From hungary-online-owner Mon Dec 4 05:08:13 1995 Received: from localhost (daemon@localhost) (fnord) by nando.yak.net (8.6.5/8.6.5) id FAA00626 for hungary-online-out31415; Mon, 4 Dec 1995 05:08:13 -0800 Received: from localhost (daemon@localhost) (fnord) by nando.yak.net (8.6.5/8.6.5) id FAA00615; Mon, 4 Dec 1995 05:07:52 -0800 Received: from ddt@lsd.com () via =-=-=-=-=-= for hungary-online@hungary.yak.net (613) Received: from netcom13.netcom.com (root@netcom13.netcom.com [192.100.81.125]) (fnord) by nando (8.6.5/8.6.5) with ESMTP id FAA00610 for ; Mon, 4 Dec 1995 05:07:37 -0800 Received: from [129.46.82.90] by netcom13.netcom.com (8.6.12/Netcom) id EAA04566; Mon, 4 Dec 1995 04:34:24 -0800 Mime-Version: 1.0 Content-Type: text/pgp; name="GAK_the_Spooks_not_the_Civilia" ; format="mime" Content-Disposition: inline; filename="GAK_the_Spooks_not_the_Civilia" Message-Id: X-Sender: Level Seven Design X-PGP-KeyID-Fprnt: 4AAF00E5 - 30D81F3484E6A83F 6EC8D7F0CAB3D265 X-PGP: http://www-swiss.ai.mit.edu/htbin/pks-extract-key.pl?op=get&search=lsd X-Floppyright: (f)1995 LSD.com _ Unlicensed retransmission prohibited. Date: Mon, 4 Dec 1995 04:40:55 -0800 To: cypherpunks@toad.com From: Dave Del Torto Subject: (HOL) GAK the Spooks not the Civilians Cc: hungary-online@hungary.yak.net, zamir-chat-l@igc.apc.org Sender: owner-Hungary-Online@hungary.yak.net Precedence: bulk Reply-To: Hungary-Online@hungary.yak.net -----BEGIN PGP SIGNED MESSAGE----- Message-Id: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Sender: Level Seven Design X-PGP-KeyID-Fprnt: 4AAF00E5 - 30D81F3484E6A83F 6EC8D7F0CAB3D265 X-PGP: http://www-swiss.ai.mit.edu/htbin/pks-extract-key.pl?op=get&search=lsd X-Floppyright: (f)1995 LSD.com _ Unlicensed retransmission prohibited. Date: Mon, 4 Dec 1995 04:40:07 -0800 To: cypherpunks@toad.com From: Dave Del Torto Subject: GAK the Spooks not the Civilians Cc: hungary-online@hungary.yak.net, zamir-chat-l@igc.apc.org #define GAK Government Access to Keys, aka "key escrow": a copy of the secret half of your secret/public cryptographic key-pair, normally known only to you, is held in a "vault" somewhere by your government in case they decide they need to read your encrypted private email with/without your knowledge. Here's an argument in favor of a _limited_ GAK* system, and a timely example of why I think it's necessary. As I see it, there are two main varieties of GAK-mail: #1: GAK for Citizens' keys #2: GAK for Government employees' keys I'm disregarding #1 right off as being totally unacceptable, but I favor a form of #2 "...of, by and for the People" directed at the government itself and monitored by the elected representatives of the Executive and Legislative branches as perhaps being essential to Democracy's survival. Where official business is concerned, some form of GAK could go a long way toward preventing the majority of everyday abuses by subrosa forces in a government. It might be useless to aim it at teflon-coated, black-budgeted outfits like the CIA or NSA, but it could keep a lot of other officials honest as they go about doing the everyday business of running OUR government for us through email. One of the main reasons that the TLAs are pushing so hard for GAK is the Culture of Distrust they stew in. They choose it: they breed and feed upon and among the very sorts of minds who become involved in covert activities: spooks. A Spook Culture begets a Spook Attitude towards other spheres of social interaction -- like secure email between PGP, Eudora and Netscape users who just desire private communications. I think this Spook psychology is unavoidable, but if they'd just stick to loosing their creations on *themselves*, then fine. I just learned from CBS's "60 Minutes" program, along with millions of other Americans, about a disturbing event involving the Clinton administration, the State Dept and the CIA. I say "alledgedly" to be fair (after all, no indictments have been handed down...yet) but it looks reasonably clear to me: the interview was with the main individual involved and he was quite clear about what had happened. Even if it's untrue, it's a roadmap for what could easily happen if back-channel operators are allowed to run the government during those milliseconds when the people we elect to do it turn their heads. You may remember the incident not so long ago where a US naval vessel was set to deploy a peace-keeping force of Marines in the capital city of Haiti so that President-elect Aristide could later assume office (foreshadowing IFOR). The USS Harlan County was within a few thousand meters of docking, when a small riot developed on the quay (in full view of camera crews). Clinton decided reluctantly to abandon the landing at the last minute. There were apparently only 40 or so FRAP members involved, but there they were on the US nightly news that evening (interesting, but another topic). One "Mr. Toto Constant," a leader of the right-wing Haitian militia group FRAP and reportedly a longtime CIA contact/operative, claimed in an interview on the CBS report that he met with the CIA station chief in Port-au-Prince BEFORE the scheduled landing and assured him that the planned FRAP "media frenzy" on the docks was going to be peaceful, was to be performed for the benefit of the cameras only and would be no threat to US personnel whatsoever. The CIA refused to confirm these allegations, but according to CBS, Warren Christopher later implied that Constant was telling the truth about having dealt with the CIA in the past. Hmmm. The plot thickens: this CIA station chief alledgedly then disinformed President Clinton, the Secretary of State Christopher and the cabinet (and one assumes the Congressional overseers as well) about Mr. Constant's assurances that there was no danger to the US Marines. Because he was unaware of the lack of a real threat and because he was also misinformed by the CIA that there might in fact be a threat, Clinton's hand was forced by