communications. There are MIS shops depending on
minis and mainframes; there are the academic and research networks where
NREN and the Internet dominate; there are consumer services, a
continuing, failure when promoted and maintained by the regional phone
companies and successful in different ways at Prodigy, GEnie,
CompuServe, and America Online. But then there are the BBS systems.
BBS systems, users, and sysops have never been validated by many of the
mainstream opinion makers. Most of the operators and users have been
outsiders, socially, politically, and even economically. Of these, a
significant subset are proud of this status, but others yearn to make
their "hobby" into a full-fledged industry. Indeed, if some of the
reports of BBS size heard in the panels and in the halls are even
remotely accurate, there are many "machete and loincloth BBSs that rival
commercial services. ONE BBSCON brought nearly 1000 of these outsiders
together for the first time. It also attracted mainstream users who have
found BBSs to be cost effective, easy to maintain (compared to other
sorts of electronic systems), and extremely useful. ONE BBSCON put the
spotlight on the "Industry" as Rickard and Becker hope it will become.
BBS System vendors were on the organizing board, and there were tracks
for the major DOS/Intel systems: Wildcat!, TBBS, PCBoard, MAJOR, and
Searchlight as well as other operating systems such as UNIX and
Macintosh (the latter comprised less than 5% of the attendees). Other
tracks were for legal and social issues, corporate and business
applications, how to make money with a BBS, the Internet/NREN, Mail
networks, and a technical track.
Few Ties and Big Skies
The opening reception included a sprinkling of ties, making me feel
over-dressed in a sport coat. With the dress code set for the rest of
the days ahead, I thumbed through the program and spoke with BBS and
networking folks whom I had met online or at other conferences. Dave
Hughes of Old Colorado City Communications <dave@well.sf.ca.us> and
Frank Odasz of Big Sky Telegraph <frank@bigsky.dillon.mt.us> noted the
lack of education tracks in the program, but with their participation in
the program it became an important sub-theme.
The range of activities in the BBS world indicates the potential power
and freedom to experiment that goes with cheap hardware, BBS software,
and a reasonably priced public telephone network. A journalist from
Albuquerque is running his newspaper's 16 line system, which provides
news to callers at no charge. A BBS team had just returned from Russia
where they were helping set up a country-wide system using low-orbiting
satellites for data transmission. An entrepreneur who had been sued by
Playboy enterprises for vending GIF images of Playmates (and using that
trademarked name in his BBS menus) without much thought of copyright was
present and seeking advice and solace.
At the opening session it was immediately evident ONE BBSCON was going
to be a successful conference. It was also clear how BBSs would become
an industry that would overshadow but not eliminate hobby uses of such
systems: cheap 9600 bps modems, inexpensive 486 servers, and telephone
systems that are not charging by measured use (as is done in many other
countries). Boardwatch estimates that there are 44,000 public systems
(and many more private and corporate ones) in the U.S. The four vendors
sitting on ONE, Inc. board claim to have an installed base of 50,000,
and this excludes Fido, the most popular of all systems. Phil Becker
made a strong pitch for the BBS as a business tool for mainstream
activities and belittled what he called the 'stupid niches' like Keith
Wade's THE ANARCHIST GUIDE TO BBS. Clearly, Becker wanted to encourage
mainstream business uses of this technology. They were impressive and
diverse. Others like Tom Jennings (author of the extremely cheap and
popular Fido software) sees the technology benefiting the outsiders: the
fat, the handicapped, the socially inept, the disenfranchised, the
radical, the non-mainstream. And of course, BBS technology can fill both
Becker's and Jennings' very different visions, but Becker's was the one
in the ascendent at ONE BBSCon
The keynote speech was given by John Dvorak, who writes for many
computer magazines, has co-authored a successful book on telecomms, and
is often on the public speaker circuit. His columns are entertaining,
opinionated and as Art Kleiner said in an old S.F. Bay Guardian article,
he is a "curmudgeon without a cause."
People who like to rattle cages can be good speakers and warm the crowd
up for the ensuing events. However, Dvorak devoted so much time to self
advertisements and plugging his books that it seemed he must have spent
about 10 minutes thinking about some of the issues that needed
addressing with regards to BBSes. A sprinkling of Dvorak comments: "get
a fan for your 486 machines... OS/2 is fun! (Windows is not)...the BBS
community needs a lobbyist in each state; it's embarrassingly naive and
should examine how it operates on different levels...Al Gore is the Dan
Quayle of the Democratic Party...The porno boards are always under
scrutiny by the government. one way or another... Playboy images on a
BBS has to be called fair use... BBSes cannot continue to allow slander
on the boards. You have to clean up your act by self-policing.
Dvorak also called for a constitutional amendment to protect electronic
rights, apparently unaware that constitutional scholar Laurence Tribe
had proposed this in his keynote at Computers, Freedom, and Privacy 1
some eighteen months ago, a proposal that received national publicity.
On the one hand Dvorak pandered to anti-Congress sentiments in the crowd
and then urged involvement in politics; on the other hand he found the
Perot candidacy a sham, including the electronic element.
Panels: Social and Technical
I attended the Electronic Frontier Foundation program which filled up
with an overflow from the Legal track where Lance Rose addressed many
questions about the rights and responsibilities of sysops in an
increasingly litigious and regulated environment. Shari Steele, a lawyer
in the EFF Washington office, explained their activities and then
answered questions. The questions revealed the strong anti-Washington,
anti-lawyer, anti-regulation sentiments in the audience. It is evident
that many sysops value the control they believe they have when they set
up and run a bulletin board. Hearing about the FCC and Congressional
efforts to change 'their' world made some people angry and others want
to organize.
Midway through the conference a group of software developers decided to
organize to try and learn about existing standards before setting ones
that would benefit their own developers and users. The three main areas
include interface, messaging and document structure, and graphics.
Surprisingly, some did not want to give up the diversity that is so
evident in the many interfaces and message protocols, but most agreed to
try and set an agenda via electronic mail and plan for other actions at
the next conference. The Internet Engineering Task Force use of RFCs
(Request for Comment) was held up as a model they would emulate.
Jim Warren moderated the panel on electronic democracy where most
members were excited about the power of the tools. Gary Stryker of
Galacticom proposed a system called SuperDemocracy which would include
continuous electronic voting on issues in a hierarchy by geographical
region. Shari Steele reminded the group that many did not have computers
or modems, and that electronic democracy would exclude many potential
voters. Gary Nakarado, a PUC commissioner in Colorado recounted how he
started a BBS to learn more about the medium and to be in touch with the
interesting people in his community. Unfortunately, they have not been
logging in. PUC activities attract very little attention and he has very
few calls and questions from the general public. He is interested in
having more input on issues such as ISDN service, BBSes, and other
issues affecting Colorado utility users.
Bernard Aboba, author of BBSes and Beyond , talked about the software
for connecting Macs to the global mail networks (RIME, Fido, Internet,
uucp) and it was evident that the Mac is a terrific front end for many
systems, but as a server it needs more power and more tools from third
parties. Developers from ResNova 714 840 6082 showed how their Mac BBS
software could fill the gaps, as did a rep. from SoftArc 416 299 4723.
SoftArc's FirstClass server and client software looked very powerful and
full of features that would allow a FirstClass BBS to serve many
concurrent users on LAN, dialup and TCP/IP access.
All of the companies are quite small, and the wish lists of new features
grows faster than the staff to work on them. Still I was amazed at the
power and sophistication of the DOS and Mac BBS systems. Event Horizons,
the BBS vending adult GIF images south of Portland, Oregon, has a 64
line 80486 system running on TBBS! Other systems running multiple cpus
have a hundred or more lines coming in. Clearly, these are not basement
run, part time operations.
The BBS Bulletin Board
One morning I went down to comb the literature tables and read the cork
bulletin board where a variety of fascinating notes had been posted.
They will give you a sense of the diversity in this community:
-Monterey Gaming System 408 655 5555 (free)
-Black Cat Information Service in Rochester NY 716 262 3680 (Visa/MC
accepted!) Games, Society for Creative Anachronism files and Adult Info
-the Zoo...an electric safari. your tour guide: Chuck 2. 312 907
1831 to 1839.
-The OU BBS, University of Oklahoma (telnet
oubbs,telecom.uoknor.edu)
-Power Windows! BBS (also for OS/2 users) Huntsville, AL 205 881
8619
-The Invention Factory, (NY, NY) 212 274 8110
-The Online Diver (Brooklyn Center, MN) 566 5267 No area code must
indicate that it's for local Minnesota divers primarily.
-Nautilus Commercial Data System with 250,000 public domain files,
200 incoming data lines (!), 28 gigabytes of storage, satellite weather
images, hourly news updates, games, dBase templates, GIF images---all
out of Iola, Kansas 316 365 7631.
-Infinity Complex "a wickedly addictive Science Fiction game for
MAJOR BBS systems. Infinity Complex puts your users in a bizarre arena
of the future, where they must battle for their very lives...and use up
a lot of online hours in the process!" 403 476 8369 (voice)
-an ad for the first annual Puget Sound (WA) BBS convention (no
phone contact)
-ads for serial port boards, new BBS software, consulting services,
and calls for source code for data compression.
-BAWIT Bay Area Women in Telecom for working women in
telecommunications in the San Francisco area. Contact
bawitrequest@igc.apc.org.
-Make your own custom CD-ROM for $199. Up to 640 mb. ISO 9660. 800
762.
Internet and NREN
There was a lot of interest in Internet/NREN issues, but only a few
people knew much about them. The panels on Internet connectivity,
legislation, and interfaces drew good sized crowds but needed more basic
information in a standard presentation format before having Q&A. BBSes
can be a good interface for people going on to the Internet. It provides
a way of formatting and filtering the anarchy of the Internet, even as
it offers occasion for excess control of what a caller can see and use.
I spent more time showing resources using Mac-based interfaces than
talking about the intricacies of the growth of NREN in my session which
was included in the small Macintosh track rather than the larger
Internet track. I also participated in a graphics discussion where the
panelists discussed GIF (the CompuServe standard so popular on BBSes and
the Internet), NAPLPS (which is good for multi-lingual communications
and small vector-based images), JPEG (the compression du jour that may
displace GIF and the one that the Smithsonian and Apple are touting for
Project Chapman), and FIF (fractal image format which is a more
efficient proprietary algorithm than JPEG but which takes a long time to
compress).
Summary
The BBS world is changing, growing, exploding. Jack Rickard has provided
good coverage in his magazine. His conference was a big success (and a
very good value considering the amount of fine food that was included
with the conference activities). If you are not in the BBS world, and
even if you are, it's hard to be aware of the all activity because it is
so distributed. This conference helped immensely.
I think that Rickard will have to face a problem of success: will he
continue to be the lively and opinionated journalist when his magazine
and his conference become the focus of the whole industry and a possible
industry association? He may have to defend actions when he should be
exposing them, but that is looking a couple of years ahead. Right now,
there is no way to go but up and out because of the growing interest in
this medium of information dissemination and of personal communication.
A BBS provides both sysops and users an enormous amount of leverage, and
the library world should take notice more than it does. One prominent
public librarian who is quite involved in electronic dissemination of
information remarked to me a few years ago that it would be great if
BBSes just went away. I have heard other dismissive or even snobbish
comments about BBSes, but the four librarians whom I met at ONE BBSCON
all realized this is foolish. It's not the only tool to use, but it can
be a very important one.
Contacts mentioned in the text:
Gary Nakarado, Colorado Public Utilities commissioner
<nakarado@well.sf.ca.us> 303 526 5505 is his BBS number.
NAPLPS: North American Presentation Level Protocol Syntax.
Dave Hughes <dave@oldcolo.com or dave@well.sf.ca.us>
Fractal compression: Fracterm, Inc. in Richmond, BC
800-676-3111
GIF: CompuServe Art Gallery and various browsers at ftp sites
JPEG: mail jpeg-info@uunet.uu.net or contact sac@apple.com
Boardwatch : 303 973 6038 or jack.rickard@boardwatch.com
TBBS software: eSoft 303 699 6565
SuperDemocracy Foundation: 305 583 5990
Bernard Aboba: BMUG, Inc., 510 547 0345
Jim Warren (electronic democracy): jwarren@well.sf.ca.us
Electronic Frontier Foundation: eff@eff.org
Lance Rose (legal issues): author of Syslaw a legal guide to the
rights and responsibilities of sysops.
Laurence H. Tribe, "The Constitution in Cyberspace" anonymous ftp
from ftp.apple.com in the /ftp/alug/rights directory 49 kb.
====================================================================
Copyright 1992 by Steve Cisler, Apple Library. All or part of this
document may be redistributed free of charge in electronic format (disk,
CD-ROM, online) by any party. Print re-distribution is allowed for
personal use as well as non-profit. educational and government
newsletters and journals. Please send email to the author when you do
reprint or repost or quote from this report. Internet: sac@apple.com
-==--==--==-<-==--==--==-
Dueling BBScons:
The View From The Booth
by Rita Rouvalis (rita@eff.org)
Last week, Denver was the host of not one, but two BBS conferences.
Most people didn't know that -- especially those attending ONE BBSCON.
At some point, last year's FidoCon split -- spinning off into The ONE
BBScon and IBECC (International BBSing and Electronic Commuications
Conference). Who split first is hotly debated. Why they split in
the first place was never addressed. Neither conference benefitted.
IBECC, focused primarily upon hobbyist and other non-profit boards, took
the worse hit. Hampered by the absence of an adequate publicity
machine, attendance was extremely low. On the afternoon I spent at that
conference, the EFF's panel was the best attended class -- with
around ten people in the audience. These individuals were
intensely interested in the social implications of the growth
of BBS networks, questioning EFF staff attorney Shari Steele and myself
about everything from the Open Platform proposal to what the EFF plans
to do about the harassment of pagan BBS'ers in heavy fundamentalist
territory.
Although the hit didn't come in the pocketbook for ONE BBScon, it did
suffer from the split. Without the presence of the educational and non-
profit interests of IBECC, much of the conference came off as crass
commercialism at its worst. I found it odd that a conference professing
to be "it" for the BBS world would intentionally excluded such a large
faction of the BBS community. The emphasis was placed squarely on
making money from your BBS. Phil Becker even went so far as to ridicule
a book entitled The Anarchist's Guide to the BBS -- summarily dismissing
one of the most valuable functions of BBS's -- the distribution of
information not easily had in other places.
Just previous and during the conference rumors and accusations were
flying about unfair methods on the behalf of ONE to lure IBECC attendees
to ONE BBSCon. Some individuals claimed that when they called the
Stouffer Concourse, where ONE BBSCon was being held, hotel staff told
them that it was the hotel for IBECC (IBECC was held in the Sheraton on
the other side of Denver). Another claimed that ONE intentionally
designed a sign in the lobby on the first day to look like IBECC. Some
ONE attendees, unaware that IBECC was happening across town, recalled
hearing about it and assumed that ONE was the same conference.
ONE BBSCon was a far better publicized and organized conference than
IBECC, which goes a lot farther in accounting for its success than any
alleged underhanded practices. What I fail to understand, however,
is why these two conferences split off in the first place, and why their
organizers are wasting our time with petty politics when it is obvious
that the BBS community needs and wants to become more unified.
-==--==--==-<-==--==--==-
MEMBERSHIP IN THE ELECTRONIC FRONTIER FOUNDATION
If you support our goals and our work, you can show that support by
becoming a member now. Members receive our quarterly newsletter,
EFFECTOR, our bi-weekly electronic newsletter, EFFector Online (if you
have an electronic address that can be reached through the Net), and
special releases and other notices on our activities. But because we
believe that support should be freely given, you can receive these
things even if you do not elect to become a member.
Our memberships are $20.00 per year for students, $40.00 per year for
regular members. You may, of course, donate more if you wish.
Our privacy policy: The Electronic Frontier Foundation will never, under
any circumstances, sell any part of its membership list. We will, from
time to time, share this list with other non-profit organizations whose
work we determine to be in line with our goals. If you do not grant
explicit permission, we assume that you do not wish your membership
disclosed to any group for any reason.
---------------- EFF MEMBERSHIP FORM ---------------
Mail to: The Electronic Frontier Foundation, Inc.
155 Second St. #33
Cambridge, MA 02141
I wish to become a member of the EFF I enclose:$__________
$20.00 (student or low income membership)
$40.00 (regular membership)
$100.00(Corporate or company membership.
This allows any organization to
become a member of EFF. It allows
such an organization, if it wishes
to designate up to five individuals
within the organization as members.)
| I enclose an additional donation of $___________
Name:______________________________________________________
Organization:______________________________________________
Address: __________________________________________________
City or Town: _____________________________________________
State:_______ Zip:________ Phone:( )_____________(optional)
FAX:( )____________________(optional)
Email address: ______________________________
I enclose a check [ ] .
Please charge my membership in the amount of $_____________
to my Mastercard [ ] Visa [ ] American Express [ ]
Number:____________________________________________________
Expiration date: ____________
Signature: ________________________________________________
Date:______________________
I hereby grant permission to the EFF to share my name with
other non-profit groups from time to time as it deems
appropriate [ ] .
Initials:___________________________
Your membership/donation is fully tax deductible.
=====================================================================
EFFector Online is published by
The Electronic Frontier Foundation
155 Second Street, Cambridge MA 02141
Phone: +1 617 864 0665 FAX: +1 617 864 0866
Internet Address: eff@eff.org
Reproduction of this publication in electronic media is encouraged
To reproduce signed articles individually,
please contact the authors for their express permission.
=====================================================================
This newsletter is printed on 100% recycled electrons.
########## ########## ########## | FIGALLO DIRECTS EFF/CAMBRIDGE
########## ########## ########## |
#### #### #### | CLINTON ON HIGH TECH
######## ######## ######## |
######## ######## ######## | ELECTRONIC DEMOCRACY
#### #### #### | The Implications
########## #### #### |
########## #### #### |
=====================================================================
EFFector Online September 11, 1992 Issue 3.04
A Publication of the Electronic Frontier Foundation
ISSN 1062-9424
=====================================================================
FIGALLO ONLINE AT EFF.ORG
Cliff Figallo became the new director of EFF-Cambridge at the beginning
of the month. Former director of The Whole Earth 'Lectronic Link (the
EFF's birthplace), Fig is charged with developing and coordinating the
Cambridge office's outreach activities, increasing active EFF membership,
and expanding overall awareness of the EFF's programs in the computer-
conferencing community and the world at large.
Commenting on his new task, Figallo said, "EFF came upon the online scene
a couple years ago with a big splash. I'd like for us to continue
splashing. EFF is uniquely engaged in many useful and important
activities in the areas of online civil liberties, sane lawmaking and
advocacy of improved electronic highways for the future. I want news of
these activities to get out to the people for whom we are making a
difference. I also want us to develop better channels for these same
people to communicate their wants and needs to those of us with access to
the legal, informational and technical resources. Our purpose is to
serve those wants and needs for the betterment of the world.
"More specifically, I will encourage people to become members of EFF
by demonstrating to them the value of a membership. One should expect
noticeable benefits from paying membership dues and I intend to make it
plain that those benefits exist and will only increase as more people
become involved in telecommunications. I will also be working with
regional groups who may be interested in forming local EFF chapters so
that we can learn together how such affiliations can enhance our mutual
effectiveness.
"I'm excited about working here. I believe in what EFF is all about."
Cliff can be reached as fig@eff.org.
-==--==--==-<>-==--==--==-
STATEMENT OF BILL CLINTON FOR THE INSTITUTE OF ELECTRICAL
AND ELECTRONIC ENGINEERS (IEEE)
Bill Clinton for President Committee * 1317 F Street, NW, Suite 902 *
Washington DC 20004 Telephone 202-393-3323 FAX 202-393-3329
e-mail correspondence@dc.Clinton-Gore.org
"We face a fundamental economic challenge today: to create a
high-wage, high-growth national economy that will carry America into
the 21st century. We need a long-term national strategy to meet this
challenge and win.
"Our productivity and income have been growing so slowly
because we've stopped investing in the economic infrastructure that
binds our markets and businesses together, in the education and
training necessary to give our workers world-class skills, and in the
research and development that can restore America to the cutting
edge of the world economy. As a nation, we're spending more on the
present and the past and building less for the future. We need a
President who will turn the country around and refocus on the long
view. As President, I will divide the budget into three parts, creating
a separate 'future budget' for the federal government to make
investments that will enrich our country over the long term. Today
the federal government spends only 9 per cent of the budget on
investments for the future; a Clinton Administration will double that.
We will pay for it by diverting resources no longer needed for
defense, but we will ensure that every dollar we take out of military
R&D goes into R&D for civilian technologies until civilian R&D can
match and eventually surpass our Cold War military R&D commitment.
"As President, I will create an investment tax credit and a new
enterprise tax cut that rewards those who invest in new businesses
that create new jobs. I will also make the research and development
tax credit permanent.
"My administration will create a civilian research and
development agency to support research in the technologies that
scientists have already identified as the basis for launching new
growth industries and revitalizing traditional ones over the next two
decades. This civilian DARPA will coordinate R&D to help companies
develop innovative technologies and bring new products to market.
And without inhibiting the competition that drives innovation, we will
encourage and promote collaborative efforts among firms and with
research institutes for commercial development just as we have done
with defense technologies for 40 years.
"A Clinton Administration will create a high-speed rail network
between out nation's major cities. And in the new economy,
infrastructure means information as well as transportation. More than
half the U.S. workforce is employed in information-intensive
industries, yet we have no national strategy to create a national
information network. Just as the interstate highway system in the
1950s spurred two decades of economic growth, we need a door-to-
door fiber optics system by the year 2015; a link to every home, lab,
classroom and business in America.
"For small defense manufacturers hit by cuts in defense
spending, the Small Business Administration will provide small
conversion loans to help finance their transition, and launch a
Technology Assistance Service -- modeled on the Agricultural
Extension Service -- to provide easy access to the technical expertise
it takes to convert to commercial production.
"To enjoy the full benefit of these investments, we must do
everything possible to open up markets now closed to American
products. My administration will provide the leadership for Japan and
the European countries to join us in coordinating our macroeconomic
policies and in reaching multilateral trade negotiations. But we will
also provide the muscle to open up Japan's markets to competitive U.S.
products using a stronger and more carefully targeted "Super 301"
approach. We favor a free and open trading system, but if our
competitors won't play by those rules, we will play by theirs.
"All the investments in the world won't mean much if our
workers don't have the education or the skills to take advantage of the
opportunities they create. My administration will fully fund Head
Start, increase funding for Chapter 1, and provide seed money for
innovative education projects. However, we will also raise standards
by establishing a national testing system in elementary and secondary
schools and instituting report cards for ever state, school district,
and school in the nation, to measure their progress. We will also
create a nationwide apprenticeship program for those young people who
choose not to go to college, and a national trust fund for college loans
for those who do. These loans will be repaid either as a small
percentage of income over time or with a couple of years of national
service.
"With the strategy I have outlined, we can restore the American
Dream by enabling every citizen and every business to become more
productive, and in so doing, restore our nation to the front lines of
high technology.
-==--==--==-<-==--==--==-
ON ELECTRONIC DEMOCRACY AND ITS PROFOUND IMPLICATIONS
by Marilyn Davis, Ph.D.
madavis@igc.org
Principal Software Engineer and Founder
The Electronic Democracy Project on EcoNet
President and Principal Software Engineer, Frontier Systems
One vision of Electronic Democracy is the television show, where we are
presented with some options and we vote, using either phone lines or new
gadgets attached to our television cables.
Experiments in this type of ED (the QUBE system in Columbus, Ohio, 1977-
1984; Canada's Talking Back, 1978-9; the New Zealand Televote, 1981; the
Prime Time Electronic Town Meeting in the SF Bay Area, 1987) can all be
characterized as the "big-vote" type of Electronic Democracy. We are
presented with a set of predetermined options and we press a button to
indicate our choice, and it's over. The articles written about these
systems state that participation runs high, and that participants came
from all walks of life, but that, in the Canadian experiment, at least,
the results were largely ignored by lawmakers.
Getting our lawmakers to listen to us is one problem with this style of
Electronic Democracy. Another problem is that it requires us to all
watch television at some specific times. Still another is the
technological inefficiency involved in building a system that is huge
enough to record everyone's nearly simultaneous vote, but, that is only
used for a half-hour per week.
The worst complaint about this style of Electronic Democracy is that it
is not "democracy" from a political theory point of view. The big-vote
type of Electronic Democracy was criticized in 1982 by Jean Betheke
Elshtain, a political scientist, as being an "interactive shell game
[that] cons us into believing that we are participating when we are
really simply performing as the responding "end" of a prefabricated
system of external stimuli." Elshtain complains that these systems are
not "democracies", but "plebiscites". "In a plebiscitary system, the
views of the majority, ..., swamp minority or unpopular views.
Plebiscitism is compatible with authoritarian politics
carried out under the guise of, or with the connivance of, majority
views. That opinion can be registered by easily manipulated, ritualistic
plebiscites, so there is no need for debate on substantive questions."
Another political theorist, Brian Fay, has said about democracy that
what "is most significant is the involvement of the citizens in the
process of determining their own collective identity." Thus, the primary
activity of a real democracy is discussion, not voting. In a real
democracy, there is facility to bring up issues, exchange opinions, poll
ourselves, re-discuss, and re-poll, until consensus is reached. Here I
suggest two tenets of an ideal democracy:
1. Equal power: In an ideal democracy, every participant has equal
opportunity to bring up new issues, equal opportunity to participate in
every discussion, equal opportunity to vote in every decision, and equal
weight in each vote. Because, until now, we haven't had the technology
for Electronic Democracy, we have been trapped away from this ideal by
the necessity for a representative democracy, i.e., a democracy where we
elect representatives who make our decisions, rather than make our
decisions ourselves.
2. Consensus: In an ideal democracy, group action only results from
a consensus agreement.
Here (and everywhere), by "consensus", I prefer Webster's New Twentieth
Century Dictionary, unabridged, definition that says, "unanimity;
agreement, especially in opinion; hence, general opinion." Random House
has a much longer discussion of the word but has no interpretation that
implies "unanimity".
More practically, by "consensus", I mean the style of consensus
decision-making practiced by Quakers, by many peace groups, and by some
groups of people who live together. These groups don't act until all
agree - or, at least, no one disagrees. You may "stand-out" of the vote
if you still disagree with an action, but don't wish to block the group.
Our computer networks offer the only means to implement a method of
organization and decision-making where these ideals can be efficiently
achieved.
Although the number of on-line participants is growing fast, still there
are only an elite few of us. The first tenet of an ideal democracy
demands equal access; we don't have that yet. But, if providing tenet
#1 becomes a national priority, it would also provide an economic
alternative for some of our dependence on technical weapon-making.
Each of us, who is a member of a BBS community, has equal opportunity to
introduce and discuss issues, but very limited decision-making tools.
Even so, these systems are proving themselves to be powerful political
tools. In Santa Monica, where there is a city-provided computer network
with a public BBS, the on-line citizens have been able to coerce their
lawmakers into opening the public beach showers in the early morning so
that the homeless can clean up and possibly find work. On the
Association for Progressive Communications (APC) networks, EcoNet,
PeaceNet, and others, 10,000 peace and environmental activists world-
wide participate in discussions and organize for actions with the goal
of saving the planet.
In October of this year, these networks, and all C/Unix-based
conferencing systems, can add voting to their list of features.
"eVote", vote-keeping software from Frontier Systems, will be available
for integration into these systems. This software will enable the on-
line communities to take votes and polls, to spend budgets
democratically, and to develop consensus opinions.
IMPORTANT TECHNICAL DETAILS
Most C/Unix-based conferencing systems maintain a number of conferences;
each conference is a discussion about one narrow (or broad) subject. To
organize the discussion, each conference has a list of "topics",
relevant to the conference, that are posted there by users as the
conference grows. Each topic has a number of "messages", also posted by
users, that carry the thread of the conversation on the topic.
When eVote comes on line, votes will be taken at the "topic" level only,
not on messages. This means that you will always be able to add a
message when you vote, to qualify or explain it.
The list of topic titles for a particular conference appears on the
"index screen". When eVote is in place, the index screen will also list
statistics indicating the number of readers, and, if a vote is being
collected on the topic, the number of voters and average vote.
The user who originates the topic dictates the format for the vote:
whether the vote will be from "0 to 9", "Yes or No", or "Vote for 3 of
the following 10". The voting can be configured so that users can
change their votes and see how others voted. These are essential
features for enabling consensus and/or for emulating an in-person
meeting.
The "Vote for 3 of the following 10" feature can be used to
democratically spend a budget. In this case the instructions will be
"Distribute your 100ED-bucks among the following 20 proposals". The
group can decide (probably by consensus) to spend the real budget
according to the group's average distribution. This then, is a
mechanism for determining and carrying out group decisions without
depending on a representative.
A group can decide to spend money on a political campaign. The
Electronic Democracy candidate would be a figure-head who, if elected,
makes all the decisions of the office according to the decisions of the
on-line group.
This computer-networked, discussion-dominated, type of Electronic
Democracy provides both tenets of an ideal democracy: equal power, and
consensus facilitation. In addition, we can democratically direct funds,
thereby facilitating an ideally democratic process from the first
expression of a new idea, all the way through discussion and decision-
making, to implementation by spending the money.
In face to face meetings, the consensus process works. It is easy to
imagine that it will work in small on-line groups of similar mind (like
the EcoNet community). Mathematics and computer science will provide
algorithms to insure that each group deals fairly with other groups
Indeed, special cases and special privileges are very difficult to build
into software. Because we will be starting with small groups, we won't
confront big decisions until we've built the software to coalesce our
small-group decisions into larger and larger circles of consensus.
There can be no danger in it.
WHAT WILL THIS MEAN TO THE HUMAN RACE?
A seminal difficulty of our species, is the struggle we each face with
two distinct, universal, and somewhat opposing human drives. The first
is our need, or at least our expectation, that we should have "self-
determination". It is this expectation that has compelled us to rebel
against despots throughout history. Our struggles with the "terrible
two's" and "troubled teens" can be interpreted as our struggle to
reconcile our expectations of self-determination with our other,
apparently opposing need: the need to belong to groups.
To survive, we must conform to the expectations of our parents and of
our cultures, and compromise our sense of self-determination for a sense
of security, and for the love of others. We must organize ourselves
into groups; there must be some method of decision-making, and of
carrying out those decisions.
Electronic Democracy offers a path of reconciliation for these two
powerful forces in each of us. Using this technology, we can experiment
with decision-making by consensus, the only method of organization that
can fully materialize our dreams of self-determination.
But, how can we know if we should take this path? How can we know if we
can trust our collective human nature? The concept is so radical, how
can we know if it is right?
Luckily, living on islands, and deep in the rain forests of Panama, are
the Cuna Indians, who can serve as a model of a consensus-run culture.
ABOUT THE CUNA
These amazing Indians, 40,000 in number, have been making decisions, by
consensus, since before Columbus discovered them on his fourth voyage.
Because the Cuna have been living for centuries in the only truly
democratic culture, we look to the Cuna to answer, "What happens to
people who live democratically"?
There is very little literature about the Cuna. However, from ALL
accounts, they are well-organized, harmonious, wise, resourceful,
energetic, playful, gentle, astute, even enlightened.
But how do such innocents fair in dealings with the rest of the world?
The Cuna are possibly the only unconquered native Americans, still
living on, and in control of, their homeland. They won a short war with
Panama in 1925 when it tried to usurp their autonomy. When, in this
decade, Catholics came as missionaries, the National Catholic Reporter
reported, "Panamanian Indians Evangelize Evangelizers".
Although non-Cuna Panamanians may not participate in the affairs of the
Cuna, some Cuna work and study in Panama City, and have been elected to
offices in the Panamanian government.
While preserving their own culture, which they value more than money,
the Cunas capitalize on the world market for their "molas", the colorful
fabric art pieces that the women sew.
A connection between the Cunas' consensus-run politics and their obvious
enlightenment, their unity, their individuality, and their strength is
evident here. As we, through Electronic Democracy, claim our earth and
our rights, we will become like the Cunas: free. As Electronic
Democracy replaces our old political systems, and our strengths as
individuals and as communities grow, we will experience a profound, even
miraculous, change in human attitudes in most cultures.
Of course, it's a big leap from our current reality to imagining
ourselves, like the Cuna, loving our system of organization for its
fairness and responsiveness, and for making us feel heard, and for
making us feel powerful.
In addition, we will love our system for being efficient and for not
tempting us to be influenced by clothes, or speech impediments, or age,
or a thousand other irrelevancies. We'll base our decisions only on the
content of what is written. We'll make excellent decisions.
Like the Cuna, WE will BE our system.
This tool has been waiting for us, in our future; like speech once
waited for us to discover it; and writing. When we, as evolving humans,
were given the dexterity for speech; it must have been, somehow, left
for us to discover our ability and invent language. Given our manual
dexterity and our speech, inventing writing naturally followed. Given
writing, accumulation of knowledge follows. Given knowledge, technology
results. Given technology and our innate and inalienable rights,
Electronic Democracy is inevitable.
Indeed, when you consider the mountain of mathematical, scientific and
technological advances that this system is being built upon, we are a
hair from finished; and just in the nick of time. Our old structures
for civic organization are buckling under the pressures of bad
decisions. Our old structures breed bad decisions. There is, and there
has been, much suffering. We can make it better now.
Electronic Democracy is an answer. There is no other. Electronic
Democracy is inevitable. Our deepest natures hunger for it. The
quicker we adopt Electronic Democracy as our system of civic
organization, the less total suffering there will be.
--------
Becker, Ted, "Teledemocracy - Bringing Power Back to People", The
Futurist, December, 1981, p.6.
Elgin, Duane, "Conscious Democracy Through Electronic Town Meetings",
Whole Earth Review, Summer, 1991, p.28.
Elshtain, Jean Betheke, "Interactive TV - Democracy and the QUBE Tube",
The Nation, August 7-14, 1982, p.108.
Hallowell, Christopher, "A World of Difference", Americas, Jan.-Feb,
1985.
Mazlow, Jonathan, "A Tramp in the Darien", a B.B.C. Adventure Series
Documentary, 1990.
Moran, Julio, "Computers Forge PEN Pal Link", Los Angeles Times, Feb 25,
1990, p.56.
Myers, Norman, "Kuna Indians, Building a Bright Future", International
Wildlife, July-Aug., 1987, p.17
Wirpasa, Leslie, "Panamanian Indians Evangelize Evangelizers", National
Catholic Reporter, Mar 8, 1991, p.8.
