Archive for September, 2001

Uncategorized

Greymatter woes

Hmm, I’ve been bumping into some problems with Greymatter, the software that I use to update this site. On the one hand it’s really handy that Greymatter produces the HTML for paragraphs whenever I type two carriage returns. On the other hand, I occasionally want to set a CSS class on a paragraph, or use blockquote, and I don’t like the workarounds that I’ve found. Take a look at the HTML for yesterday’s entry and you’ll see what I mean. Looks like I’ll have to do some tweaking.

Uncategorized

History teaches that grave threats

History teaches that grave threats to liberty often come in times of urgency, when constitutional rights seem too extravagant to endure.

Justice Thurgood Marshall (1989)

I complained the other day that Congress was looking to mandate that back doors be built into encryption systems, allegedly to help law enforcement agencies combat terrorism. Those in government who are renewing the effort to restrict public crypto are exploiting fear and outrage at the recent tragedy to impose restrictions that endanger personal freedom.

This’ll be far too quick an overview; I just want to get some ideas down.

The basic argument being made is that terrorists and other criminals use encryption to communicate, and Congress wants to put a stop to it. Law enforcement agencies understandably want to be able to intercept and decrypt these communications, so have long asked that “back doors” be built into encryption systems that would allow them to do so. They maintain that this would only be done with court orders and so on. I don’t buy it.

For one thing, the Senate just voted to allow the FBI to monitor net traffic without a warrant. Yep. I’m not an anti-government raving lunatic, but neither am I entirely comfortable with the US government’s track record in respecting the privacy of its citizens. There have been far too many cases of abuse. The increased use of Carnivore, a system for monitoring electronic communications, should be cause enough for worry. And that’s apparently legal.

There is, I understand, a balance to be struck between the freedom gained by living in a society like ours and the implied restrictions on personal freedom. Rousseau gets dull after a while. What distresses me is the necessary outcome of weakening strong crypto and restrictions on government surveillance. I am dreadfully concerned that the recent terrorist attacks are being used as an excuse to abridge basic Constitutional freedoms.

Americans must rethink how to safeguard the country without bartering away the rights and privileges of the free society that we are defending. The temptation will be great in the days ahead to write draconian new laws that give law enforcement agencies – or even military forces – a right to undermine the civil liberties that shape the character of the United States. President Bush and Congress must carefully balance the need for heightened security with the need to protect the constitutional rights of Americans.”

The New York Times (September 12, 2001)

For the moment, though, I will accept the government’s stated good intentions, because they’re almost irrelevant to the issue at hand.

If only the US government is given access to the back doors, what foreign government or company will accept the idea that the US government can decrypt their messages? The same question was raised for decades while the US outlawed export of strong cryptography (a restriction that was removed a couple years ago). Software companies like had a hard time explaining why the encryption available in foreign countries (or in foreign offices of US businesses!) was considerably weaker than what was available in the US. I’m uncomfortable making an economic argument, but consider this: to cripple strong crypto will damage the US’s ability to compete in global markets.

What if back doors are also made available to foreign governments (presumably non-hostile ones)? How can we assume that those governments will remain non-hostile, or will use the back doors with the same protections that the US government promises its citizens? Make easy decryption available like that, and you might as well not have crypto. Again, I don’t think that the business community will like that, much less people like me who want to protect their personal communications. I may not have anything to hide, but that doesn’t mean that I don’t enjoy my privacy.

Really, though, adding back doors and crippling encryption products will not prevent terrorists’ or other criminals’ ability to use strong crypto: they’ll just use what they have now, get it somewhere else, or write their own using freely available algorithms. As has often been quipped, if crypto is outlawed, only outlaws will have crypto.

I plan to watch this very carefully. Email me if you have questions or flames. And use my PGP key.

Uncategorized

Mozilla 0.9.4 has been released.

Mozilla 0.9.4 has been released. Go get it.

Uncategorized

W3C validator code

Have I been missing something? Has the W3C’s validator code always been out there?

I can see that I’m gonna have to offer an explanation of my comments yesterday about the revitalized anti-crypto efforts in Congress. Later.

Uncategorized

Wired: Congress Mulls Stiff Crypto

Wired: Congress Mulls Stiff Crypto Laws. That is, Congress is seizing the opportunity to start yammering about crippling strong crypto to protect us against terrorists and child pornographers.

Uncategorized

Safari improves

O’Reilly’s online book service, Safari, just got better. O’Reilly’s partnered with several other publishers to offer their books online as well. I highly recommend this service.

Uncategorized

User Friendly.

User Friendly.

Uncategorized

It seems trite to write

It seems trite to write anything about this, but I can’t just ignore it. I’m still not sure how to react to the terrorist attack that destroyed the World Trade Center towers and — according to the last guess I heard — at least 10,000 lives. I heard about it today at a coffee shop on my way to work, that a plane had crashed into the first tower. Once at work, I found that I could do little else but watch, listen, and read about what was going on.

The major (American) news sites on the Web were dog slow, but still I managed to find information, largely thanks to a few webloggers — most notably Dave Winer on his scripting.com. Sites that typically focus on technical news, like Slashdot, picked up the slack and disseminated what information they could. CNN.com was unreachable for some time, but Google made a cached version of its news coverage available. And I have to congratulate whoever at CNN.com had the bright idea of minimizing its page design to reduce server load and make it possible to get to the site.

Kiara, when she heard that the World Trade Center had collapsed, was terrified, thinking that it was the WTC in Saint Paul. I don’t work there now, but I’m still there every now and then.

Still, none of it felt real until I read about counselors waiting at bus stops to deal with children whose parents are never coming home.

Uncategorized

W3C slidemaker

This is pretty much just to remind me where it is: the W3C’s slide making tool.

Uncategorized

I’ve looked at a number

I’ve looked at a number of web log analysis tools. Lots of people seem to like WebTrends. It’s nice for those who have a budget. My web hosting service likes analog. Me, I favor the Webalizer. It’s comprehensive, it’s free. The only real problem with the Webalizer is a twisted and possibly frustrating series of dependencies necessary to build it. This is not insurmountable by any means, however, and now PHPBuilder‘s recently published an article on building and using Webalizer.

« Prev - Next »