popular fears and media speculation about another "Somalia" scenario, and he made the difficult decision not to land the troops. The domestic result was cries of "cowardice" from conservatives and frustration among US voters. Does this smack of Watergate-style dirty tricks to anyone besides me? Rogue elements in the CIA manipulate intelligence information, provide the President of the US (up for re-election) with faulty information, advise him to make an embarrassing foreign policy decision in contradiction to information they possess and then conservatives in the US Congress and Republican party accuse him of being soft and unable to show leadership. And people suggest Fred Cohen is overdoing his caffein intake? Pour me a cup, Fred. These are the same guys suggesting they'll hang on to a copy of my secret key. Yeah, sure. The riots quickly evolved into murder squads consisting of Haitian military units and former Ton-Ton Macoutes who purged the Aristide supporters among their fellow Haitians until Clinton sent Jimmy Carter down, followed closely by the Marines. The resulting genocidal catastrophe was an atrocity, a blow against Caribbean stability and a major embarrassment to the Clinton administration. Meanwhile, the CIA (and maybe Army and Navy Intelligence) quietly raided a Haitian facility and "confiscated" 150,000 items of evidence, which they still refuse to turn over to Aristide, even though it reportedly contains info on the CIA's contacts within FRAP, the group still trying to destabilize his government. To add insult to injury, the US still insists Aristide step down in February 1996, years short of a full term, if you count the time he spent in forced exile after his original election while the Haitian elite stripped the paintings off the walls and headed for Switzerland. It's hard to blame Aristide for being a bit upset about under these circumstances, but he made his bargain with the You-know-what... Besides the Haitians who died in the subsequent political violence, and the blow to the stability of the developing Haitian democracy and US foreign policy, this incident, even if it only has roots in the truth, is a troubling indication that "shadow governments" operating inside and behind the elected US governement have a profound effect on our lives. After all, it's CIA intelligence that supposedly tells us when it's safe to drive the 1st Armoured's A-1's down to Sarajevo, right? It also brings up some other interesting questions: + Did CIA take the same guy they had in Haiti and rotate him to Bosnia to lunch with Karadzic? + Information is power: do the intelligence services of our government wield it _at_ their own Executive branch "handlers?" + In this climate, are CIA and related intelligence branches having an impact on the specifications (eg. Fortezza) for methods and systems that could exert controls over the information we as citizens can keep private -- solely for purposes of self-preservation? If the Executive branch's policy initiatives (whether we like them or not) are at the mercy of forces WITHIN it, how can they possibly hope to store our escrowed keys safely, much less guarantee a US democracy? Who is it in the White House that keeps an eye on the message traffic of this CIA station chief? Who keeps a copy of HIS secret key escrowed and who vets the intelligence he generates before it ends up at cabinet-level decision-making meetings where US troop movements are decided? Just who the heck is running this country? Sure, Clinton and Gore want a national crypto policy: given what their own dogs may be doo-ing it's not that hard to understand, but hey, watch where yer pointin' that GAK there, Bubba. Granted, the more crypto-savvy ophidians in the intelligence services are bound to find other methods for passing such conspiratorial information if they are prone to that, but how many bottom-feeders in our government are trying little maneuvers of this nature through "normal" channels - and how much of _that_ type of activity should be actively monitored (and who polices _those_ police)? Maybe we need to take a closer look as a nation at implementing a better GAK system for the State Department and the Intelligence branches. BTW, the CBS reporters at "60 Minutes" (Ed Bradley, et alia) received a faxed CIA statement while preparing their report, stating that "...the CIA collects and analyzes intelligence, it does not formulate policy..." and that any implication that they manipulated intelligence regarding the Hatian incident "is false." Excuse me while I clear my throat. So, make those GAK versions for the feds, Netscape, but be sure you make the rest of us a vanilla version. I don't need to send my mail from Netscape: I'll stick with an untampered PGP for now. Clinton should require GAK for govt employees doing official business only: if they go home, boot up a non-GAKed system and start sending mail to their spook peers, their traffic should be monitored and they should be hauled up in front of Congress. Hey, couldn't be all bad, right? Later, they can write a book about their experiences, and maybe run for public office like Ollie North. ;) dave ____________________________________________________________________________ "I mixed this myself. (holds up glass of water) Two parts "H," one part "O." I don't trust _anybody_!" --Steven Wright -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Verbum sapienti satis est. iQCVAwUBMMLsQKHBOF9KrwDlAQEgYQP+ITWALlvdS68sdkydQwG/DMgJ1CSI01wX X1U3yWG6txLykUppFPP3hs476KqHLpoeL1tCscj2QRCqYY1sz4NoZ3ZEkJXcMP1Y 6Qt/KpHr/AXTDSDQD7QIFIYzZ4S+69hXiMV7mSK76nRLkbke8REA+k15w03atN+R 2l/vGhu4mzo= =DeD3 -----END PGP SIGNATURE----- ############# # This message to Hungary-Online@hungary.yak.net # was from Dave Del Torto # # To unsubscribe, # send "unsubscribe" to # An announcement-only subscription (less volume) is available # at # Send mail to for more information, # or to if you need human assistance. #############