Wittig, Michele, Ph.D., "Using a City-Owned Public Electronic Network
for Community Organizing", American Psychological Association, Division
9 Newsletter, July, 1990.
Wittig, Michele, "Electronic City Hall",Whole Earth Review, Summer 1991,
p.24.
-==--==--==-<-==--==--==-
MEMBERSHIP IN THE ELECTRONIC FRONTIER FOUNDATION
If you support our goals and our work, you can show that support by
becoming a member now. Members receive our magazine, EFFECTOR; our bi-
weekly electronic newsletter, EFFector Online; the @eff.org newsletter;
and special releases and other notices on our activities. But because
we believe that support should be freely given, you can receive these
things even if you do not elect to become a member.
Our memberships are $20.00 per year for students, $40.00 per year for
regular members. You may, of course, donate more if you wish.
Our privacy policy: The Electronic Frontier Foundation will never, under
any circumstances, sell any part of its membership list. We will, from
time to time, share this list with other non-profit organizations whose
work we determine to be in line with our goals. If you do not grant
explicit permission, we assume that you do not wish your membership
disclosed to any group for any reason.
---------------- EFF MEMBERSHIP FORM ---------------
Mail to: The Electronic Frontier Foundation, Inc.
155 Second St. #34
Cambridge, MA 02141
I wish to become a member of the EFF I enclose:$__________
$20.00 (student or low income membership)
$40.00 (regular membership)
$100.00(Corporate or company membership.
This allows any organization to
become a member of EFF. It allows
such an organization, if it wishes
to designate up to five individuals
within the organization as members.)
| I enclose an additional donation of $
Name:
Organization:
Address:
City or Town:
State: Zip: Phone:( ) (optional)
FAX:( ) (optional)
Email address:
I enclose a check [ ] .
Please charge my membership in the amount of $
to my Mastercard [ ] Visa [ ] American Express [ ]
Number:
Expiration date:
Signature:
Date:
I hereby grant permission to the EFF to share my name with
other non-profit groups from time to time as it deems
appropriate [ ] .
Initials:
Your membership/donation is fully tax deductible.
=====================================================================
EFFector Online is published by
The Electronic Frontier Foundation
155 Second Street, Cambridge MA 02141
Phone: +1 617 864 0665 FAX: +1 617 864 0866
Internet Address: eff@eff.org
Reproduction of this publication in electronic media is encouraged
To reproduce signed articles individually,
please contact the authors for their express permission.
=====================================================================
This newsletter is printed on 100% recycled electrons.
########## ########## ########## | A GUIDE TO EFF LEGAL SERVICES
########## ########## ########## |
#### #### #### |
######## ######## ######## | EFF TESTIMONY ON DIGITAL PRIVACY
######## ######## ######## | AS GIVEN BY DAVID FARBER
#### #### #### |
########## #### #### | WHAT EFF DID ON YOUR SUMMER VACTION
########## #### #### |
=====================================================================
EFFector Online September 18, 1992 Issue 3.05
A Publication of the Electronic Frontier Foundation
ISSN 1062-9424
=====================================================================
EFF LEGAL SERVICES
by Mike Godwin
EFF Staff Counsel, Cambridge
Because the EFF has spent the last year developing and publicizing
our policy-focused efforts at our new Washington office, many of our
constituents have wondered whether EFF is still active on the
civil-liberties front. The answer to that question is an unqualified
"Yes!" This activity has been less well-publicized, however, often
because of the privacy interests of most of the people who seek EFF help
with their individual cases. I want to take this opportunity to let our
members and constituents know what kind of legal services we offer, and
what kind of casework we do.
The primary legal services I provide are basic counselling and
referrals. EFF does not charge for this, and you do not have to be an
EFF member to call or write and ask for help. I answer general questions
about computer law and telecommunications law at the federal level as
well as in the jurisdictions in which I am admitted to the bar
(currently Texas and Washington, D.C.). When appropriate, I instruct
people to seek further consultation with lawyers in their respective
jurisdictions, giving them referrals to specific lawyers when possible.
(EFF maintains a database of attorneys who've volunteered to do some
kinds of work on these kinds of cases.) I often mail out source
materials to individuals and organizations. (One of the most frequently
requested materials is the original complaint filed by Steve Jackson
Games in its lawsuit against the U.S. government--many lawyers find that
the complaint is a good primer on civil-liberties issues raised by the
search and seizure of a computer bulletin-board system.) More
frequently, I talk to people on the telephone. The kinds of questions I
deal with tend to fall into the following four general areas:
GENERAL QUESTIONS ABOUT LEGAL ISSUES
A caller may be a sysop who's been told by someone that it's against the
law to read users' e-mail, and she wants to know whether this is true.
Or it may be a user who wants to know if it's legal to upload a scanned
image of a copyrighted photograph to a BBS for downloading by other
users. Or it may be a hobbyist programmer who wonders if he may be held
liable if a computer virus he writes somehow "escapes" and infects and
damages other systems. Usually these questions are aimed at
*anticipated* legal risks (the caller wants to know ahead of time if her
actions will lead to legal trouble), but a significant number of the
calls are from people who wonder if their *current* activities are
illegal or create risks of legal liability. For example, a lot of
sysops of "pirate" BBSs have acquired the notion that they can't be held
liable for providing access to unauthorized copies of commercial
software because it's "the guy downloading the stuff who's doing the
copying"--I tell them they are mistaken and point out the legal risks of
providing such access. A small but consistent fraction of callers prefer
to remain anonymous. I respect their wishes, and try to give just as
much help to anonymous callers as to those who identify themselves.
REQUESTS FOR HELP IN CRIMINAL CASES
Basically, these types of requests fall into two categories, which I
call "target cases" and "non-target cases":
A "target case" is one in which the request is from some one
(the "target") who is very likely to become, or who has already become,
a defendant in a state or federal case. I may get the request from the
target personally, or I may get a call from the target's lawyer. (If the
target doesn't have a lawyer, my first priority is to do what I can to
help him get one. Although EFF does not normally provide funds for legal
representation in criminal cases, I can tell a caller how to go about
contacting a private defense lawyer or a public defender.) I'll ask the
caller for basic facts about the case, and, once I'm in contact with his
lawyer, I'll do what I can to help the lawyer learn the relevant law and
gather the necessary facts to prepare the case. Even the very best
defense lawyers are likely to be unfamiliar with the legal and
evidentiary issues raised by computer-crime investigations--I'm often
able to give them a running start on their case preparation. On a few
occasions, a case may raise a particularly unusual and important
civil-liberties issue, and I'll make a recommendation to EFF management
as to whether EFF should formally support the case in some way.
A "non-target case" is one in which the person asking for
assistance or advice is not an actual or prospective defendant, but her
rights or interests have somehow been affected by a criminal
investigation or by the actions of law-enforcement officials. (The
classic example is one in which a non-target sysop's BBS or networked
computer has been seized as part of an investigation of one the system's
users.) As in target cases, I may advise her lawyer, but I often can
resolve things quickly by acting directly as a representative for the
person asking for help. For example, in a recent Washington State case,
I helped a non-target negotiate a quick return of his equipment, which
federal agents had seized and searched as part of a multi-state criminal
investigation.
REQUESTS FOR HELP IN CIVIL CASES. Normally, EFF won't take sides in a
civil case unless it clearly raises an important civil-liberties issue.
One such case involved the manufacturers of a VCR-programming device who
threatened to sue individuals participating in a discussion of their
coding algorithms on the Usenet newsgroup sci.crypt. The company's
lawyer insisted that the Usenetters' efforts at figuring out the
algorithms by deducing them from the codes published in TV Guide
listings and elsewhere was a violation of their copyright, patent, and
trade-secret interests.
I researched their claim and confirmed the Usenet posters' belief
that their research did not violate any intellectual-property
protections of the manufacturers' products, and I represented their
position to the manufacturer, telling the company that the posters were
engaged in Constitutionally protected speech and inquiry. After several
convesations between me and the company's lawyer, the company dropped
its claims. (The sci.crypt posters' research was eventually published as
a paper in the journal CRYPTOLOGIA--Vol. XVI, Number 3, July 1992--in
which the authors thanked EFF for their legal assistance.)
REQUESTS FOR HELP IN SITUATIONS WHERE THERE'S NO CRIMINAL OR CIVIL CASE
This category includes situations in which, for example, a college
student has his computer-access privileges suspended because a "hacker
newsletter" is discovered by a system administrator rummaging through
the student's directory. (I've explained to more than one system
administrator that mere possession of such information does not make one
a computer intruder, and that their rummaging may have violated the
students' rights.) Or a university computer center may decide to suspend
some kinds of Usenet newsgroups, justifying their actions by saying
they're afraid the sexually oriented newsgroups are illegal. (I've
written and spoken to university administrators to explain that
virtually none of the discussions in the sexually oriented newsgroups on
Usenet qualify legally as "obscenity"--instead, they're protected
expression under established American Constitutional law.) Or a group of
sysops may be concerned about their local phone company's efforts to
impose business rates on nonprofit BBS phone lines. (I now refer most
such calls to Shari Steele, ssteele@eff.org, the staff counsel of EFF's
Washington office, who has given special study to these issues.)
In addition to individual casework: I have represented EFF's legal
services primarily on three forums--the WELL, Usenet, and CompuServe.
As a result of my presence there, I have been receiving an increasing
amount of casework, requests for legal advice, and invitations to speak.
The number of these cases has increased in response to my presence
online--it also has increased in response to my public appearances.
After the Second Computers, Freedom, and Privacy conference, for
example, I had three or four cases referred to me by people who met me
in Washington.
It is important that EFF members and constituents recognize we are
here to help you solve individual problems as well as promote your
interests on general policy issues. If you are running into a legal
problem, or if you simply have a general legal question, or even if
you're having a problem on the Electronic Frontier and you're not sure
whether or not it's a legal problem, you should call me, Mike Godwin, at
617-864-0665, or send me electronic mail at mnemonic@eff.org or at
76711,317 on CompuServe. I won't always be able to help, but I'm always
willing to listen. And I may be able to help more often than you'd
think.
-==--==--==-<>-==--==--==-
From the Univ of Wisconsin Microelectronics bulletin, Prof. F Cerrina
as the author:
"After the Microlithography '92 conference in Japan, we toured some
of the leading electronics laboratories. Our visit to Hitachi's
Central Research Lab included an amusing demonstration of the
resolution of current lithography. On a four-inch wafer, they
printed a map of the world that included the streets of London down to the
smallest alleys. It's now possible to put a fully detailed map of
the world on a six-inch wafer."
Food for thought...
(Submitted by Gary Delp <gdelp+@rchland.ibm.com> )
-==--==--==-<>-==--==--==-
Following are excerpts from the testimony of Professor David Farber, a
member of the EFF Board of Directors, before the Computer Systems
Security and Privacy Advisory Board of the National Institute of
Standards and Technology (NIST) on September 16, 1992.
Mr. Chairman and Members of the Advisory Board:
My name is David Farber. I am Professor of Computer Science at the
University of Pennsylvania and a member of the Board of Directors of the
Electronic Frontier Foundation (EFF). I am here today representing only
the views of EFF. I want to thank you for inviting us to testify today
as part of your investigation.
We are pleased to be included at this early phase of the Advisory
Board's inquiry and offer a brief set of principles for proceeding with
this inquiry. First, it is essential that in examining discrete issues
such as the desirability of various cryptography standards, the Board
take a comprehensive view of what we call "digital privacy" policy as a
whole. Such a comprehensive view requires a clear vision of the
underlying civil liberties issues at stake: privacy and free speech. It
also requires looking beyond the cryptography questions raised by many
to include some of law enforcement's recent concerns about the pace of
digital infrastructure innovation. Second, for the sake of promoting
innovation and protecting civil liberties, the Board should bear in mind
the principle that computer security policy is fundamentally a concern
for domestic, civilian agencies. This principle, as articulated in the
Computer Security Act of 1987, can serve as an important guide to the
work of this Board.
A. THE GROWING IMPORTANCE OF DIGITAL PRIVACY TECHNOLOGY
With dramatic increases in reliance on digital media for
communications on the part of private individuals, government, and
corporations, the need for comprehensive protection of privacy in these
media grows. For most in this room, the point seems trite, but the
digital communications revolution (which we stand at only the very
beginning of), is the key event of which the Advisory Board should take
note. As an example, a communication which is carried on paper through
the mail system, or over the wire-based public telephone network is
relatively secure from random intrusion by others. But the same
communication carried over a cellular or other wireless communication
system, is vulnerable to being overheard by anyone who has very
inexpensive, easy-to-obtain scanning technology.
For the individual who relies on digital communications media,
reliable privacy protection cannot be achieved without the protection of
robust encryption technology. While legal restrictions on the use of
scanners or other technology which might facilitate such invasions of
privacy seem to be attractive preventative measures, these are not
lasting or comprehensive solutions. We should have a guarantee -- with
physics and mathematics, not only with laws -- that we can give
ourselves real privacy of personal communications through technical
means. Encryption strong enough that even the NSA can't break it. We
already know how to do this, but we have not made encryption technology
widely available for public use because of public policy barriers.
B. THE BOARD SHOULD UNDERTAKE A COMPREHENSIVE REVIEW OF DIGITAL PRIVACY
ISSUES
Inasmuch as digital privacy policy has broad implications for
constitutional rights of free speech and privacy, and for international
competitiveness and economic vitality in the information age, these
issues must be explored and resolved in an open, civilian policy
context. These questions are simply too important to be decided by the
national security establishment alone. This principle is central to the
Computer Security Act of 1987.1 The structure of the Act, which is the
basis for the authority of this Advisory Board, arose, in significant
part, from the concern that the national security establishment was
exercising undue control over the flow of public information and the use
of information technology.2
When considering the law in 1986, the committee asked the question,
"whether it is proper for a super-secret agency [the NSA] that operates
without public scrutiny to involve itself in domestic activities...?"
The answer was a clear no, and the authority for establish computer
security policy was vested in NIST (the NBS).
In this context, we need a robust public debate over our
government's continuing heavy-handed efforts to control commercially
developed cryptography. It is no secret that throughout the cold war
era, the Defense and State Departments and the National Security Agency
have used any and all means, including threats of prosecution, control
over research, and denial of export licenses to prevent advanced secret
coding capabilities from getting into the hands of our adversaries. NSA
does this to maximize its ability to intercept and crack all
international communications of national security interest.
Now the Cold War is over but the practice continues. In recent
years, Lotus, Microsoft, and others have developed or tried to
incorporate powerful encryption means into mass market software to
enhance the security and privacy of business, financial, and personal
communications. In an era of computer crime, sophisticated surveillance
technologies, and industrial espionage it is a laudable goal.
Although NSA does not have the authority to interfere with domestic
distribution of DSA, RSA, and other encryption packages, its licensing
stranglehold over foreign distribution has unfortunate consequences.
Domestic firms have been unable to sell competitive security and privacy
products in international markets. More important, because the cost of
producing two different products is often prohibitive, NSA policy
encourages firms to produce a single product for both domestic and
worldwide use, resulting in minimal privacy and security for users both
here and abroad.
While we all recognize that NSA has legitimate national security
concerns in the post cold war era, this is a seriously flawed process.
Foreign countries or entities who want to obtain advanced encryption
technology can purchase it through intermediaries in the United States
or from companies in a host of foreign countries who are not subject to
US export restrictions. There is a big, big hole in the national
security dike. By taking a page out of the Emperor's New Clothes, NSA
opts to act as if the process works by continuing to block export.
In order to get some improvement in mass market encryption, the
Software Publishers Association, representing Microsoft, Lotus, and
others, had to use the threat of legislation to get NSA to engage in the
negotiations that finally led NSA to agree to expedited clearance for
the export of RSA encrypting software of limited key lengths. Still, all
concede that the agreement does not go far enough and that far more
powerful third-party products are commonly available in the US,
including the fifteen-year-old US Data Encryption Standard. SPA knows
that specifying maximum key lengths offers little long-term security
given advances in computer processing power, but was willing to
compromise because of NSA's refusal to budge.
Does this kind of policy make any sense in the post Cold War era?
Mass market products offer limited security for our citizens and
businesses. Determined adversaries can obtain much more powerful
products from foreign countries or by purchasing it here in the US. Is
the NSA policy of slowing down the pace of encryption use by foreigners
and adversaries --even if demonstrable--any longer worth the significant
price we pay in terms of failing to meet our own communications privacy
and security needs? That is the policy challenge for this Board to
address by a frank, open, and inclusive public debate.
C. THE BOARD MUST ADDRESS THE DIGITAL PRIVACY ISSUE IN A COMPREHENSIVE
MANNER WHICH REQUIRES CONSIDERING THE FBI'S DIGITAL TELEPHONY PROPOSAL
AND ITS IMPLICATIONS.
The public policy debate on electronic privacy issues over the last
few years has demonstrated that a comprehensive approach to digital
privacy policy cannot be complete without examining both questions
regarding the availability of encryption technology, and the
corresponding infrastructure issues, such as those raised by the FBI's
Digital Telephony Proposal. Attempts to solve one issue without
addressing the other is an exercise in irrational policy-making and
should be avoided by this Advisory Board.
Last year, the FBI first proposed a "Sense of the Congress"
resolution stating that communications firms and computer and
communications equipment manufacturers were obligated to provide law
enforcement access to the "plain" text of all voice, data, and video
communications, including communications using software encryption. The
Electronic Frontier Foundation (EFF) played an active and leading role
both in opposing such a law and in seeking to find more acceptable means
for meeting legitimate law enforcement needs. Because of our advocacy
and coalition-building efforts with communications and privacy groups,
we were successful in persuading Senate Judiciary Chairman Joseph Biden
to remove the Sense of the Congress Resolution from active consideration
as part of Omnibus crime legislation last year.
Putting aside its attempt to control the use of encryption systems,
this year the FBI has come forward with proposed legislation that would
require telephone companies, electronic information providers, and
computer and communications equipment manufacturers to seek an FCC
"license" or Attorney General "certification" that their technologies
are susceptible to electronic surveillance. We are in danger of creating
a domestic version of the export control laws for computer and
communications technology.
While the FBI claims that neither of this year's proposals address
encryption issues, the Bureau has made it clear it plans to return to
this issue in the future. The Board needs to hear from the broad
coalition made up of telephone companies such as AT&T, computer firms
such as IBM, Sun Microsystems, and Lotus Development Corporation, and
public interest groups such as the EFF. The EFF will shortly release a
white paper representing coalition views on the need for the FBI to
explore more realistic, less vague, and potentially onerous policy
options for meeting legitimate law enforcement needs.
The resulting multi-front battle being waged about digital privacy
creates formidable roadblocks to a final resolution of the policy
disputes at issue. Those who seek greater privacy and security cannot
trust a settlement on one front, because their victory is likely to be
undermined by action on the other issue. And law enforcement and
national security concerns cannot be adequately addressed without a
sense of the overall solution being proposed on both the encryption and
infrastructure fronts. This Advisory Board can play a valuable role for
the policy process by conducting a comprehensive review of digital
privacy and security policy, with a consideration of both of these sets
of issues.
1 Pub.L.No. 100-235.
2 House Committee On Government Operations, H.R. Rep. No. 99-753,
Pt. 2, at 5.
-==--==--==-<>-==--==--==-
From "Levitating Trains and Kamikaze Genes: Technological Literacy
for the 1990's"
Describing the difference between computer hardware and software:
"Those parts of the system that you can hit with a hammer
(not advised) are called hardware; those program instructions that
you can only curse at are called software."
-==--==--==-<>-==--==--==-
WHAT EFF DID WHILE YOU WERE TANNING
You can't fool us. We saw your I'm-on-vacation bounce notices after
shipping each EFFector Online. And while you were out prematurely aging
your skin, the EFF had a busy summer.
Both Danny Weitzner of the D.C. office and Mike Godwin of the
Cambridge office took bar exams in July: Danny in New York and Mike in
Massachusetts (Mike is already a member of the Texas and D.C. bars).
Both have recovered and are waiting for their results.
CAMBRIDGE:
# Mitchell Kapor was a keynote speaker for EFF at the International
Networking Conference, 1992, in Kobe, Japan where he spoke on global
networking and the EFF's role in the creation of online communities
around the world. He also appeared before the National Association of
Regional Utility Commissions as a means of opening EFF's state by state
drive to make ISDN happen nationwide. In addition, he has, as usual,
been active in fundraising efforts for EFF within the computer industry.
# In addition to his bar exam, Mike flew to San Francisco several times
as part of the planning committee for Computers, Freedom, and Privacy
III; chaired two meetings of the Massachusetts Computer Crime Council;
assisted counsel for several federal computer crime cases under
indictment; and fielded many, many legal questions on the phone and
online.
# The publications department (Gerard Van der Leun and Rita Rouvalis)
produced a full line of pamphlets, white papers, bumper stickers, and
information disks in addition to several issues of EFFector Online and
@eff.org; staffed booths at ONE BBSCon and IBECC '92 in Denver, Colorado
in August; and laid the groundwork on such projects as The EFF Guide to
Cyberspace and the upcoming EFFECTOR3 magazine.
# EFF Tech (Chris Davis and Helen Rose) upgraded the Washington, D.C.
office's connection to the Internet from a dialup SLIP connection to a
56K leased line; reorganized the anonymous FTP archives for faster and
easier access to the EFF's online documents; began a series of
Postscript versions of EFF documents with about-eff; and made
arrangements to appear on a panel discussing the Internet and the
National Public Network in New York City in late September.
WASHINGTON D.C.:
# Jerry Berman appeared before American Bar Association Conference in
San Francisco on the Panel on Virtual Reality and Future Network Policy;
appeared before Computer Systems Policy Project in Massachusetts to
discuss Open Platform Initiative of the EFF; was on a panel that briefed
the City Council and Mayor of Seattle. He arranged for many computer and
communications firms to sign the EFF-drafted White Paper opposing FBI
digital Telephony proposal to be released September 16 in D.C. He also,
with the aid of the Washington staff, pulled together the second meeting
of the Communications Policy Forum under EFF auspices to discuss the
NSF's draft solicitation on the Internet and NREN.
# Danny Weitzner drafted Open Platform amendments, making narrowband
ISDN deployment a national policy, for Rep. Ed Markey's latest
telecommunications regulation bill; was elected Chair of the Public
Policy and Strategy committee of the North American ISDN Users' Forum;
and initiated a plan to take the Open Platform initiative to state
public utility commissions in order to ensure reasonably priced ISDN
service in the states.
# Andrew Blau testified at Colorado PUC on making ISDN available to
residential subscribers; met with Executive Leadership of NCSL's Task
Force on Info Policy; spoke at National Federation of Local Cable
Programmers' Annual Convention on Video Dialtone, "Electronic
Frontiers", and Community Communications Coalitions; was a panelist on
"Government Initiatives to Promote Public Data Networks"; met with
disability rights activists, seniors, and others about meeting their
future telecommunications needs; and documented uses/application of ISDN
technology in small business, education, health and other settings.
# Shari Steele made presentations on the EFF, our National Public
Network proposal, electronic democracy and BBSs being charged business
telephone rates at ONE BBSCon and IBECC; began writing a monthly legal
column for BBS Callers Digest; and made presentations on the EFF to the
Capital Area SysOps Association (CASA) and a course on Computers,
Freedom and Privacy at the George Washington University.
-==--==--==-<>-==--==--==-
MEMBERSHIP IN THE ELECTRONIC FRONTIER FOUNDATION
If you support our goals and our work, you can show that support by
becoming a member now. Members receive our magazine, EFFECTOR, our bi-
weekly electronic newsletter, EFFector Online, the @eff.org newsletter
and special releases and other notices on our activities. But because
we believe that support should be freely given, you can receive these
things even if you do not elect to become a member.
Our memberships are $20.00 per year for students, $40.00 per year for
regular members. You may, of course, donate more if you wish.
Our privacy policy: The Electronic Frontier Foundation will never, under
any circumstances, sell any part of its membership list. We will, from
time to time, share this list with other non-profit organizations whose
work we determine to be in line with our goals. If you do not grant
explicit permission, we assume that you do not wish your membership
disclosed to any group for any reason.
---------------- EFF MEMBERSHIP FORM ---------------
Mail to: The Electronic Frontier Foundation, Inc.
155 Second St. #35
Cambridge, MA 02141
I wish to become a member of the EFF I enclose:$__________
$20.00 (student or low income membership)
$40.00 (regular membership)
$100.00(Corporate or company membership.
This allows any organization to
become a member of EFF. It allows
such an organization, if it wishes
to designate up to five individuals
within the organization as members.)
I enclose an additional donation of $
Name:
Organization:
Address:
City or Town:
State: Zip: Phone:( ) (optional)
FAX:( ) (optional)
Email address:
I enclose a check [ ] .
Please charge my membership in the amount of $
to my Mastercard [ ] Visa [ ] American Express [ ]
Number:
Expiration date:
Signature:
Date:
I hereby grant permission to the EFF to share my name with
other non-profit groups from time to time as it deems
appropriate [ ] .
Initials:
Your membership/donation is fully tax deductible.
=====================================================================
EFFector Online is published by
The Electronic Frontier Foundation
155 Second Street, Cambridge MA 02141
Phone: +1 617 864 0665 FAX: +1 617 864 0866
Internet Address: eff@eff.org
Reproduction of this publication in electronic media is encouraged
To reproduce signed articles individually,
please contact the authors for their express permission.
=====================================================================
This newsletter is printed on 100% recycled electrons.
########## ########## ########## |
########## ########## ########## |
#### #### #### | BRUCE STERLING ON
######## ######## ######## | PRINCIPLES, ETHICS, AND MORALITY
######## ######## ######## | IN CYBERSPACE
#### #### #### |
########## #### #### |
########## #### #### |
=====================================================================
EFFector Online September 30, 1992 Issue 3.06
A Publication of the Electronic Frontier Foundation
ISSN 1062-9424
=====================================================================
A STATEMENT OF PRINCIPLE
by
Bruce Sterling
bruces@well.sf.ca.us
Reprinted from SCIENCE FICTION EYE #10
with permission of the author.
I just wrote my first nonfiction book. It's called THE HACKER CRACKDOWN:
LAW AND DISORDER ON THE ELECTRONIC FRONTIER. Writing this book has
required me to spend much of the past year and a half in the company of
hackers, cops, and civil libertarians.
I've spent much time listening to arguments over what's legal, what's
illegal, what's right and wrong, what's decent and what's despicable,
what's moral and immoral, in the world of computers and civil liberties.
My various informants were knowledgeable people who cared passionately
about these issues, and most of them seemed well- intentioned.
Considered as a whole, however, their opinions were a baffling mess of
contradictions.
When I started this project, my ignorance of the issues involved was
genuine and profound. I'd never knowingly met anyone from the computer
underground. I'd never logged-on to an underground bulletin-board or
read a semi-legal hacker magazine. Although I did care a great deal
about the issue of freedom of expression, I knew sadly little about the
history of civil rights in America or the legal doctrines that surround
freedom of the press, freedom of speech, and freedom of association. My
relations with the police were firmly based on the stratagem of avoiding
personal contact with police to the greatest extent possible.
I didn't go looking for this project. This project came looking for me.
I became inextricably involved when agents of the United States Secret
Service, acting under the guidance of federal attorneys from Chicago,
came to my home town of Austin on March 1, 1990, and confiscated the
computers of a local science fiction gaming publisher. Steve Jackson
Games, Inc., of Austin, was about to publish a gaming- book called GURPS
Cyberpunk.
When the federal law-enforcement agents discovered the electronic
manuscript of CYBERPUNK on the computers they had seized from Mr.
Jackson's offices, they expressed grave shock and alarm. They declared
that CYBERPUNK was "a manual for computer crime."
It's not my intention to reprise the story of the Jackson case in this
column. I've done that to the best of my ability in THE HACKER
CRACKDOWN; and in any case the ramifications of March 1 are far from
over. Mr. Jackson was never charged with any crime. His civil suit
against the raiders is still in federal court as I write this.
I don't want to repeat here what some cops believe, what some hackers
believe, or what some civil libertarians believe. Instead, I want to
discuss my own moral beliefs as a science fiction writer -- such as they
are. As an SF writer, I want to attempt a personal statement of
principle.
It has not escaped my attention that there are many people who believe
that anyone called a "cyberpunk" must be, almost by definition, entirely
devoid of principle. I offer as evidence an excerpt from Buck
BloomBecker's 1990 book, SPECTACULAR COMPUTER CRIMES. On page 53, in a
chapter titled "Who Are The Computer Criminals?", Mr. BloomBecker
introduces the formal classification of "cyberpunk" criminality.
"In the last few years, a new genre of science fiction has arisen under
the evocative name of 'cyberpunk.' Introduced in the work of William
Gibson, particularly in his prize-winning novel NEUROMANCER, cyberpunk
takes an apocalyptic view of the technological future. In NEUROMANCER,
the protagonist is a futuristic hacker who must use the most
sophisticated computer strategies to commit crimes for people who offer
him enough money to buy the biological creations he needs to survive.
His life is one of cynical despair, fueled by the desire to avoid death.
Though none of the virus cases actually seen so far have been so
devastating, this book certainly represents an attitude that should be
watched for when we find new cases of computer virus and try to
understand the motivations behind them.
"The New York Times's John Markoff, one of the more perceptive and
accomplished writers in the field, has written than a number of computer
criminals demonstrate new levels of meanness. He characterizes them, as
do I, as cyberpunks."
Those of us who have read Gibson's NEUROMANCER closely will be aware of
certain factual inaccuracies in Mr. BloomBecker's brief review.
NEUROMANCER is not "apocalyptic." The chief conspirator in NEUROMANCER
forces Case's loyalty, not by buying his services, but by planting
poison-sacs in his brain. Case is "fueled" not by his greed for money or
"biological creations," or even by the cynical "desire to avoid death,"
but rather by his burning desire to hack cyberspace. And so forth.
However, I don't think this misreading of NEUROMANCER is based on
carelessness or malice. The rest of Mr. BloomBecker's book generally is
informative, well-organized, and thoughtful. Instead, I feel that Mr.
BloomBecker manfully absorbed as much of NEUROMANCER as he could without
suffering a mental toxic reaction. This report of his is what he
actually *saw* when reading the novel.
NEUROMANCER has won quite a following in the world of computer crime
investigation. A prominent law enforcement official once told me that
police unfailingly conclude the worst when they find a teenager with a
computer and a copy of NEUROMANCER. When I declared that I too was a
"cyberpunk" writer, she asked me if I would print the recipe for a
pipe-bomb in my works. I was astonished by this question, which struck
me as bizarre rhetorical excess at the time. That was before I had
actually examined bulletin-boards in the computer underground, which I
found to be chock-a-block with recipes for pipe-bombs, and worse. (I
didn't have the heart to tell her that my friend and colleague Walter
Jon Williams had once written and published an SF story closely
describing explosives derived from simple household chemicals.)
Cyberpunk SF (along with SF in general) has, in fact, permeated the
computer underground. I have met young underground hackers who use the
aliases "Neuromancer," "Wintermute" and "Count Zero." The Legion of
Doom, the absolute bete noire of computer law-enforcement, used to
congregate on a bulletin-board called "Black Ice."
In the past, I didn't know much about anyone in the underground, but
they certainly knew about me. Since that time, I've had people express
sincere admiration for my novels, and then, in almost the same breath,
brag to me about breaking into hospital computers to chortle over
confidential medical reports about herpes victims.
The single most stinging example of this syndrome is "Pengo," a member
of the German hacker-group that broke into Internet computers while in
the pay of the KGB. He told German police, and the judge at the trial of
his co-conspirators, that he was inspired by NEUROMANCER and John
Brunner's SHOCKWAVE RIDER.
I didn't write NEUROMANCER. I did, however, read it in manuscript and
offered many purportedly helpful comments. I praised the book publicly
and repeatedly and at length. I've done everything I can to get people
to read this book.
I don't recall cautioning Gibson that his novel might lead to anarchist
hackers selling their expertise to the ferocious and repulsive apparat
that gave the world the Lubyanka and the Gulag Archipelago. I don't
think I could have issued any such caution, even if I'd felt the danger
of such a possibility, which I didn't. I still don't know in what
fashion Gibson might have changed his book to avoid inciting evildoers,
while still retaining the integrity of his vision -- the very quality
about the book that makes it compelling and worthwhile.
This leads me to my first statements of moral principle.
As a "cyberpunk" SF writer, I am not responsible for every act committed
by a Bohemian with a computer. I don't own the word "cyberpunk" and
cannot help where it is bestowed, or who uses it, or to what ends.
As a science fiction writer, it is not my business to make people
behave. It is my business to make people imagine. I cannot control other
people's imaginations -- any more than I would allow them to control
mine.
I am, however, morally obliged to speak out when acts of evil are
committed that use my ideas or my rhetoric, however distantly, as a
justification.
Pengo and his friends committed a grave crime that was worthy of
condemnation and punishment. They were clever, but treacherously clever.
They were imaginative, but it was imagination in a bad cause. They were
technically accomplished, but they abused their expertise for illicit
profit and to feed their egos. They may be "cyberpunks" -- according to
many, they may deserve that title far more than I do -- but they're no
friends of mine.
What is "crime"? What is a moral offense? What actions are evil and
dishonorable? I find these extraordinarily difficult questions. I have
no special status that should allow me to speak with authority on such
subjects. Quite the contrary. As a writer in a scorned popular
literature and a self-professed eccentric Bohemian, I have next to no
authority of any kind. I'm not a moralist, philosopher, or prophet.
I've always considered my "moral role," such as it is, to be that of a
court jester -- a person sometimes allowed to speak the unspeakable, to
explore ideas and issues in a format where they can be treated as games,
thought-experiments, or metaphors, not as prescriptions, laws, or
sermons.
I have no religion, no sacred scripture to guide my actions and provide
an infallible moral bedrock. I'm not seeking political responsibilities
or the power of public office. I habitually question any pronouncement
of authority, and entertain the liveliest skepticism about the processes
of law and justice. I feel no urge to conform to the behavior of the
majority of my fellow citizens. I'm a pain in the neck.
My behavior is far from flawless. I lived and thrived in Austin, Texas
in the 1970s and 1980s, in a festering milieu of arty crypto-
intellectual hippies. I've committed countless "crimes," like millions
of other people in my generation. These crimes were of the glamorous
"victimless" variety, but they would surely have served to put me in
prison had I done them, say, in front of the State Legislature.
Had I lived a hundred years ago as I live today, I would probably have
been lynched by outraged fellow Texans as a moral abomination. If I
lived in Iran today and wrote and thought as I do, I would probably be
tried and executed.
As far as I can tell, moral relativism is a fact of life. I think it
might be possible to outwardly conform to every jot and tittle of the
taboos of one's society, while feeling no emotional or intellectual
commitment to them. I understand that certain philosophers have argued
that this is morally proper behavior for a good citizen. But I can't
live that life. I feel, sincerely, that my society is engaged in many
actions which are foolish and shortsighted and likely to lead to our
destruction. I feel that our society must change, and change radically,
in a process that will cause great damage to our present system of
values. This doesn't excuse my own failings, which I regret, but it does
explain, I hope, why my lifestyle and my actions are not likely to make
authority feel entirely comfortable.
Knowledge is power. The rise of computer networking, of the Information
Society, is doing strange and disruptive things to the processes by
which power and knowledge are currently distributed. Knowledge and
information, supplied through these new conduits, are highly corrosive
to the status quo. People living in the midst of technological
revolution are living outside the law: not necessarily because they mean
to break laws, but because the laws are vague, obsolete, overbroad,
draconian, or unenforceable. Hackers break laws as a matter of course,
and some have been punished unduly for relatively minor infractions not
motivated by malice. Even computer police, seeking earnestly to
apprehend and punish wrongdoers, have been accused of abuse of their
offices, and of violation of the Constitution and the civil statutes.
These police may indeed have committed these "crimes." Some officials
have already suffered grave damage to their reputations and careers --
all the time convinced that they were morally in the right; and, like
the hackers they pursued, never feeling any genuine sense of shame,
remorse, or guilt.
I have lived, and still live, in a counterculture, with its own system
of values. Counterculture -- Bohemia -- is never far from criminality.
"To live outside the law you must be honest" was Bob Dylan's classic
hippie motto. A Bohemian finds romance in the notion that "his clothes
are dirty but his hands are clean." But there's danger in setting aside
the strictures of the law to linchpin one's honor on one's personal
integrity. If you throw away the rulebook to rely on your individual
conscience you will be put in the way of temptation.
And temptation is a burden. It hurts. It is grotesquely easy to justify,
to rationalize, an action of which one should properly be ashamed. In
investigating the milieu of computer-crime I have come into contact with
a world of temptation formerly closed to me. Nowadays, it would take no
great effort on my part to break into computers, to steal long-distance
telephone service, to ingratiate myself with people who would merrily
supply me with huge amounts of illicitly copied software. I could even
build pipe-bombs. I haven't done these things, and disapprove of them;
in fact, having come to know these practices better than I cared to, I
feel sincere revulsion for them now. But this knowledge is a kind of
power, and power is tempting. Journalistic objectivity, or the urge to
play with ideas, cannot entirely protect you. Temptation clings to the
mind like a series of small but nagging weights. Carrying these weights
may make you stronger. Or they may drag you down.
"His clothes are dirty but his hands are clean." It's a fine ideal, when
you can live up to it. Like a lot of Bohemians, I've gazed with a fine
disdain on certain people in power whose clothes were clean but their
hands conspicuously dirty. But I've also met a few people eager to pat
me on the back, whose clothes were dirty and their hands as well.
They're not pleasant company.
Somehow one must draw a line. I'm not very good at drawing lines. When
other people have drawn me a line, I've generally been quite anxious to
have a good long contemplative look at the other side. I don't feel much
confidence in my ability to draw these lines. But I feel that I should.
The world won't wait. It only took a few guys with pool cues and
switchblades to turn Woodstock Nation into Altamont. Haight-Ashbury was
once full of people who could trust anyone they'd smoked grass with and
love anyone they'd dropped acid with -- for about six months. Soon the
place was aswarm with speed-freaks and junkies, and heaven help us if
they didn't look just like the love-bead dudes from the League of
Spiritual Discovery. Corruption exists, temptation exists. Some people
fall. And the temptation is there for all of us, all the time.
I've come to draw a line at money. It's not a good line, but it's
something. There are certain activities that are unorthodox, dubious,
illegal or quasi-legal, but they might perhaps be justified by an honest
person with unconventional standards. But in my opinion, when you're
making a commercial living from breaking the law, you're beyond the
pale. I find it hard to accept your countercultural sincerity when
you're grinning and pocketing the cash, compadre.
I can understand a kid swiping phone service when he's broke, powerless,
and dying to explore the new world of the networks. I don't approve of
this, but I can understand it. I scorn to do this myself, and I never
have; but I don't find it so heinous that it deserves pitiless
repression. But if you're stealing phone service and selling it -- if
you've made yourself a miniature phone company and you're pimping off
the energy of others just to line your own pockets -- you're a thief.
When the heat comes to put you away, don't come crying "brother" to me.
If you're creating software and giving it away, you're a fine human
being. If you're writing software and letting other people copy it and
try it out as shareware, I appreciate your sense of trust, and if I like
your work, I'll pay you. If you're copying other people's software and
giving it away, you're damaging other people's interests, and should be
ashamed, even if you're posing as a glamorous info- liberating
subversive. But if you're copying other people's software and selling
it, you're a crook and I despise you.
Writing and spreading viruses is a vile, hurtful, and shameful activity
that I unreservedly condemn.
There's something wrong with the Information Society. There's something
wrong with the idea that "information" is a commodity like a desk or a
chair. There's something wrong with patenting software algorithms.
There's something direly mean spirited and ungenerous about inventing a
language and then renting it out to other people to speak. There's
something unprecedented and sinister in this process of creeping
commodification of data and knowledge. A computer is something too close
to the human brain for me to rest entirely content with someone
patenting or copyrighting the process of its thought. There's something
sick and unworkable about an economic system which has already spewed
forth such a vast black market. I don't think democracy will thrive in a
milieu where vast empires of data are encrypted, restricted,
proprietary, confidential, top secret, and sensitive. I fear for the
stability of a society that builds sand castles out of databits and
tries to stop a real-world tide with royal commands.
Whole societies can fall. In Eastern Europe we have seen whole nations
collapse in a slough of corruption. In pursuit of their unworkable
economic doctrine, the Marxists doubled and redoubled their efforts at
social control, while losing all sight of the values that make life
worth living. At last the entire power structure was so discredited that
the last remaining shred of moral integrity could only be found in
Bohemia: in dissidents and dramatists and their illegal samizdat
underground fanzines. Their clothes were dirty but their hands were
clean. The only agitprop poster Vaclav Havel needed was a sign saying
*Vaclav Havel Guarantees Free Elections.* He'd never held power, but
people believed him, and they believed his Velvet Revolution friends.
I wish there were people in the Computer Revolution who could inspire,
and deserved to inspire, that level of trust. I wish there were people
in the Electronic Frontier whose moral integrity unquestionably matched
the unleashed power of those digital machines. A society is in dire
straits when it puts its Bohemia in power. I tremble for my country when
I contemplate this prospect. And yet it's possible. If dire straits
come, it can even be the last best hope.
The issues that enmeshed me in 1990 are not going to go away. I became
involved as a writer and journalist, because I felt it was right.
Having made that decision, I intend to stand by my commitment. I expect
to stay involved in these issues, in this debate, for the rest of my
life. These are timeless issues: civil rights, knowledge, power, freedom
and privacy, the necessary steps that a civilized society must take to
protect itself from criminals. There is no finality in politics; it
creates itself anew, it must be dealt with every day.
The future is a dark road and our speed is headlong. I didn't ask for
power or responsibility. I'm a science fiction writer, I only wanted to
play with Big Ideas in my cheerfully lunatic sandbox. What little
benefit I myself can contribute to society would likely be best employed
in writing better SF novels. I intend to write those better novels, if I
can. But in the meantime I seem to have accumulated a few odd shreds of
influence. It's a very minor kind of power, and doubtless more than I
deserve; but power without responsibility is a monstrous thing.
In writing HACKER CRACKDOWN, I tried to describe the truth as other
people saw it. I see it too, with my own eyes, but I can't yet pretend
to understand what I'm seeing. The best I can do, it seems to me, is to
try to approach the situation as an open-minded person of goodwill. I
therefore offer the following final set of principles, which I hope will
guide me in the days to come.
I'll listen to anybody, and I'll try to imagine myself in their
situation.
I'll assume goodwill on the part of others until they fully earn my
distrust.
I won't cherish grudges. I'll forgive those who change their minds and
actions, just as I reserve the right to change my own mind and actions.
I'll look hard for the disadvantages to others, in the things that give
me advantage. I won't assume that the way I live today is the natural
order of the universe, just because I happen to be benefiting from it at
the moment.
And while I don't plan to give up making money from my ethically dubious
cyberpunk activities, I hope to temper my impropriety by giving more
work away for no money at all.
-==--==--==-<>-==--==--==-
MEMBERSHIP IN THE ELECTRONIC FRONTIER FOUNDATION
If you support our goals and our work, you can show that support by
becoming a member now. Members receive our magazine, EFFECTOR, our bi-
weekly electronic newsletter, EFFector Online, the @eff.org newsletter
and special releases and other notices on our activities. But because
we believe that support should be freely given, you can receive these
things even if you do not elect to become a member.
Our memberships are $20.00 per year for students, $40.00 per year for
regular members. You may, of course, donate more if you wish.
Our privacy policy: The Electronic Frontier Foundation will never, under
any circumstances, sell any part of its membership list. We will, from
time to time, share this list with other non-profit organizations whose
work we determine to be in line with our goals. If you do not grant
explicit permission, we assume that you do not wish your membership
disclosed to any group for any reason.
---------------- EFF MEMBERSHIP FORM ---------------
Mail to: The Electronic Frontier Foundation, Inc.
155 Second St. #36
Cambridge, MA 02141
I wish to become a member of the EFF I enclose:$__________
$20.00 (student or low income membership)
$40.00 (regular membership)
$100.00(Corporate or company membership.
This allows any organization to
become a member of EFF. It allows
such an organization, if it wishes
to designate up to five individuals
within the organization as members.)
I enclose an additional donation of $
Name:
Organization:
Address:
City or Town:
State: Zip: Phone:( ) (optional)
FAX:( ) (optional)
Email address:
I enclose a check [ ] .
Please charge my membership in the amount of $
to my Mastercard [ ] Visa [ ] American Express [ ]
Number:
Expiration date:
Signature:
Date:
I hereby grant permission to the EFF to share my name with
other non-profit groups from time to time as it deems
appropriate [ ] .
Initials:
Your membership/donation is fully tax deductible.
=====================================================================
EFFector Online is published by
The Electronic Frontier Foundation
155 Second Street, Cambridge MA 02141
Phone: +1 617 864 0665 FAX: +1 617 864 0866
Internet Address: eff@eff.org
Reproduction of this publication in electronic media is encouraged.
Signed articles do not necessarily represent the view of the EFF.
To reproduce signed articles individually,
please contact the authors for their express permission.
=====================================================================
This newsletter is printed on 100% recycled electrons.
########## ########## ########## | PIONEER AWARDS 2.0
########## ########## ########## | Call for Nominations
#### #### #### |
######## ######## ######## | EFF/AUSTIN: The First Chapter
######## ######## ######## |
#### #### #### | THE SETTLING OF THE INTERNET
########## #### #### |
########## #### #### | FTP.EFF.ORG:The Users' Site
=====================================================================
EFFector Online October 22, 1992 Issue 3.07
A Publication of the Electronic Frontier Foundation
ISSN 1062-9424
=====================================================================
THE SECOND ANNUAL INTERNATIONAL EFF PIONEER AWARDS:
CALL FOR NOMINATIONS
Deadline: December 31,1992
In every field of human endeavor,there are those dedicated to expanding
knowledge,freedom,efficiency and utility. Along the electronic frontier,
this is especially true. To recognize this,the Electronic Frontier
Foundation has established the Pioneer Awards for deserving individuals
and organizations.
The Pioneer Awards are international and nominations are open to all.
In March of 1992, the first EFF Pioneer Awards were given in Washington
D.C. The winners were: Douglas C. Engelbart of Fremont, California;
Robert Kahn of Reston, Virginia; Jim Warren of Woodside, California; Tom
Jennings of San Francisco, California; and Andrzej Smereczynski of
Warsaw, Poland.
The Second Annual Pioneer Awards will be given in San Francisco,
California at the 3rd Conference on Computers, Freedom, and Privacy
in March of 1993.
All valid nominations will be reviewed by a panel of impartial judges
chosen for their knowledge of computer-based communications and the
technical, legal, and social issues involved in networking.
There are no specific categories for the Pioneer Awards, but the
following guidelines apply:
1) The nominees must have made a substantial contribution to the
health, growth, accessibility, or freedom of computer-based
communications.
2) The contribution may be technical, social, economic or cultural.
3) Nominations may be of individuals, systems, or organizations in
the private or public sectors.
4) Nominations are open to all, and you may nominate more than one
recipient. You may nominate yourself or your organization.
5) All nominations, to be valid, must contain your reasons, however
brief, on why you are nominating the individual or organization,
along with a means of contacting the nominee, and your own contact
number. No anonymous nominations will be allowed.
6) Every person or organization, with the single exception of EFF
staff members, are eligible for Pioneer Awards.
7) Persons or representatives of organizations receiving a Pioneer
Award will be invited to attend the ceremony at the Foundation's
expense.
You may nominate as many as you wish, but please use one form per
nomination. You may return the forms to us via email to
pioneer@eff.org
You may mail them to us at:
Pioneer Awards, EFF,
155 Second Street
Cambridge MA 02141.
You may FAX them to us at:
+1 617 864 0866
Just tell us the name of the nominee, the phone number or email address
at which the nominee can be reached, and, most important, why you feel
the nominee deserves the award. You may attach supporting
documentation. Please include your own name, address, and phone number.
We're looking for the Pioneers of the Electronic Frontier that have made
and are making a difference. Thanks for helping us find them,
The Electronic Frontier Foundation
-------EFF Pioneer Awards Nomination Form------
Please return to the Electronic Frontier Foundation
via email to: pioneer@eff.org
via surface mail to EFF 155 Second Street, Cambridge, MA 02141 USA;
via FAX to +1 617 864 0866
Nominee:
Title:
Company/Organization:
Contact number or email address:
Reason for nomination:
Your name and contact information:
Extra documentation attached:
DEADLINE: ALL NOMINATIONS MUST BE RECEIVE BY THE ELECTRONIC FRONTIER
FOUNDATION BY MIDNIGHT, EASTERN STANDARD TIME U.S., DECEMBER 31,1992.
-==--==--==-<>-==--==--==-
THE EFF/AUSTIN CHAPTER
A Progress Report by John S. Quarterman
President of Autsin EFF.
As of July 1992, the official name of our group is EFF-Austin,
and we are a Texas nonprofit corporation. Our goals, adapted from
those of EFF-National, are given in our Articles of Incorporation:
(a) to engage in and support educational activities that
increase understanding of the opportunities and challenges posed
by computing and telecommunications, and related civil liberties
issues.
(b) to foster a clearer social understanding of the issues
underlying free and open telecommunications; and
(c) to facilitate and encourage communication between
individuals interested in computer and telecommunication
technology and related social and legal issues.
Among other activities in pursuit of these goals, we hold three
distinct types of public meetings: member meetings; Public Forums; and
Cyberdawgs.
Member meetings consist of presentations by EFF-Austin directors and
others on what EFF-Austin is doing, and questions and suggestions
from the attendees.
Our first general public meeting was held in May, at the Austin
Technology Incubator. Close to sixty people attended to listen to
what we had to say and to offer ideas. We are planning another member
meeting for November.
Public Forums have specific agendas and speakers, and both present
information of interest to our members and the public, and invite
discussion.
Our most recent public forum was "The Net: What is It, Where is it,
Who Uses It, and for What?", presented by John Quarterman and Smoot
Carl-Mitchell of Texas Internet Consulting and Matrix Information
and Directory Services, and Anna Couey, an art networker from
San Francisco. This was held at MCC and included online demonstrations
of Internet applications such as anonymous FTP, archie, and gopher,
as well as TELNET to locations such as Moscow and the WELL.
The next scheduled Public Forum is on October 29. Noted science
fiction author Bruce Sterling will speak and sign copies concerning his
latest work, the nonfiction book, The Hacker Crackdown, just published
by Bantam. This meeting will be held at the University of Texas. We
are inviting local law enforcement officers to attend, considering
the subject matter of the book. Cliff Figallo, Director of the Cambridge
Office of the Electronic Frontier Foundation will also attend.
Ed Cavazos is currently organizing a panel discussion on Sysop Liability
that will be given in January of next year.
In contrast to the formal presentation of a Public Forum is a
"Cyberdawg". These are informal networking mixers. (The name comes
from a hot dog picnic held last year at the Steve Jackson Games office
in Austin.) We have held two Cyberdawgs so far , in June and August,
at the High Times Tea Bar and Brain Gym (a local establishment
that serves intellectual games instead of alcohol), and at Europa Books.
They were well-attended by a diverse mix of the Austin electronic
community. All types of computer users met to talk, exchange
information, make contacts, and simply have fun. We have scheduled the
next Cyberdawg for November, and plan to have Tracy LaQuey Parker
present to sign copies of her latest book, The Internet Companion,
just published by Addison-Wesley.
Another method of information distribution that we have employed is
staffing tables at conventions. For example, we held a table at the
Government and Technology Convention in February of 1992, and have
plans to be present at the 1993 show as well. We had a meeting at
the Armadillocon Science Fiction Convention 9-11 October.
Since several of our members are frequent travelers to SF conventions,
we have presented panels and distributed literature at many such events.
We consider this worthwhile, since science fiction readers are likely
to be interested in the way society evolves to handle evolving
technology.
At all of these events we have been passing out EFF literature that we
possess at the time. We have created information of our own, as well.
There is the Info Disk, which contains text files that serve as a
primer to relevant issues in the use of computers and networks.
September saw the first issue of our online newsletter, Word, which we
plan to distribute monthly. EFF-Austin also sponsors a moderated
newsgroup, austin.eff, linked bidirectionally with a mailing list,
eff-austin@tic.com. That newsgroup and mailing list are about
EFF-Austin and local concerns, but they are already widely
distributed outside of Austin and on BBSes as well as through
USENET, UUCP, and the Internet.
This is all in addition to the meetings of the Board of Directors
(fifteen in the last twelve months). We currently hold these meetings
on the second Tuesday of each month.
-==--==--==-<>-==--==--==-
CURRENT SITE @eff.org
Where Users Come First.
by Rita Rouvalis
(rita@eff.org)
Carefully assemble four Sparcstation II's, nine gigs of disk storage,
a T1 and what do you get? One hopping Internet site and the Heart and
Soul of the EFF. Traditionally, netiquette has required that most ftp
transfers be done druing non-business or off-peak hours. The reason for
the request is that most ftp machines are also used for other tasks by
the local users. ftp.eff.org, however, is a dedicated ftp, gopher, and
WAIS machine. This means that it is not at the staff's disposal, but
yours. So pound away on it at any time of the day or night. That's the
reason we built it.
Services like WAIS, and GOPHER underscore our enthusiasm for better,
easier-to-use technology for accessing the information stored on the
Net. The wide variety of subject matter found in our anonymous FTP
archives is a working testimony to our belief in the free and open flow
of all kinds of information, not simply the official EFF positions and
publications (these are found only in the EFF directory).
And not only is our hardware the key distribution point for official EFF
documents like EFFector Online and NewsNotes, but we're also the virtual
home for other, similar-minded organizations like Carl Kadie's Computers
and Academic Freedom, the Index on Censorship, the Boston Computer
Society, the Massachusetts branch of Computer Professionals for Social
Responsibility (CPSR), Beyond Dreams, and the Commercial Internet
Exchange (CIX).
Last month, an average of 1371 files *a day* were sucked down from our
archives. Some of your favorites, according to our statistics, are
File Downloads in September
/pub/cud/phrack/phrack-40 454
/pub/EFF/legal-issues/eff-fbi-analysis 230
/pub/EFF/about-eff 197
/pub/cud/cud/cud4.41 173
/pub/internet-info/ftp.sites 101
/pub/journals/CORE/core1.08 53
/etc/passwd 39
/pub/EFF/legal-issues/against-look-and-feel 39
/pub/EFF/papers/crime-and-puzzlement 33
/pub/journals/InterText/ITv2n4-ascii 29
One of the best-kept secrets on ftp.eff.org is the relatively quiet
little corner occupied by the /journals directory. One of the most
selective news stands in Cyberspace, it contains a small number of
excellent and widely varied electronic publications. Our two newest
additions to the magazine rack are CurrentCites, which presents selected
articles on information transfer, electronic publishing, expert systems
and artificial intelligence, and more; and ScreamBaby, a tense, neurotic
'zine that asks the all-consuming question "What the hell did *YOU* do
today?"
Other recent additions include a document on electronic communications
from Human Right Watch (/pub/EFF/papers/electrifying-speech); the first
edition of Word, the EFF-Austin chapter's newsletter (/pub/EFF/local-
chapters/Austin_TX/Word1); and the EJournal Directory, an extensive list
of electronic publications (/pub/journals/EJournal.Directory2.1).
We are always looking for new files of interest to add to our ftp
collection. If you know of anything appropriate, please drop us a note
at eff@eff.org.
-==--==--==-<>-==--==--==-
From the Univ of Wisconsin Microelectronics bulletin, Prof. F Cerrina
as the author:
"After the Microlithography '92 conference in Japan, we toured some
of the leading electronics laboratories. Our visit to Hitachi's
Central Research Lab included an amusing demonstration of the
resolution of current lithography. On a four-inch wafer, they printed
a map of the world that included the streets of London down to the
smallest alleys. It's now possible to put a fully detailed map of
the world on a six-inch wafer."
Food for thought...
(Submitted by Gary Delp <gdelp+@rchland.ibm.com> )
-==--==--==-<>-==--==--==-
The Settling of the Internet
by David Tyckson
(DT673@ALBNYVMS.BITNET )
It has been nearly three months since I sent my original "What's
Going On Here?" message to PACS-L, which dealt with the migration from
electronic to print format of some of my favorite network publications.
While I expected some responses to this message, I did not expect the
flood of material that came to me both privately and over the network.
I am finally clearing my mailbox of old messages and would like to
report to PACS-L on this topic.
The vast majority of responses disagreed with me and indicated that
print is an appropriate, if not preferred, publication medium. Many
replies stressed the rights of authors to receive royalty payments for
print publications, the fact that print gets wider distribution than
electronic media, and that the author has every right to select the
publication format. One particularly thoughtful response (sent on
PACS-L by Czeslaw Jan Grycz) discussed the role of electronic
publication in the scholarly communications process. Other responses
moved into a variety of related topics, including copyright, the cost of
the network, and even the global environment. It is clear that my
original message struck a nerve among many network users.
Some responses were predictable (the editors of PACS Review were
not pleased with my attack on the print version of their publication),
some were enlightening (Brendan Kehoe gave an excellent review of the
evolution of Zen and the Art of the Internet), and some were surprising
(I did not realize that Zen had been written by an undergraduate
student). Perhaps the most surprising response of all was finding
myself quoted in the Chronicle of Higher Education, a fact which I
became aware of only when the Office of the President of my university
called to find out more about my "article" in the Chronicle!
After all of this discussion and publicity, what exactly is going
on here? The Internet is not dying, as my initial message may have led
some to believe, but is alive and very, very well. In fact, network
resources comprise the biggest growth area in the information world at
the moment. All of the training sessions, publications, and new network
position advertisements clearly show that the Internet will be around
for a long time to come. It is not death that we must worry about, but
rapid growth.
Because of this growth, something DID happen to the Internet last
summer. The issues that I raised originally were not indicators of the
end of the network, but were signs of its maturation. Whereas in the
past the networks were the playthings (and workthings) of a few network
elite, they have grown to encompass a much broader clientele. It is
this volume of users that has resulted in the changes. Last summer, the
number of network users passed the critical mass required to attract
interest from commercial publishers and the press. While this attention
will help the Internet to grow even further, it takes something away
from the communal aspects of the early users.
Like the telephone user who was required to move from a party line
to a private line when he/she realized who else could be monitoring the
calls, the presence of journalistic and commercial entities on the
networks may change the nature of the information communicated over
these networks. Information that has been given away freely in the past
may now require some type of payment to a publisher. While the creators
of information deserve credit (both intellectual and monetary) for their
work, the formalization of this process will tend to discourage
"skywriting" as we have known it in the past. In addition, authors who
may formerly have spontaneously responded to other messages may now be
cautious in what they say and how they say it. The numerous disclaimer
statements at the end of author signatures are already a step in this
direction.
Last summer saw the passing of an era in networked resources.
Before the summer, the network was populated primarily by pioneers, who
explored its resources out of enthusiasm, interest, and a sense of
exploration. Now it is being populated by settlers, who wish to mine
the networks in some sort of production mode. The early users
(pioneers) were able to explore and search in a somewhat unrestricted
manner, creating their own rules as they went along. Some did it for
the challenge, some in search of specific types of resources, and others
just for the fun of seeing what was out there.
The success of those pioneer efforts brought many more users onto
the networks. However, these new users did not usually have the same
motives for utilizing networked resources. Rather than exploring the
network wilderness, the new users (settlers) want resources that they
can use in their everyday lives. They also want guides to these
resources and rules for their use. The commercial and journalistic
presence in issues related to the network is a clear indication that we
have evolved into the settler stage.
Unfortunately, the cultures of pioneers and settlers do not always
conform. Pioneers want freedom, while settlers want order. While some
pioneers stake out an area and become leading settlers in an aspect of
networked resources, others move on and continue to explore new areas.
The pioneers laid the groundwork for the rest of us (I consider myself a
very early settler) and we owe them our gratitude for making us aware of
the capabilities of networked information. While we may lament the
passing of the good old days of freewheeling information flow, we have
moved on into an era in which more networked information will be
available to more people than ever.
Last summer saw the passing of the era of the wild, wild Internet.
It is now up to those of us who have settled these new territories to
develop rules, regulations, and guidebooks that will make information
available equitably for everyone. I have faith that we, as information
organizers, will be able to develop a culture that preserves democratic
access to information resources. If not, we will have settled a land
not worth inhabiting.
David Tyckoson
Head, Reference Department
University Libraries
University at Albany - SUNY
(518) 442-3559
DT673@ALBNYVMS
-==--==--==-<>-==--==--==-
FROM THE MBOX
From: "Thomas Leedy, Admin A-402, Ext 2410" <LEEDY@MICF.NIST.GOV>
To: Electronic Frontier Foundation <eff@eff.org>
Subject: Where Can I Get One of Those Bumper Stickers?
Date: Thu, 15 Oct 92 09:46:31 EDT
I saw a *great* bumper sticker on the Washington DC Beltway this morning
and almost ran the poor guy off the road trying to read the Internet
address ...so I hope that I have this right. It said "I'd rather be
telecommuting. " Do you people make these available? If so how can I get
one? (The only other way I know is to steal the fellow's bumper!) Would
be interested in other material/positions that the Electronic Frontier
Foundation makes available.
Thanks!
Best ... Tom
leedy@micf.nist.gov
[Editors note: Card-carrying members of the EFF can get one bumper
sticker for free. Non-members can buy them for $2 each, pre-paid.
Please include a self-addressed stamped business-sized envelope and
specify whether you want:
"I'd rather be telecommuting."
"CYBERNAUT"
"Highways in Cyberspace: 'Make it so.'"
"My other car is a computer."
Gifs of these can be viewed by ftp'ing to ftp.eff.org and cd'ing to
/pub/EFF/eff-issues thanks to the generous volunteer work of Mark
Sheenan (sheehan@indiana.edu).]
-==--==--==-<>-==--==--==-
MEMBERSHIP IN THE ELECTRONIC FRONTIER FOUNDATION
If you support our goals and our work, you can show that support by
becoming a member now. Members receive our bi-weekly electronic
newsletter, EFFector Online, the @eff.org newsletter
and special releases and other notices on our activities. But because
we believe that support should be freely given, you can receive these
things even if you do not elect to become a member.
Our memberships are $20.00 per year for students, $40.00 per year for
regular members. You may, of course, donate more if you wish.
Our privacy policy: The Electronic Frontier Foundation will never, under
any circumstances, sell any part of its membership list. We will, from
time to time, share this list with other non-profit organizations whose
work we determine to be in line with our goals. If you do not grant
explicit permission, we assume that you do not wish your membership
disclosed to any group for any reason.
---------------- EFF MEMBERSHIP FORM ---------------
Mail to: The Electronic Frontier Foundation, Inc.
155 Second St. #37
Cambridge, MA 02141
I wish to become a member of the EFF I enclose:$__________
$20.00 (student or low income membership)
$40.00 (regular membership)
$100.00(Corporate or company membership.
This allows any organization to
become a member of EFF. It allows
such an organization, if it wishes
to designate up to five individuals
within the organization as members.)
I enclose an additional donation of $
Name:
Organization:
Address:
City or Town:
State: Zip: Phone:( ) (optional)
FAX:( ) (optional)
Email address:
I enclose a check [ ] .
Please charge my membership in the amount of $
to my Mastercard [ ] Visa [ ] American Express [ ]
Number:
Expiration date:
Signature:
Date:
I hereby grant permission to the EFF to share my name with
other non-profit groups from time to time as it deems
appropriate [ ] .
Initials:
Your membership/donation is fully tax deductible.
=====================================================================
EFFector Online is published by
The Electronic Frontier Foundation
155 Second Street, Cambridge MA 02141
Phone: +1 617 864 0665 FAX: +1 617 864 0866
Internet Address: eff@eff.org
Reproduction of this publication in electronic media is encouraged.
Signed articles do not necessarily represent the view of the EFF.
To reproduce signed articles individually,
please contact the authors for their express permission.
=====================================================================
This newsletter is printed on 100% recycled electrons.
########## ########## ########## |
#### #### #### | A TECHNOLOGY POLICY FOR AMERICA
######## ######## ######## | by President-Elect Bill Clinton
######## ######## ######## |
#### #### #### |
########## #### #### |
########## #### #### |
=====================================================================
EFFector Online November 4, 1992 Issue 3.08
A Publication of the Electronic Frontier Foundation
ISSN 1062-9424
=====================================================================
A TECHNOLOGY POLICY FOR AMERICA Six Broad Initiatives
by Bill Clinton
(September, 1992)
The Clinton-Gore technology policy consists of six broad initiatives
that together will restore America's technological leadership:
1. Building a 21st Century Technology Infrastructure.
Infrastructure has traditionally been the responsibility of federal and
state governments. Investing in infrastructure means more than repairing
bridges, harbors and highways. Today, the United States faces a new
series of communications, transportation and environmental needs for the
21st century. The creation of a 21st century infrastructure program
would serve as a critical technology driver for the nation. It would
stimulate major new national R&D efforts; create large, predictable
markets that would prompt significant private sector investments; and
create millions of new jobs.
A 21st century infrastructure would address many practical problems. For
example, the government can serve as a catalyst for the private sector
development of an advanced national communications network, which would
help companies collaborate on research and design for advanced
manufacturing; allow doctors across the country to access leading
medical expertise; put immense educational resources at the fingertips
of American teachers and students; open new avenues for disabled people
to do things they can't do today; provide technical information to small
businesses; and make telecommuting much easier. Such a network could do
for the productivity of individuals at their places of work and learning
what the interstate highway of the 1950s did for the productivity of the
nation's travel and distribution system.
Each year, I plan to devote a significant portion of my four year, $80
billion Rebuild America fund to laying the groundwork for the nation's
infrastructure needs in the 21st century. Federal funding for the
National Research and Education Network is one example of how the
federal government can serve as a catalyst for private sector
infrastructure investment. We will also provide additional funding to
network our schools, hospitals and libraries.
As part of the effort to assess U.S. needs and develop appropriate
programs, the federal government must monitor, or "benchmark", what
foreign governments are doing. For example, the Japanese government has
committed to invest over $120 billion by 1995 to develop a digital
broadband communication infrastructure called the Information Network
System, and plans to invest another $150 billion to establish model
programs for business and residential users.
A comprehensive infrastructure program must also include effective
standards and regulations. By establishing reasonable standards and a
constructive regulatory environment, the government can send clear
signals to industry about important, emerging markets and spur private
sector investment. For example, the digital standard that the Federal
Communications Commission (FCC), in cooperation with industry,
established for high resolution television provides an excellent
indication of the future technical direction of the industry and will do
much to facilitate private sector R&D.
A 21st century infrastructure program should consist of the following
five elements:
Funding the establishment of key networks and demonstration
projects;
Benchmarking U.S. programs against those of other major industrial
nations;
Establishing standards and a regulatory climate that fosters
private sector investment;
Involving the federal labs, companies, and universities in
conducting R&D on key technical issues; and
Providing training for users of networks and databases.
2. Establishing Education and Training Programs for a High-Skill
Workforce.
The U.S. education system must make sure that American workers have the
requisite skills. The focus should be not only on the top American
students who measure up to world-class standards, but also on average
and disadvantaged students. It must also take into account the need to
upgrade workers' skills and help people make the difficult transition
from repetitive, low-skill jobs to the demands of a flexible, high-skill
workplace. Unlike Germany, the United States does not have a
sophisticated vocational education program, and unlike Japan, U.S. firms
do not have a strong incentive to invest in the training and retraining
of their workers. We need more of both, geared to meet the needs of the
mobile U.S. workforce.
I will implement the following programs to strengthen the skills of
America's workforce:
Establish tough standards and a national examination system in
core subjects like writing, communication, math and science;
level the playing field for disadvantaged students;
reduce class sizes;and give parents the right to chose the public
schools their child attends.
Establish a national apprenticeship program that offers non-
college bound students training in a marketable skill.
Give every American the right to borrow money for college by
establishing a National Service Trust Fund. Students can repay
their borrowing as a percent of their earnings over time, or by
serving their communities for one or two years doing work their
country needs.
Stimulate industry to provide continuing, high skills training to
its front-line workers.
For small manufacturers to compete today, it is not good enough simply
to have access to new equipment and new technologies if their workers do
not have the skills and know-how to operate them efficiently, and engage
in truly flexible production. Yet, too much of our training is for only
top executives or workers after they have lost their jobs.
My plan calls for companies with over 50 employees to ensure that 1.5
percent of their payroll goes to training throughout the workforce --
not just for the top executives. But we must do more for smaller
companies who cannot afford to set up the training programs. These
companies need to adapt to new technologies and new equipment and the
constantly new demands.
