Hacker News new | past | comments | ask | show | jobs | submit login
PGP released its source code as a book to get around US export law (wikipedia.org)
211 points by WhiteDawn on June 12, 2014 | hide | past | favorite | 47 comments

I actually moved to Anguilla for the same reason -- outside the USA, I could sit in a room next to a Dutch (non-US) citizen, and I could write/publish (to the Internet, accessible to at least 50 people) an academic paper describing an algorithm. He could download it, implement it in Java, publish it, and I could look over it and give comments. Thus, complying with ITAR.

(This was for anonymous electronic cash, in a better system than bitcoin, invented in the 1980s; there were also RSA patent and Chaum patent considerations at the time, which were also not valid outside the US, and ML/etc. reasons why non-US providers were more likely to adopt it. We ended up getting fucked when a different political party got elected on the island and residence visas were pulled (we'd supported the other one), and then the e-gold federal indictment/prosecution/etc. (they were an investor). Also, living on a Caribbean island is not actually as much fun as you'd think.)

Just out of curiosity, can you go more into detail about "Also, living on a Caribbean island is not actually as much fun as you'd think."?

Is it the boredom and bureaucracy? Or something else?

Boredom when all the tourists are gone (they were only there a couple months out of the year; the locals were either old retired expats, or locals who all knew one another and were related since birth; the 3-5 of us who were western hacker types were totally isolated). Beaches/etc. sucking. I was also not paid enough in cash to eat anything but shitty "goat roti" or other stuff like that, and I didn't really drink (I was 18) which was the main recreational activity on the island. I didn't smoke mj, which was the other recreational activity.

The Internet was maybe 200-300Kbps tops, and kind of unreliable, and sucked a lot since I'd just been at MIT with a "huge" 3x45Mbps connection, working at Media Lab with the SGI Onyxes for anyone, etc.

> anonymous electronic cash, in a better system than bitcoin

Please, please write more about this!

Well, it was "better" on every axis except one -- it was centralized. But anyone could be an issuer of a currency, on his own infrastructure (potentially run by third parties), so while each currency was centralized, you could have an arbitrary number of currencies, and meta-currencies (e.g. a "this is a basket of all USD IOUs from US Fortune 500 companies"). There was no inherently centralized point; open source software, a bunch of loosely connected servers, and using realtime markets for the decentralization.

Being decentralized is a huge advantage for Bitcoin in a lot of scenarios, but where being decentralized doesn't help, Bitcoin has a lot of baggage, is slow, inefficient, not inherently cryptographically secure (i.e. the safety comes from size of network, not for the first participant based on the strength of a public key algorithm). So, IMO, in the ideal world we'll have both something like Bitcoin for when decentralized single currencies are needed, and a bunch of centralized currencies for other purposes.

The closest thing active right now is Chris Odom ("Fellow Traveller")'s Open Transactions (http://opentransactions.org/wiki/index.php?title=Main_Page)

I think they have a commercial company in this area: http://monetas.net/ but I know basically nothing about it.

I'm a bit familiar with OT, but even more familiar with Ripple. And as huge of a Bitcoin supporter as I am, even I can admit that Ripple is fundamentally a better, more performant, and probably more secure sytem. Chief cryptographer David Schwartz (JoelKatz) has been doing yeoman's work there. It's too bad the company has been sunk by greed and mismanagement, which in turn gave them a bad rep among Bitcoiners.

I have no idea what your system is, but if it was similar to Ripple (and it sounds a bit like it) then I'm beginning to think this is a sounder approach to cryptocash.

I think this all much better than Bitcoin. Also MORE decentralized, because it is not controlled by a clan of money issuers called "miners", instead it is a real competitive market.

Yeah, it's a loosely-coupled decentralized system vs. a tightly-coupled decentralized system. Advantages and disadvantages to each.

> Well, it was "better" on every axis except one -- it was centralized.

Back in the 80s, I built a car that was better than Google's self driving car in every way except one -- A person had to drive it.

> I built a car that was better than Google's self driving car in every way except one -- A person had to drive it.

You built your own car, in the 80s? Awesome. Got any pics? What were the stats? I imagine designing your own engine and gearbox was fun!

