Very Computer

Quote:

> People talk. Others listen. You never know who. There's folks on this
> newsgroup who've been popped for pirated software on a BBS. I know; I've
> talked with them. The FBI gets involved in this stuff. When they do, they don't
> go around contacting authors to check to see if it's OK. They look for
> copyright notices. It doesn't require anyone but the law enforcement officials
> to press charges.

I've often wondered if the FBI/CIA/NSA monitors the Internet. I wouldn't be
suprised. I wonder if they ever read email on its way to its destination?
I wouldn't be suprised if they did. All in the name of national security,
of course. I think an encryption standard for email would be nice.

Ed

--
Ed Watkeys, Sys Admin.  "...The errors of great men are more venerable
Distant Software         because they are more fruitful than the truths

I would be quite surprised if the NSA did anything like this.
Although `monitoring' communications is their bailiwick, they
are prohibited from doing such collection when US citizens are
involved. I never had much to do with the CIA but I believe they
fall into the same category since it is an `intelligence' gathering
agency. The FBI is another story. Of course that still doesn't give
them permission to intercept communications without reasonable
cause that some crime was commited.
Of course that doesn't mean that officials wouldn't take an interest
in reading netnews. It would be a good method for gauging what it
is going on in `netland' to determine whether an investigation is
justified.
Oh one other point. The NSA can be involved in providing secure
comminications (in the name of national security) and as such could
monitor such things as military networks to insure that nothing
classified is leaked. But they would not be interested in whether
you pirate software games.
-jeff

Quote:>I've often wondered if the FBI/CIA/NSA monitors the Internet. I wouldn't be
>suprised. I wonder if they ever read email on its way to its destination?
>I wouldn't be suprised if they did. All in the name of national security,
>of course. I think an encryption standard for email would be nice.

Of course, if there were an encryption STANDARD, don't you think they would
be able to unencrypt it???
----


UUCP:     crash!pro-ace!wsheffield

  No. At least not without using a lot of resources which would most
likely be used elsewhere. DES (Data Encryption Standard) is pretty
much crackable by brute-force only (i.e. trying every single key); I
think there's a non-brute-force method, but it's only faster than
brute force when the key length is a bit longer than the current 64
bits (not sure about the details).

--
David Huang                                 |

UUCP: ...!ut-emx!ccwf.cc.utexas.edu!daveh   |     for cooking anymore."
America Online: DrWho29                     |

Well, rumor has it that the gov't made IBM cut back on the length of the key
in DES so that they could crack it if the needed to. The same thing is apparently
happening with RSA (the public key encryption algorithm), where they're trying
to shove a universal prime number down everyone's throat (I don;t know any
of the details on this I gues the ?.security group would be a nice place to
ask).

Ed

--
Edwin H. Watkeys III                       System Administrator

AOL: EdWatkeys

Actually, it is quite possible to create encryption standards which cannot
be cracked, where each person has their own prime number key. This is the
RSA standard that Edwin Watkeys was talking about. Your government
disapproved of it, though, and came up with a complete-waste-of-time system
where various govt. agencies have the ability to decrypt any
message/file/whatever (defeating the point entirely). On with freedom of
information, and all that.

Marc Sira               |

                        '

DES was pretty much designed to be unbreakable by anyone who doesn't have
a ba*t full of Crays.  Which the NSA has.

Didn't you ever wonder why the government would approve a scheme which it
could break but few others could, and then tightly control imports & exports
of data encryption schemes...?

Quote:>David Huang                                 |

--

[ Above opinions are mine, Amdahl has nothing to do with them, etc, etc. ]

Actually, it depends on the standard. Notice this: Other standards than
EDC (sp?) are prohibited by law, as far as I know. As to why, that is
speculation. Some say because EDC is old, and therefore high powered
massive parallel systems especially built for that purpose can decrypt
it in about 4 hours time (fast, eh? But really, as far as I know, that is
true. Of course, that machines are not good for anything else :).

With other standards, they would have a much harder time decrypting it.
But, assuming you cling to EDC, it is still highly unlikely that they
will spend 4 hours to decrypt your E-Mail.

Of course, both you and your partner must know the key. And that has to be
delivered by some way, too :)

All in all: It's not worth the hassle.

(Last but not least: Having the algorithm known does NOT mean that it's easy
to decrypt something).

Soenke