New production technology should be worker-centered and skill-based, not
skill-eliminating. In the high-performance workplace, workers have more
control over production and worker responsibility is increased. Some
companies that have invested billions in new capital equipment have
found that genuine employee involvement and good labor-management
relations are ultimately more important. Therefore we need to undertake
the following:
Manufacturing training centers:
We need to promote private sector-led efforts to set up training
for small companies. These can be done by building off community
colleges training and should be an integral part of the network of
Manufacturing Extension provisions. These would also be integrated
with my Apprenticeship initiative so that young people will have
the opportunity to learn specific skills needed for specific
manufacturing jobs or industries. Councils including private
sector and academic leaders as well as workers would help decide
generic areas for training.
Certificate of training guarantees:
In order to be eligible for federal funds for manufacturing
training centers, such centers would have to provide all future
employers with a Certificate of Guarantee. This would ensure that,
when workers do not pick up the necessary skills the first time,
these centers would provide additional training -- at no
additional cost to the employer.
Best Practices on Worker Participation:
An integral function of the Manufacturing Extension Centers will
be to collect and disseminate information on "best practices" with
regards to worker participation. Increasing worker productivity is
one of the keys to increasing overall manufacturing productivity.
3. Investing in Technology Programs that Empower America's Small
Businesses.
A healthy and growing small-business sector is essential to America's
economic well-being. America's 20 million small businesses account for
40 percent of our GNP, half of all employment, and more than half of the
job creation. My technology policy will recognize the importance of
small and medium-sized business to America's economic growth with:
Market-driven extension centers:
Creating 170 manufacturing centers will put the best tools in the
hands of those companies that are creating the new jobs on which
the American economy depends by helping small- and medium- sized
manufacturers choose the right equipment, adopt the top business
practices, and learn cutting-edge production techniques. In order
to enhance U.S. industrial competitiveness, public policy must
promote the diffusion and absorption of technology across the U.S.
industrial base. Some state and local governments are already
involved in technology diffusion using manufacturing centers. They
are helping small businesses improve the productivity of their
existing machinery and equipment, adopt computer-integrated or
flexible manufacturing techniques, and identify training needs.
The Commerce Department has five Manufacturing Technology Centers across
the country and has plans for two more. Unfortunately, these efforts are
only a drop in the bucket compared to those of our major competitors.
Germany has over 40 contract R&D centers (Fraunhofer Gesellschaft) and a
broad network of industry associations and research cooperatives that
effectively diffuse technology across industry. In Japan, major
government-sponsored research projects, 170 kohsetsushi technology
support centers for small businesses, and tight links between companies
and their suppliers serve much the same function. There is no comparable
system in the United States.
A Clinton-Gore Administration will build on the efforts of state and
local governments to create a national technology extension program,
designed to meet the needs of the millions of small businesses that have
difficulty tracking new technology and adapting it to their needs.
The involvement of workers is critical to developing and executing
successful industrial extension programs. In technology, as in other
area, we must put people first. New production technology should be
worker-centered and skill-based, not skill-eliminating. In the high-
performance workplace, workers have more control over production and
worker responsibility is increased. Some companies that have invested
billions in new capital equipment have found that genuine employee
involvement and good labor-management relations are ultimately more
important.
No less than 25 of these new manufacturing centers will be regional
technology alliances devoted to regions hit hard by defense cut-backs.
These alliances could promote the development of dual-use technologies
and manufacturing processes on a regional basis. Extending the Small
Business Innovation Research Program (SBIR)
In addition to creating a national technology extension service for
small and medium-sized businesses, I will also expand the Small Business
Innovation Research Program. By requiring that federal agencies set-
aside 1.25 percent of their R&D budget for small businesses, this
program has helped create billions of dollars of new commercial activity
while improving the research programs of the federal government. Given
this track record, the SBIR program should be doubled over a period of
four years to 2.5% to accelerate the development of new products by
innovative small businesses.
Funding private sector-led training centers:
We also need a fundamental change in the way we deal with R&D and
technology if we are to lead a new era of American manufacturing.
Currently, our R&D budget reflects neither the realities of the post-
Cold War era nor the demands for a new national security. At present,
60% of the federal R&D budget is devoted to defense programs and 40%
percent to non-defense programs. The federal government should aim to
restore a 50-50 balance between defense and non-defense R&D. That is why
I have called for a new civilian research and development program to
support research in the technologies that will launch new growth
industries and revitalize traditional ones.
This civilian technology program will:
Invest in Private-Sector Led Consortia: When the private sector
creates consortia to share risks, pool resources, avoid
duplication and make investments that they would not make without
such agreements, government should be willing to do its part.
Support for consortia such as the SEMATECH, National Center for
Manufacturing Sciences and the Advanced Battery is appropriate. By
requiring firms to match federal contributions on at least a 50:50
basis, the government can insure that we are leveraging public
dollars and that they are market-led and market-oriented. Often
major companies are reluctant to invest in their suppliers and
assist them in quality management techniques, because they fear
they will go to another company. Private-sector-led consortia
allow the major companies to cure that problem by coming together
and agreeing on industry-wide efforts to invest in smaller
suppliers. Some of these consortia will be funded by the Advanced
Technology Program.
Inward Technology Transfer: While we must strengthen the links
between American R&D and American jobs, we must also develop a
strategy for acquiring, disseminating, and utilizing foreign
technologies. Our Government must increase the collection,
translation and dissemination of foreign scientific and technical
information.
4. Increasing Dramatically the Percentage of Federal R&D for Critical
Technologies.
I will view the support of generic industrial technologies as a priority
mission. The government already spends $76 billion annually on R&D. This
funding should be refocused so that more resources are devoted to
critical technologies, such as advanced materials, information
technology and new manufacturing processes that boost industrial
performance.
At present, 60% of the federal R&D budget is devoted to defense programs
and 40% percent to non-defense programs. This level of support for
defense R&D is a holdover from the massive arms build-up of the 1980s.
At the very least, in the next three years the federal government should
shift the balance between defense and non-defense programs back to a 50-
50 balance, which would free-up over $7 billion for non-defense R&D.
Having achieved this balance, the government should examine whether
national security considerations and economic conditions warrant further
shifts.
I will also create a civilian research and development program to
support research in the technologies that will launch new growth
industries and revitalize traditional ones.
This civilian technology program will:
Help companies develop innovative technologies and bring new
products to market;
Take the lead in coordinating the R&D investments of federal
agencies;
and Cooperate and consult with industry, academia and labor in the
formulation and implementation of technology policy and R&D
programs.
Advanced Manufacturing R&D:
The United States is currently underinvesting in advanced manufacturing
R&D. The federal government should work with the private sector -- with
the private sector taking the lead -- to develop an investment strategy
for those technologies critical to 21st century manufacturing.
Following the lead of my running mate, Al Gore, and several of his
colleagues, we must do more to support industry's efforts to develop the
advanced computer-controlled equipment ("intelligent machines") and the
electronic networks that will enable American factories to work as
quickly and efficiently as their Japanese counterparts. These
technologies also include flexible micro- and nanofabrication,
simulation and modeling of manufacturing processes, tools for concurrent
engineering, electronic networks that allow firms to share business and
product data within and between firms, and environmentally-conscious
manufacturing. According to industry experts, the United States has an
opportunity to capitalize on the emerging shift from mass production to
flexible or "agile" manufacturing.
5. Leveraging the Existing Federal Investment in Technology to Maximize
its Contribution to Industrial Performance.
R&D conducted at the federal labs and consortia should be carefully
evaluated to assure that it has a maximum impact on industrial
performance. Furthermore, cooperation between universities and industry
should be encouraged.
America's 726 federal laboratories collectively have a budget of $23
billion, but their missions and funding reflect the priorities that
guided the United States during the Cold War. Approximately one-half of
their budget is directed toward military R&D. By contract, the budget
for the National Institute for Standards and Technology (NIST) - the
only federal agency whose principal mission is to assist industry -
accounts for less than one percent of the total federal lab budget.
Despite several years of legislative reform and many new directives, the
labs still do not have the autonomy or funding to pursue joint ventures
and industry aggressively.
These labs and other private non-profit research centers are national
treasures because they house large, multi-disciplinary teams of
researchers who have honed the skills of balancing basic and applied
research for long-term, mission-oriented projects. It would take years
to match these special capabilities elsewhere. Today, the labs and
industry cooperate on defense needs; we need to change regulations and
orientation to get this cooperation on technology development for
commercial usage.
To remedy these problems, I propose the following:
The budget of the National Institute of Standards and Technology
should be doubled. Federal labs which can make a significant
contribution to U.S. competitiveness should have ten to twenty
percent of their existing budget assigned to establish joint
ventures with industry.
Private corporations should compete for this funding through
review by panels managed by the labs and made up of corporate and
academic experts. Lab directors should have full authority to
sign, fund and implement cooperative R&D agreements with industry.
Some labs, such as NIST, already have this authority, but others
do not.
Industry and the labs should jointly develop measures to determine
how well the technology transfer process is working and review
progress after 3 years. If these goals have not been met, industry
and the labs should reevaluate their involvement, and funds should
be redirected to consortia, universities and other organizations
that can work more effectively with industry for results.
University research accounts for a large part of the federal basic
research budget. Funding for basic university research should
continue to be provided for a broad range of disciplines, since it
is impossible to predict where the next breakthrough may come.
While maintaining America's leadership in basic research,
government, universities and industry must all work together to
take advantage of these new breakthroughs to enhance U.S.
competitiveness.
Cooperative R&D programs represent another opportunity. Consortia can
help firms share risks, pool resources, avoid duplication, and make
investments that they would not undertake individually. By requiring
that firms match federal contributions on at least a 50:50 basis, the
government can leverage its investments and ensure that they are market-
oriented.
Many industries are demonstrating a new found willingness to cooperate
to meet the challenge of international competition: SEMATECH has proven
to be an important investment for the industry and the Nation. It has
helped improve U.S. semiconductor manufacturing technology, helped
reversed the decline in world-wide market share of U.S. semiconductor
manufacturing equipment companies, and improved communications between
users and suppliers. U.S. automakers have recently formed the United
States Council for Automotive Research to develop batteries for electric
cars, reduce emissions, improve safety, and enhance computer-aided
design. The Michigan-based National Center for Manufacturing Sciences,
which now has 130 members, is helping to develop and deploy the
technologies necessary for world-class manufacturing. The
Microelectronics Computer Technology Corporation (MCC) is developing an
information infrastructure which will enable businesses to develop,
manufacture, deliver and support products and services with superior
speed, flexibility, and quality. U.S. steel-makers are cooperating to
develop manufacturing processes which would use less energy, create
fewer pollutants, and slash the time required to turn iron ore and coal
into steel.
A Clinton-Gore Administration will work to build a productive
partnership between government, research labs, universities, and
business.
6. Creating a World-Class Business Environment for Private Sector
Investment and Innovation.
Changes in America's tax, trade and regulatory policies are also needed
to help restore America's industrial and technological leadership. In a
global economy in which capital and technology are increasingly mobile,
we must make sure that the United States has the best business
environment for private sector investment. Tax incentives can spur
investment in plant and equipment, R&D and new businesses. Trade policy
can ensure that U.S. firms have the same access to foreign markets that
our competitors enjoy in the U.S. market. Antitrust reform will enable
U.S. firms to share risks and pool resources. Strengthening commercial
sections of our embassies will increase our ability to promote U.S.
goods abroad. Streamlining export controls will reduce the bureaucratic
red tape which can undermine competitiveness. And an overhaul of
cumbersome defense procurement regulations will strengthen both our
civilian and defense industrial bases. Permanent incentives for private
sector investment:
Too many federal incentives meant to spur innovation are on-again-off-
again programs that industry views as unreliable. As a result, they have
not realized their full impact. Several permanent tax measures should be
put in place immediately to stimulate commercial activity. They include
the following:
Make the R&D tax credit permanent to provide incentives for U.S.
companies that invest in developing new technology.
Place a permanent moratorium on Treasury Regulation 1.861-8: This
regulation increases the effective rate of U.S. taxation of R&D
and creates a disincentive for companies to conduct R&D in the
United States.
Provide a targeted investment tax credit to encourage investment
in the new equipment that we need to compete in the global
economy, and ensure that depreciation schedules reflect the rapid
rate of technological obsolescence of today's high-tech equipment.
Help small businesses and entrepreneurs by offering a 50% tax
exclusion to those who take risks by making long-term investments
in new businesses.
An effective trade policy:
The Bush-Quayle Administration has failed to stand up for U.S. workers
and firms. We need a President who will open foreign markets and respond
forcefully to unfair trade practices. I will:
- Enact a stronger, sharper Super 301 to ensure that U.S.
companies enjoy the same access to foreign markets that foreign
companies enjoy to our market.
- Successfully complete the Uruguay Round. This will help U.S.
manufacturers and high-tech companies by reducing foreign tariffs,
putting an end to the rampant theft of U.S. intellectual property,
and maintaining strong disciplines against unfair trade practices.
- Insist on results from our trade agreements. Although the U.S.
has negotiated many trade agreements, particularly with Japan,
results have been disappointing. I will ensure that all trade
agreements are lived up to, including agreements in sectors such
as telecommunications, computers and semiconductors. Countries
that fail to comply with trade agreements will face sanctions.
- Promote manufactured goods exports by small and medium
companies: To promote exports of manufactured goods, I will
strengthen the commercial sections of our embassies abroad so that
they can promote U.S goods, participate in foreign standards-
setting organizations, and support the sales efforts of small and
medium-sized businesses. We should also provide matching funds to
trade associations or other organizations who establish overseas
centers to promote U.S. manufactured goods exports.
Streamline Exports Controls:
Export controls are necessary to protect U.S. national security
interests and prevent the proliferation of nuclear, biological and
chemical weapons. Nonetheless, these controls are often overly
restrictive and bureaucratic, creating a mountain of red tape and
costing the U.S. tens of billions of dollars in exports -- while
undermining the competitiveness of the high-tech industries on which our
national security depends. The United States should:
- Further liberalize East-West export controls that are
unnecessary given the end of the Cold War.
- Avoid unilateral export controls and controls on technology
widely available in world markets. Unilateral controls penalize
U.S. exporters without advancing U.S. national security or foreign
policy interests.
- Streamline the current decision-making process for export
controls. While our competitors use a single agency to administer
export controls, the United States system is often characterized
by lengthy bureaucratic turf wars between the State Department,
the Commerce Department, the Pentagon's Defense Technology
Security Agency, the Arms Control and Disarmament Agency, the
Department of Energy, and the National Security Agency.
Antitrust Reform:
Increasingly, the escalating cost of state-of-the-art manufacturing
facilities will require firms to share costs and pool risks. To permit
this cooperation, the United States should extend the National
Cooperative Research Act of 1984 to cover joint production ventures.
Civil-military integration:
Department of Defense procurement regulations are so cumbersome that
they have resulted in an unnecessary and wasteful segregation of our
civilian and defense industrial bases. The military specification for
sugar cookies is 10 pages long. Government procurement is so different
from private sector practices that companies now set up separate
divisions and manufacturing facilities to avoid distorting the
commercial part of their business. The U.S. must review and eliminate
barriers to the integration of our defense and civilian industrial base.
These barriers include cost and price accounting, unnecessary military
specifications, procurement regulations, inflexibility on technical data
rights, and a failure to develop technologies in a dual-use context.
Taken together, the six initiatives discussed above comprise a
technology policy that will restore economic growth at home, help U.S.
firms succeed in world markets, and help American workers earn a good
standard of living in the international economy.
-==--==--==-<>-==--==--==-
MEMBERSHIP IN THE ELECTRONIC FRONTIER FOUNDATION
If you support our goals and our work, you can show that support by
becoming a member now. Members receive our bi-weekly electronic
newsletter, EFFector Online, the @eff.org newsletter
and special releases and other notices on our activities. But because
we believe that support should be freely given, you can receive these
things even if you do not elect to become a member.
Our memberships are $20.00 per year for students, $40.00 per year for
regular members. You may, of course, donate more if you wish.
Our privacy policy: The Electronic Frontier Foundation will never, under
any circumstances, sell any part of its membership list. We will, from
time to time, share this list with other non-profit organizations whose
work we determine to be in line with our goals. If you do not grant
explicit permission, we assume that you do not wish your membership
disclosed to any group for any reason.
---------------- EFF MEMBERSHIP FORM ---------------
Mail to: The Electronic Frontier Foundation, Inc.
155 Second St. #38
Cambridge, MA 02141
I wish to become a member of the EFF I enclose:$__________
$20.00 (student or low income membership)
$40.00 (regular membership)
$100.00(Corporate or company membership.
This allows any organization to
become a member of EFF. It allows
such an organization, if it wishes
to designate up to five individuals
within the organization as members.)
I enclose an additional donation of $
Name:
Organization:
Address:
City or Town:
State: Zip: Phone:( ) (optional)
FAX:( ) (optional)
Email address:
I enclose a check [ ] .
Please charge my membership in the amount of $
to my Mastercard [ ] Visa [ ] American Express [ ]
Number:
Expiration date:
Signature:
Date:
I hereby grant permission to the EFF to share my name with
other non-profit groups from time to time as it deems
appropriate [ ] .
Initials:
Your membership/donation is fully tax deductible.
=====================================================================
EFFector Online is published by
The Electronic Frontier Foundation
155 Second Street, Cambridge MA 02141
Phone: +1 617 864 0665 FAX: +1 617 864 0866
Internet Address: eff@eff.org
Reproduction of this publication in electronic media is encouraged.
Signed articles do not necessarily represent the view of the EFF.
To reproduce signed articles individually, please contact the authors
for their express permission.
=====================================================================
This newsletter is printed on 100% recycled electrons.
########## ########## ########## | COMPUTER SPIES
########## ########## ########## | by Mitchell Kapor
#### #### #### |
######## ######## ######## |BUILDING BLOCKS AS STUMBLING BLOCKS
######## ######## ######## | A Commentary on the 15th NCSC
#### #### #### | by Rebecca Mercuri
########## #### #### |
########## #### #### | THIS OLD DOS
=====================================================================
EFFector Online November 9, 1992 Issue 3.09
A Publication of the Electronic Frontier Foundation
ISSN 1062-9424
=====================================================================
Computer Spies
by Mitchell Kapor
Can a company lawfully eavesdrop on its employees' telephone calls? Not
if they have an expectation of privacy. But, at least in most states,
the employer can monitor conversations if it tells the workers that that
is what it is going to do.
That old legal issue surfaces in a new technological context in Silicon
Valley, with disturbing consequences for your ability to defend key
information assets. Take a look at how Borland International, a company
that should know better after almost a decade on the leading edge of
technology, may have hurt itself in a case involving an apparent theft of
trade secrets.
The allegations in the tangled legal affair are by now well known. On
Sept. 1 Eugene Wang, a vice president of Borland's computer languages
division, abruptly jumped ship to join competitor Symantec Corp. A
pattern of suspicious behavior in Wang's final days suggested that
perhaps he had traded Borland secrets along with his job. Borland had no
proof, but it knew where to look. Borland executives opened Wang's MCI
Mail account, where they found, they said, a number of messages that
they believe prove Wang delivered Borland product plans, memos and other
sensitive documents to Symantec. The evidence thus uncovered led to
police searches of Wang's and Symantec Chief Executive Gordon Eubanks'
homes and Symantec offices, to a pending criminal investigation of Wang
and Eubanks and to a civil suit by Borland against Symantec.
What has been scarcely addressed in newspaper coverage of these events
is what this case means to the rapidly growing business of electronic
mail.
Let's back up and consider the law that protects electronic mail users,
the federal Electronic Communications Privacy Act of 1986. The privacy
act protects messages while in transmission on a public mail service
such as MCI, as well as after messages are received and stored on that
service.
Borland and its attorneys, in a hurry to prove their suspicions about
Wang, justified their intrusion into the mailbox as a property right:
Borland was paying the bills for Wang's MCI account. "E-mail is like an
in-box on someone's desk,' says Borland spokesman Steven Grady in
defense of the search. "When they leave, it reverts to the corporation."
Case closed? Not quite. Borland's metaphors fall apart when tested
against the realities of electronic mail. Unlike in-boxes on an
abandoned desk, E-mail requires a password, and it can be administered
by a wholly separate communications company, like MCI. As it stands, in
a criminal case Wang could challenge the legality of all the evidence
collected on the basis of the messages found in his MCI account. He may
also have grounds for a countersuit under the electronic privacy act and
California law, which goes further in protecting individual privacy.
It's easy to understand the anger Borland executives felt in discovering
an apparent information hemorrhage. But the methods employed by Borland,
which likes to flaunt its "barbarian" ways, may have been a little too
barbarian by the standards of the federal statute. The one thing for
sure is that all parties will be involved in a lengthy and expensive
court battle to sort this out. The final result may be a draw between
Borland and Symantec, and a new definition of privacy for the rest of
corporate America.
Borland could have strengthened its case against Wang if it had followed
the recommendation of the Electronic Mail Association to announce its
policies on electronic mail. As it was, a source says the Santa Cruz
County District Attorney staff took potential violations of the
electronic privacy act so seriously that they used a top computer-crime
prosecutor from the San Francisco area to help write the search
warrants.
Despite Borland's hard-learned lessons, it continues to refuse to
implement a formal E-mail privacy policy that declares just when
electronic messages sent from company equipment are company property.
Perhaps Borland is afraid that announcing such a policy would simply
remind miscreants to erase incriminating E-mail files before they are
found. If so, that's naive and shortsighted.
Some companies may be reluctant to announce in advance that they are
constantly snooping. So be it, but then they should refrain from
scanning MCI in-boxes. Whatever they do, they have to confront the
reality of the enormous power of digital media. In an age when a
company's most valuable property may be intangible the source code for
a software package, for example an E-mail account may amount to an
unlocked door on a warehouse.
The electronic privacy act's procedures may need streamlining, and the
Borland case may be the ratchet that makes the adjustments. By the time
Borland could have obtained court authorization to examine Wang's
electronic mail, some of the messages might have been deleted by MCI's
automated five-day cleanup function. New legislation requires fine-
tuning in the light of the complexities of real world situations in
order to be effective for the purposes for which it was originally
designed. But the lesson here is that corporations must begin to adjust
their own policies to fit the technologies they use.
from Forbes Magazine November 9 1992
Mitch Ratcliffe, editor-at-large for MacWEEK, provided research assistance
for this column.
-==--==--==-<>-==--==--==-
BUILDING BLOCKS TO SYSTEM SECURITY
By Rebecca Mercuri
(mercuri@gradient.cis.upenn.edu)
A Report from the 15th National Computer Security Conference
October 13 -16, Baltimore, Maryland.
I attended the 15th National Computer Security Conference with the hope
of coming away with some solutions for the security problems I had
encountered over the past few years. I left with a longer list of
problems, and the vague feeling that our industry has become remiss in
providing us with answers that we can use, or has answers and is either
incapable or unwilling to yield them publicly.
Let me state clearly here that this comment does not reflect negatively
on the conference organizers. They performed their task well, creating a
superbly orchestrated event that covered a broad spectrum of
topics. Indeed, "rookies" were liberally mixed on panels with esteemed
"greybeards" and many women (sans beards) were in evidence as session
chairs and presenters (although I was somewhat dismayed to note that
females appeared to constitute less than 10% of the attendees, lower
than in the computing community in general). The breadth and extent of
the conference does not allow one reporter to describe it fully, so I
offer these remarks merely as comment and commentary, perhaps to
stimulate discussion.
The conference had an international flavor. The keynote was by Roland
Hueber (Directorate General of the Commission of the European
Communities) and the closing plenary on International Harmonization
serving as bookends. There were repeated calls for cooperation in
developing global security standards, with the primary advantages of
such appearing to be in commerce. In the wake of the cold war, there
seems to be a spirit of openness in this regard. I offer the
speculation that it may be foolhardy to enter into conformity of thought
and solutions. Diversity, particularly in commerce, inspires
creativity. Monopoly, or single-mindedness, often leaves one at risk of
exploitation by a strong central power, or of attack by those who are
close enough or who understand the system well enough to side-track it
We may need "fault-tolerant" and "diversified" answers.
It is useful to juxtapose thoughts about covert channels with those
about encryption systems. For the uninitiated, covert channels are
created when internal intermittent polling is performed in an effort to
conceal illicit data collection activities. Bob Morris provided the
statistic that 1/10 of a bit per second is enough to expose a key in
approximately 1 month. This is at current processing rates, but one can
extrapolate out the Silicon Valley curve and surmise that our current
key encryption systems will be inadequate within the end of the century
(if not now, perhaps).
In the quest for security tools one encounters the debate on provability
and formal top level specification. With respect to covert channels,
Virgil Gligor referred to "formal top level specification as an
unmitigated waste of time," saying that data structures and source may
not map to the top level, there may not be enough relevant details
provided, and excessive false illegal flows may occur. Earl Boebert
stated that formal proving methods have worth in analysis of
specifications, but have failed utterly in spec/code, code/object, and
code/behavior correspondence. Still, formal methods have their
supporters, most notably SRI, as indicated by John Rushby,
one of their directors (who also publicly revealed that there had been a
major successful break-in at the lab last month). Interestingly, the
panel on Intrusion Detection was chaired by SRI's Teresa Lunt, who
discussed the use of expert systems to encode vulnerabilities, attack
methods and known suspicious behaviors. Steve Snapp expressed the
divide and conquer approach, saying that there may be no single
generalizable model of intrusion, and that static, incidence/existence,
and data driven methods should all be used.
The matter of viruses was explored throughout various sessions. The
general consensus of opinion seemed to be that rigorous procedures and
policies need to be implemented so that recovery is possible to some
level following contamination or invasion.
In the talks I attended, no clear method for handling the recovery from
a "new" virus (that can not be eradicated with existing software) was
offered. This was not consoling to someone who had just last week left a
client's law office with the admonishment "don't use any of the text
files that you've created in the last 6 months until I can find out what
the new virus strain is that appears to have adhered to some unknown
quantity of them." Here too, the standardization on certain operating
systems and environments (such as Microsoft Windows(TM)), and uniform
acceptance of specific tools (such as the legal community's reliance on
Word Perfect(TM)) encourages the proliferation of attacks that could
potentially disable large sectors of the user base.
Losses seem to be tied heavily to the bottom line. In banking, it may
not be advantageous to implement a $10M or more security system that
still does not assure total impenetrability when insurance coverage can
be obtained at a cost of $1M (even if this price only remains low until
there is a hit).
In health care, as described in Deborah Hamilton's award-winning paper,
the bottom line may indeed be one or more people's lives. As true with
drug approvals, it is easy to see that holding back an inadequately
tested computer system may cost more lives than providing it while
make improvements and corrections. How does one weigh security,
reliability and verifiability issues when there is a crying need for
access to the developing technology? We are faced with a moral dilemma
without a governing body to set policies.
The area of privacy was eloquently addressed by Attorney Christine
Axsmith who said that our reasonable expectations of privacy, as
expressed by the 4th Amendment, protect people, not just places. But she
went on to say that with regard to the computer industry, the Privacy
Act and other legislation efforts still suffer from a lack of court
rulings necessary to define their interpretations. Will our efforts to
improve security undermine privacy?
Curt Symes (from IBM) stated that "we'll all be using smart cards in the
future, for a higher level of authentication." Does this mean that I
will eventually be required to be bioidentified (DNA, fingerprint,
retinal scan, voiceprint) in order to obtain access to my own data and
research? A chilling thought.
In conclusion, to paraphrase Peter Neumann, perhaps the conference theme
"Information Systems Security: Building Blocks to the Future" should be
read not as "building-blocks" (the small bricks), but as "building
BLOCKS" or obstacles to our future as security professionals. There is a
sense of urgency now -- many of us need more than a foundation of toy
blocks, requiring true solutions which appear to not be forthcoming.
What we don't want are systems and design structures that are so
cumbersome as to impede computational progress. Discussion may be
fruitful, but let us put our noses to the grindstone and provide
functional tools and answers, rather than guidelines and assertions.
While some are working in this direction, many others are needed.
NCSC '92 -- Comment and Commentary
Copyright (c) 1992 by Rebecca Mercuri. All Rights Reserved.
Reposting and/or reprint not granted without prior written permission
from the author. Address questions, response and corrections to:
mercuri@gradient.cis.upenn.edu
-==--==--==-<>-==--==--==-
THIS OLD DOS
Hi, I'm Bob Wheeler Dealer, and welcome to This Old DOS. Last week you
may remember we renovated the Charles Babbage Family computer. We
upgraded their antique CPM to the IBM operating system known as MS DOS.
And this week on This Old DOS, we're continuing our renovation by
installing a brand new operating system, supposed to be real easy to
use, called Windows. And boy am I excited. So let's go around back and
see how Norm is doing with it.
Bob: Hi Norm; how's it going?
Norm: Oh, hi Bob. Well as you can see I'm about to install Windows on
our old machine.
Bob: No glass in these Windows, huh Norm? Ha ha.
Norm: Ha ha. That's right, just a handful of floppy disks. This is an
attempt at making an IBM PC work *a little bit more* like an Apple
Macintosh. Instead of typing commands, you just move a lot of little
pictures around on a screen.
Bob: I can't wait. Sounds simple enough; let's take a whack at it.
Norm: Well, ok, the first thing we do is install these disks. Pop them
in the computer and follow the uh directions on the screen. Here you
try (sound of hard drive grinding). That's it.
Bob: Simple enough.
Norm: Ok, Bob, now the machine wants to know if you want to modify your
config.sys or change your autoexec.bat to automatically load when the
machines boots up. What do you want to do?
Bob: What's a config.sys? I don't anything about this stuff.
Norm: Never mind, it's ok Bob, I'll take care of it. There. Now to be
really state of the art, we've got to upgrade our microprocessor (sound
of sawing). That's the computer chip inside inside so that these
Windows will work fast enough. Otherwise, you know, you might as well
go out and get a cup of coffee while the screen draws pretty pictures,
heh heh. So let me get one of these uh 486 chips. We've got a crane
here. Hey fellas.. fellas! You wanna load that puppy here inta place?
Careful! (sound of machinery) Don't bend the pins! There, all snapped
in.
Bob: All right, now we're ready to open Windows, right?
Norm: Not on your life, Bob. While we're at it we're building an
extention onto the memory board for those fat, greedy programs that
gobble the stuff up. I'll just hammer a few of these 4 megabyte chips
into place (bang bang). There, now we've got 16 megabytes on board.
Narly, man!
Bob: All right, let her rip, Norm.
Norm: Not so fast, Bob! Those big Windows programs need lots and lots
of storage space. Charles talked to his banker and decided to spring for
that 200 megabyte beauty there. Hand me that..uh
Bob: You mean this thing here? (groaning and grunting)
Norm: Yeah, that's the hard drive. Ah, thanks. And they want to do
multimedia.. you know sound, graphics, computer games... the latest --
so we'll add on a new super VGA monitor..
Bob: Something else?
Norm: A CD ROM drive..
Bob: Something else? More stuff?
Norm: Yeah, we have a sound board and special speakers if you want that
great sound.
Bob: This .. this isn't so simple anymore!
Norm: Well, we're just about ready to go. That's about it.
Bob: All right now, with all this preparation Norm, this had better be
great.
Norm: Well, I hope so, let's (sound of drive grinding) load up Word
Perfect, Lotus 1.-2-3, Excel, and FileMaker Pro and watch her rip!
(beep.. crash). Oh-oh.
Bob: What happened? What happened?
Norm: Well, it looks like a system crash.
Bob: Oh no!
Norm: Don't worry! We can fix this thing. We can fix it.
Bob: What do we do now, give up?
Norm: No, Never! We drop everything and start over. That's the American
Way. You keep changing stuff until you find what's wrong.
Bob: Now, how long is this gonna take? I haven't got all weeks to..?
Norm: Don't worry! We'll I'll have this thing running like top, Bob.
In the mean time you can go back in my shop there and use my Mac.
Bob: All right, you keep working at it Norm. We're out of time folks.
Join us tomorrow for the start of our new 50-part series: "How to
install and maintain a Local Area Network." Until then, bye bye for
This Old DOS!
(c) Copyright National Public Radio (R) 1992. The segment by NPR's Ira
Plato was originally broadcast on National Public Radio's "Talk of the
Nation" on September 11, 1992 and is used with permission of National
Public Radio. Any unauthorized duplication is prohibited.
-==--==--==-<>-==--==--==-
MEMBERSHIP IN THE ELECTRONIC FRONTIER FOUNDATION
If you support our goals and our work, you can show that support by
becoming a member now. Members receive our bi-weekly electronic
newsletter, EFFector Online, the @eff.org newsletter
and special releases and other notices on our activities. But because
we believe that support should be freely given, you can receive these
things even if you do not elect to become a member.
Our memberships are $20.00 per year for students, $40.00 per year for
regular members. You may, of course, donate more if you wish.
Our privacy policy: The Electronic Frontier Foundation will never, under
any circumstances, sell any part of its membership list. We will, from
time to time, share this list with other non-profit organizations whose
work we determine to be in line with our goals. If you do not grant
explicit permission, we assume that you do not wish your membership
disclosed to any group for any reason.
---------------- EFF MEMBERSHIP FORM ---------------
Mail to: The Electronic Frontier Foundation, Inc.
155 Second St. #39
Cambridge, MA 02141
I wish to become a member of the EFF I enclose:$__________
$20.00 (student or low income membership)
$40.00 (regular membership)
$100.00(Corporate or company membership.
This allows any organization to
become a member of EFF. It allows
such an organization, if it wishes
to designate up to five individuals
within the organization as members.)
I enclose an additional donation of $
Name:
Organization:
Address:
City or Town:
State: Zip: Phone:( ) (optional)
FAX:( ) (optional)
Email address:
I enclose a check [ ] .
Please charge my membership in the amount of $
to my Mastercard [ ] Visa [ ] American Express [ ]
Number:
Expiration date:
Signature:
Date:
I hereby grant permission to the EFF to share my name with
other non-profit groups from time to time as it deems
appropriate [ ] .
Initials:
Your membership/donation is fully tax deductible.
=====================================================================
EFFector Online is published by
The Electronic Frontier Foundation
155 Second Street, Cambridge MA 02141
Phone: +1 617 864 0665 FAX: +1 617 864 0866
Internet Address: eff@eff.org
Reproduction of this publication in electronic media is encouraged.
Signed articles do not necessarily represent the view of the EFF.
To reproduce signed articles individually, please contact the authors
for their express permission.
=====================================================================
This newsletter is printed on 100% recycled electrons.
Comments
Post a Comment