Yes, I'm being sarcastic, but it's to point out something very important. The OP actually built what he's talking about. Sure, it had some limitations, but he really did build it. You, however, did not build a car.

There's a fundamental difference between "centralized, like gmail.com" and "decentralized, like everyone running their own mail server" (which is what what I built, OT, etc. are) and "decentralized, like bitcoin (well, bitmessage, in this analogy)".

I'd argue that gmail is farther from "everyone runs a mail server" than "everyone runs a mail server" is from something like bitcoin/bitmessage.

Fair enough, I suppose I've complained in the past that folks on HN are too negative when people discuss products they've built.

The GP isn't mocking the OP's work, just trying to point out it's a total apple and oranges situation.

FTP is every bit better than BitTorrent, except for that whole centralization thing.

FTP is awful. It was designed at a time where opening random ports back and forth was acceptable. Use ssh/rsync if you wanna just file transfer.

Bittorent is trying solve another set of problems, not file transfers.

Eh. ssh/rsync is a hack, and not a very good one at that imho. scp is closer to being more useful, and rsync's native daemon/protocol is also good, though obviously not secure. FXSP is my favorite form of secure file transfer; accounts are independent from the system users, you have total control over the transfers, and they're between high-bandwidth bastions which the user doesn't need direct access to (not to mention the client doesn't have to stay connected to transfer the file[s]!)

You mean this: http://en.wikipedia.org/wiki/File_eXchange_Protocol ? So what's about

"Enabling FXP support can make a server vulnerable to an exploit known as FTP bounce. As a result of this, FTP server software often has FXP disabled by default."

That's.... dumb. It's not a vulnerability, it's a feature. The entire point of using FXP is to connect one server to another remote server. With FTP it was a "vulnerability" because people didn't expect users to send files or connect to random hosts, but with FXP it's the whole point of the protocol. (FTP bounce attacks have also been a solved issue for decades)

I think you are agreeing with your parent post. He's pointing out that BitTorrent is better then FTP and the reason it is better is because of the decentralisation, thus addressing rdl's claim that his digital currency was better than BitCoin, but centralised.

I sure do!

> Well, it was "better" on every axis except one -- it was centralized.

I can assure you that if Bitcoin wasn't decentralised by design (which is like saying 'if this wooden desk wasn't made of wood'), it'd likely be better than whatever you're talking about by a wide margin.

In fact, half the people in here could build you something better than Bitcoin if you just took away that darn decentralisation aspect.

Why the hate? The OP had an interesting comment about working on a project 30 years ago that is still a problem being worked on today. BTC would have been a pretty spectacular fail in the 1980s, different times call for different solutions.

You don't even know what is he talking about.

Yeah I helped verifying the scanned and OCRed pages of code at the HIP97 conference in The Netherlands. A lot of cypher punks got together there to finalize the legally exported code on paper and turn it into a new digital distribution that was put back online outside of the US.

Anyone else here who was at HIP97?

HIP - still have the T-shirt. I was the one on the wooden shoes, with the network sniffer running on a laptop in my tent during the whole thing :-)

I am missing something here. It seems a restriction on exporting software is like a regulation on which air molecules can flow out the door. It's impossible to enforce in the internet age. So why all this workaround? Why not just give it freely to people in the US with the full knowledge that one or more of them would email it to people in other countries, possibly compressed or encrypted so that it wouldn't be recognizable if someone scanned the files?

Was this all just so that there was a plausible legal explanation for the code's existence outside the US, even though the means to make it happen otherwise were already obvious and undetectable?

Yes -- the issue was the code was strongly associated with named US persons in the US. If the code appeared outside the uS, it would have been difficult or impossible for any entity complying with US law to make use of that code, and there might have been serious repercussions on the named US people (PRZ, specifically).

The source code itself got posted anonymously before this point (I believe on cypherpunks@toad.com list), but officially exporting it like this was still helpful.

The goals were: staying out of jail but ALSO potentially making money through commercial versions, support, etc. There have been at least 3 incarnations of PGP as a commercial company.

yep. Somewhere, the BBC still has footage of that happening, taken by me for a mini-handcam documentary on crypto.

Even more interesting - Richard White's tattoo of the RSA algorithm back in the 1990s. It was an open question whether his arm could travel outside the US.


Very interesting. But the link to the actual tattoo on that page appears to be broken. Here it is: http://imgur.com/xKupqeG

Would it be considered as "exporting the algorithm" if I was to view it from a location outside of US? Assuming here is that the photo is hosted in the US.

Billboard at the Mexican border?

Damnit, we need a better culture surrounding publishing on the web, and specifically around maintaining links. All of the interesting hyperlinks there are dead.

Sorry, that's my web archive of a mailing list. List traffic was supposed to be ephemeral at the time, not some kind of list of record. (and running list archives got some people in trouble, including me with the IRS CID, which was less fun but also less dangerous than it could have been)

Here's a page with the relevant images: http://www.cypherspace.org/rsa/


... i.e. Web prehistory. It's not surprising a lot of it is gone after 19 years.

When Debian decided to incorporate crypto code in main (before, a "non-us" section was dedicated to that), it became necessary to declare the export. So they printed descriptions of the software and mailed it to the Department of Commerce:

https://ftp-master.debian.org/crypto-in-main/ (with pictures of course)

We no longer do this because they didn't like the volume of mail they were getting :)

The whole "publish the source code as a book" thing was really more of a publicity stunt to demonstrate how absurd the regulations were. It was inspired by an earlier case (brought by Phil Karn), in which the US government ruled that Bruce Schneier's "Applied Cryptography" book did not fall under the export restrictions but a disk containing the source code that was printed in the book did.

The absurdity reached its peak when some bright spark wrote a three-line implementation of the RSA algorithm as a perl script (intended to be used as an email signature) and submitted it to the appropriate US government department for classification under the export controls, who promptly declared that anyone who wanted to export it needed to obtain a licence.

So, people started putting it on t-shirts ("This t-shirt is a munition!"), getting it tattooed on themselves ("I am a munition!"), etc.

Of course, this was all beside the point because the source code for all this stuff was widely available on the Internet.

The net effect of the export restrictions was that companies like Netscape and Microsoft had to create "export" versions of their browsers that were limited to a maximum key size of 56 bits. In '98 (I think), the US authorities relented somewhat, by allowing a scheme whereby financial institutions could get a special "Global ID" SSL certificate from Verisign that allowed the web server to persuade export browsers to "step up" their encryption to 128 bits.

Even after the US government relaxed the restrictions (in early January 2000), it took a long time for people to upgrade their browsers. I went to work at Deutsche Bank in the summer of 2000, where I was responsible for setting up the web servers for online trading systems and I can remember having to carefully craft the SSLCipherSuite section of httpd.confs to force export browsers to step up to a key length and encryption algorithm that satisfied the regulatory requirements for protecting trading systems.

It wasn't just the US who had controls on crypto either. I can remember learning far more than I ever wanted to know about the Wassenaar Agreement and the UK's Open General Export Licence because somebody wanted to give Identrus smartcards to clients who were located elsewhere in Europe.

And then, of course, the UK introduced RIPA, which allows the police to demand that anyone who has access to an encryption key turn it over. If you refuse, you can be sent to prison.

Something I was always curious about since I first found out about this trick: Why did the book not contain some error correcting codes at the bottom of each page to simplify the scanning process? Would it have somehow lessened the legal protection of Zimmerman's free speech?

I think later versions did.

Yes, the first book set was to test the "bandsaw" protocol and getting it back into electronic format.

IIRC, they also tweaked the font for better OCR.

The preface from the author is a great read, better than the Wikipedia article:


Please note that the "war on cryptography" is not over. There are still export controls in most of the world (including USA and EU).

For an up-to-date reference see http://www.cryptolaw.org/cls-sum.htm

Heh, I remember when PGP 2.6i became available. I ended up using it very early on, to the point of where I actually came up with a (really sketchy) translation for it.

This would have been late 1992 or early 1993.

Is there a list of cryptographic algorithms I cannot export / share / write for clients outside of the U.S? My guess is they are things hidden from us but I could be wrong.

Anything with 64b+ encryption must be reported [1]. Strong encryption is still subject of export restrictions. For example, Java need special unlock to enable encryption 128bits+

[1] https://www.federalregister.gov/articles/2010/06/25/2010-150...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact