11.1 copyright
   THE  CYPHERNOMICON: Cypherpunks FAQ and More, Version 0.666,
   1994-09-10, Copyright Timothy C. May. All rights reserved.
   See the detailed disclaimer. Use short sections under "fair
   use" provisions, with appropriate credit, but don't put your
   name on my words.

11.2 - SUMMARY: Surveillance, Privacy, And Intelligence Agencies
11.2.1. Main Points
11.2.2. Connections to Other Sections
11.2.3. Where to Find Additional Information
  - Bamford ("The Puzzle Palace"), Richelson (several books,
     including "U.S. Intelligence Agencies"), Burrows ("Deep
     Black," about the NRO and spy satellites), Covert Action
     Quarterly
11.2.4. Miscellaneous Comments

11.3 - Surveillance and Privacy
11.3.1. We've come a long way from Secretary of State Stimpson's
   famous "Gentlemen do not read other gentlemen's mail"
   statement. It is now widely taken for granted that Americans
   are to be monitored, surveilled, and even wiretapped by the
   various intelligence agencies. The FBI, the National Security
   Agency, the CIA, the National Reconnaissance Office, etc.
   (Yes, these groups have various charters telling them who
   they can spy on, what legalities they have to meet, etc. But
   they still spy. And there's not an uproar--the "What have you
   got to hide?" side of the American privacy dichotomy.)
11.3.2. Duncan Frissell reminds us of Justice Jackson's 1948
   dissenting opinion in some case:
  - "The government could simplify criminal law enforcement by
     requiring every citizen "to keep a diary that would show
     where he was at all times, with whom he was, and what he
     was up to." [D.F. 1994-09-06, from an article in the WSJ]
  - (It should be noted that tracking devices--collars,
     bracelets, implantable transmitters--exist and are in use
     with prisoners. Some parents are even installing them in
     children, it is rumored. A worry for the future?)
11.3.3. "What is the "surveillance state"?"
  - the issue with crypto is the _centralization_ of
     eavesdropping...much easier than planting bugs
  + "Should some freedom be given up for security?"
    + "Those who are willing to trade freedom for security
      - deserve neither
      + freedom nor security
        - Ben Franklin
    - the tradeoff is often illusory--police states result when
       the trains are made to run on time
  - "It's a bit ironic that the Administration is crying foul
     so loudly
     over the Soviet/Russian spy in the CIA -- as if this was
     unfair --
     while they're openly proclaiming the right to spy on
     citizens
     and foreigners via Clipper." [Carl Ellison, 1994-02-23]
  + Cameras are becoming ubiquitous
    + cheap, integrated, new technologes
      - SDI fisheye lens
    - ATMs
    - traffic, speed traps, street corners
    - store security
  - Barcodes--worst fear of all...and not plausible
  + Automatic recognition is still lacking
    - getting better, slowly
    - neural nets, etc. (but these require training)
11.3.4. "Why would the government monitor _my_ communications?"
  - "Because of economics and political stability....You can
     build computers and monitoring devices in secret, deploy
     them in secret, and listen to _everything_.  To listen to
     everything with bludgeons and pharmaceuticals would not
     only cost more in labor and equipment, but also engender a
     radicalizing backlash to an actual police state." [Eric
     Hughes, 1994-01-26]
  - Systems like Digital Telephony and Clipper make it much too
     easy for governments to routinely monitor their citizens,
     using automated technology that requires drastically less
     human involvement than previous police states required.
11.3.5. "How much surveillance is actually being done today?"
  + FBI and Law Enforcement Surveillance Activities
    - the FBI kept records of meetings (between American
       companies and Nazi interests), and may have used these
       records during and after the war to pressure companies
  + NSA and Security Agency Surveillance Activities
    - collecting economic intelligence
    - in WW2, Economic Warfare Council (which was renamed Board
       of Economic Warfare) kept tabs on shipments of petroleum
       and other products
    + MINARET, code word for NSA "watch list" material
       (intercepts)
      - SIGINT OPERATION MINARET
      - originally, watch list material was "TOP SECRET
         HANDLE VIA COMINT CHANNELS ONLY   UMBRA GAMMA"
      + NSA targeting is done primarily via a list called
         Intelligence Guidelines for COMINT Priorities (IGCP)
        - committe made up of representatives from several
           intelligence agencies
        - intiated in around 1966
    + revelations following Pentagon Papers that national
       security elsur had picked up private conversations (part
       of the Papers)
      - timing of PP was late 1963, early 1964...about time UB
         was getting going
    + F-3, the NSA's main antenna system for intercepting ASCII
       transmissions from un-TEMPESTed terminals and PCs
      - signals can be picked up through walls up to a foot
         thick (or more, considering how such impulses bounce
         around)
  + Joint FBI/NSA Surveillance Activities
    + Operation Shamrock was a tie between NSA and FBI
      - since 1945, although there had been earlier intercepts,
         too
      - COINTELPRO, dissidents, radicals
      + 8/0/45 Operation Shamrock begins
        - a sub rosa effort to continue the monitoring
           arrangements of WW II
        - ITT Communications agreed to turn over all cables
        + RCA Communications also turned over all cables
          - even had an ex-Signal Corps officer as a VP to
             handle the details
          - direct hookups to RCA lines were made, for careful
             monitoring by the ASA
          - cables to and from corporations, law firms,
             embassies, citizens were all kept
          + 12/16/47   Meeting between Sosthenes Behn of ITT,
             General Ingles of RCA, and Sec. of Defense James
             Forrestal
            - to discuss Operation Shamrock
            - to arrange exemptions from prosecution
      + 0/0/63   Operation Shamrock enters a new phase as RCA
         Global switches to computerized operation
        - coincident with Harvest at NSA
        - and perfect for start of UB/Severn operations
      + 1/6/67   Hoover officially terminates "black bag"
         operations
        - concerned about blowback
        - had previously helped NSA by stealing codes, ciphers,
           decrypted traffic, planting bugs on phone lines, etc.
        - from embassies, corporations
        - unclear as to whether these operations continued
           anyway
        + Plot Twist: may have been the motivation for NSA and
           UB/Severn to pursue other avenues, such as the use of
           criminals as cutouts
          - and is parallel to "Plumbers Unit" used by  White
             House
      + 10/1/73   AG Elliot Richardson orders FBI and SS to
         stop requesting NSA surveillance material
        - NSA agreed to stop providing this, but didn't tell
           Richardson about Shamrock or Minaret
        - however, events of this year (1973) marked the end of
           Minaret
      + 3/4/77   Justice Dept. recommends against prosecution
         of any NSA or FBI personnel over Operations Shamrock
         and Minaret
        - decided that NSCID No. 9 (aka No. 6) gave NSA
           sufficient leeway
      - 5/15/75   Operation Shamrock officially terminated
      - and Minaret, of course
    + Operation Shamrock-Details
      + 8/0/45 Operation Shamrock begins
        - a sub rosa effort to continue the monitoring
           arrangements of WW II
        - ITT Communications agreed to turn over all cables
        + RCA Communications also turned over all cables
          - even had an ex-Signal Corps officer as a VP to
             handle the details
          - direct hookups to RCA lines were made, for careful
             monitoring by the ASA
          - cables to and from corporations, law firms,
             embassies, citizens were all kept
          + 12/16/47   Meeting between Sosthenes Behn of ITT,
             General Ingles of RCA, and Sec. of Defense James
             Forrestal
            - to discuss Operation Shamrock
            - to arrange exemptions from prosecution
      + 0/0/63   Operation Shamrock enters a new phase as RCA
         Global switches to computerized operation
        - coincident with Harvest at NSA
        - and perfect for start of UB/Severn operations
      + 8/18/66   (Thursday)  New analysis site in New York for
         Operation Shamrock
        + Louis Tordella meets with CIA Dep. Dir. of Plans and
           arranges to set up a new listening post for analysis
           of the tapes from RCA and ITT (that had been being
           shipped to NSA and then back)
          - Tordella was later involved in setting up the watch
             list in 1970 for the BNDD, (Operation Minaret)
        - LPMEDLEY was code name, of a television tape
           processing shop (reminiscent of "Man from U.N.C.L.E."
        - but NSA had too move away later
      - 5/15/75   Operation Shamrock officially terminated
      + 10/1/73   AG Elliot Richardson orders FBI and SS to
         stop requesting NSA surveillance material
        - NSA agreed to stop providing this, but didn't tell
           Richardson about Shamrock or Minaret
        - however, events of this year (1973) marked the end of
           Minaret
      - Abzug committee prompted by New York Daily News report,
         7/22/75, that NSA and FBI had been monitoring
         commercial cable traffic (Operation Shamrock)
      + 6/30/76    175 page report on Justice Dept.
         investigation of Shamrock and Minaret
        - only 2 copies prepared, classified TOP SECRET UMBRA,
           HANDLE VIA COMINT CHANNELS ONLY
      + 3/4/77   Justice Dept. recommends against prosecution
         of any NSA or FBI personnel over Operations Shamrock
         and Minaret
        - decided that NSCID No. 9 (aka No. 6) gave NSA
           sufficient leeway
      + the NSA program, begun in August 1945, to monitor all
         telegrams entering or leaving the U.S.
        - reminiscent of Yardley's arrangements in the 1920s
           (and probably some others)
        - known only to Louis Tordella and agents involved
        - compartmentalization
      + Plot Links of Operation Shamrock to Operation Ultra
         Black
        - many links, from secrecy, compartmentalization, and
           illegality to the methods used and the subversion of
           government power
        - "Shamrock was blown...Ultra Black burrowed even
           deeper."
    + NSA, FBI, and surveillance of Cuban sympathizers
      - "watch list" used
      - were there links to Meyer Lansky and Trafficante via
         the JFK-Mafia connection?
      - various Watergate break-in connections (Cubans used)
      - Hoover ended black-bag operations in 1967-8
    + NSA, FBI, and Dissenters (COINTELPRO-type activities)
      + 10/20/67   NSA is asked to begin collecting information
         related to civil disturbances, war protesters, etc.
        - Army Intelligence, Secret Service, CIA, FBI, DIA were
           all involved
        - arguably, this continues (given the success of FBI
           and Secret Service in heading off major acts of
           terrorism and attempted assassinations)
    + Huston Plan and Related Plans (1970-71)
      - 7/19/66   Hoover unofficially terminates black bag
         operations
      + 1/6/67   Hoover officially terminates black bag
         operations
        - fearing blowback, concerned about his place in
           history
      + 6/20/69   Tom C. Huston recommends increased
         intelligence activity on dissent
        - memo to NSA, CIA, DIA, FBI
        - this later becomes basis of Huston Plan
      + 6/5/70   Meeting at White House to prepare for Huston
         Plan; Interagency Committee on Intelligence (Ad Hoc),
         ICI
        - Nixon, Huston, Ehrlichman, Haldeman, Noel Gayler of
           NSA. Richard Helms of CIA, J. Edgar Hoover of FBI,
           Donald V. Bennett of DIA
        - William Sullivan of FBI named to head ICI
        + NSA enthusiastically supported ICI
          - PROD named Benson Buffham as liaison
          - sought increased surreptitious entries and
             elimination of legal restrictions on domestic
             surveillance (not that they had felt bound by
             legalisms)
        - recipients to be on "Bigot List" and with even more
           security than traditional TOP SECRET, HANDLE VIA
           COMINT CHANNELS ONLY
        -
      + 7/23/70   Huston Plan circulated
        - 43 pages, entitled Domestic Intelligence Gathering
           Plan: Analysis and Stategy
        - urged increased surreptitious entries (for codes,
           ciphers, plans, membership lists)
        - targeting of embassies
      + 7/27/70   Huston Plan cancelled
        - pressure by Attorney General John Mitchell
        - and perhaps by Hoover
        - Huston demoted; he resigned a year later
        - but the Plan was not really dead...perhaps Huston's
           mistake was in being young and vocal and making the
           report too visible and not deniable enough
      + 12/3/70   Intelligence Evaluation Committee (IEC) meets
         (Son-of-Huston Plan)
        - John Dean arranged it in fall of '70
        - Robert C. Mardian, Assistant AG for Internal Security
           headed up the IEC
        - Benson Buffham of NSA/PROD, James Jesus Angleton of
           CIA, George Moore from FBI, Col. John Downie from DOD
        - essentially adopted all of Huston Plan
      + 1/26/71   NSA issues NSA Contribution to Domestic
         Intelligence (as part of IEC)
        - increased scope of surveillance related to drugs (via
           BNDD and FBI), foreign nationals
        - "no indication of origin" on generated material
        - full compartmentalization, NSA to ensure compliance
      + 8/4/71  G. Gordon Liddy attends IEC meeting, to get
         them to investigate leaks of Pentagon Papers
        - channel from NSA/PROD to Plumber's Unit in White
           House, bypassing other agencies
      + 6/7/73   New York Times reveals details of Huston Plan
        - full text published
        - trials of Weatherman jeopardized and ultimately
           derailed it
      + 10/1/73   AG Elliot Richardson orders FBI and SS to
         stop requesting NSA surveillance material
        - NSA agreed to stop providing this, but didn't tell
           Richardson about Shamrock or Minaret
        - however, events of this year (1973) marked the end of
           Minaret
  + FINCEN, IRS, and Other Economic Surveillance
    - set up in Arlington as a group to monitor the flows of
       money and information
    + eventually these groups will see the need to actively
       hack into computer systems used by various groups that
       are under investigation
      - ties to the death of Alan Standorf? (Vint Hill)
      - Casolaro, Riconosciutto
11.3.6. "Does the government want to monitor economic transactions?"
  - Incontrovertibly, they _want_ to. Whether they have actual
     plans to do so is more debatable. The Clipper and Digital
     Telephony proposals are but two of the indications they
     have great plans laid to ensure their surveillance
     capabilities are maintained and extended.
  - The government will get increasingly panicky as more Net
     commerce develops, as trade moves offshore, and as
     encryption spreads.
11.3.7. A danger of the surveillance society: You can't hide
  - seldom discussed as a concern
  - no escape valve, no place for those who made mistakes to
     escape to
  - (historically, this is a way for criminals to get back on a
     better track--if a digital identity means their record
     forever follows them, this may...)
  + A growing problem in America and other "democratic"
     countries is the tendency to make mandatory what were once
     voluntary choices. For example, fingerprinting children to
     help in kidnapping cases may be a reasonable thing to do
     voluntarily, but some school districts are planning to make
     it mandatory.
    - This is all part of the "Let's pass a law" mentality.
11.3.8. "Should I refuse to give my Social Security Number to those
   who ask for it?"
  - It's a bit off of crypto, but the question does keep coming
     up on the Cypherpunks list.
  - Actually, they don't even need to ask for it
     anymore....it's attached to so many _other_ things that pop
     up when they enter your name that it's a moot point. In
     other words, the same dossiers that allow the credit card
     companies to send you "preapproved credit cards" every few
     days are the same dossiers that MCI, Sprint, AT&T, etc. are
     using to sign you up.
11.3.9. "What is 'Privacy 101'?"
  - I couldn't think of a better way to introduce the topic of
     how individuals can protect their privacy, avoid
     interference by the government, and (perhaps) avoid taxes.
  - Duncan Frissell and Sandy Sandfort have given out a lot of
     tips on this, some of them just plain common sense, some of
     them more arcane.
  + They are conducting a seminar, entitled "PRIVACY 101" and
     the archives of this are available by Web at:
    - http://www.iquest.com/~fairgate/privacy/index.html
11.3.10. Cellular phones are trackable by region...people are getting
   phone calls as they cross into new zones, "welcoming" them
  - but it implies that their position is already being tracked
11.3.11. Ubiquitous use of SSNs and other personal I.D.
11.3.12. cameras that can recognize faces are placed in many public
   places, e.g., airports, ports of entry, government buildings
  - and even in some private places, e.g., casinos, stores that
     have had problems with certain customers, banks that face
     robberies, etc.
11.3.13. speculation (for the paranoids)
  - covert surveillance by noninvasive detection
     methods...positron emission tomography to see what part of
     the brain is active (think of the paranoia possibility!)
  - typically needs special compounds, but...
11.3.14. Diaries are no longer private
  + can be opened under several conditions
    - subpoena in trial
    - discovery in various court cases, including divorce,
       custody, libel, etc.
    - business dealings
    - psychiatrists (under Tarasoff ruling) can have records
       opened; whatever one may think of the need for crimes
       confessed to shrinks to be reported, this is certainly a
       new era
  - Packwood diary case establishes the trend: diaries are no
     longer sacrosanct
  - An implication for crypto and Cypherpunks topics is that
     diaries and similar records may be stored in encrypted
     forms, or located in offshore locations. There may be more
     and more use of offshore or encrypted records.

11.4 - U.S. Intelligence Agencies: NSA, FinCEN, CIA, DIA, NRO, FBI
11.4.1. The focus here is on U.S. agencies, for various reasons. Most
   Cypherpunks are currently Americans, the NSA has a dominant
   role in surveillance technology, and the U.S. is the focus of
   most current crypto debate. (Britain has the GCHQ, Canada has
   its own SIGINT group, the Dutch have...., France has DGSE and
   so forth, and...)
11.4.2. Technically, not all are equal. And some may quibble with my
   calling the FBI an "intelligence agency." All have
   surveillance and monitoring functions, albeit of different
   flavors.
11.4.3. "Is the NSA involved in domestic surveillance?"
  + Not completely confirmed, but much evidence that the answer
     is "yes":
    * previous domestic surveillance (Operation Shamrock,
       telegraphs, ITT, collusion with FBI, etc.)
    * reciprocal arrangements with GCHQ (U.K.)
    * arrangements on Indian reservations for microwave
       intercepts
    * the general technology allows it (SIGINT, phone lines)
    * the National Security Act of 1947, and later
       clarifications and Executive Orders, makes it likely
  - And the push for Digital Telephony.
11.4.4. "What will be the effects of widespread crypto use on
   intelligence collection?"
  - Read Bamford for some stuff on how the NSA intercepts
     overseas communications, how they sold deliberately-
     crippled crypto machines to Third World nations, and how
     much they fear the spread of strong, essentially
     unbreakable crypto. "The Puzzle Palace" was published in
     1982...things have only gotten worse in this regard since.
  - Statements from senior intelligence officials reflect this
     concern.
  - Digital dead drops will change the whole espionage game.
     Information markets, data havens, untraceable e-mail...all
     of these things will have a profound effect on national
     security issues.
  - I expect folks like Tom Clancy to be writing novels about
     how U.S. national security interests are being threatened
     by "unbreakable crypto." (I like some Clancy novels, but
     there's no denying he is a right-winger who's openly
     critical of social trends, and that he believes druggies
     should be killed, the government is necessary to ward off
     evil, and ordinary citizens ought not to have tools the
     government can't overcome.)
11.4.5. "What will the effects of crypto on conventional espionage?"
  - Massive effects; watch out for this to be cited as a reason
     to ban or restrict crypto--however pointless that may be.
  + Effects:
    - information markets, a la BlackNet
    - digital dead drops -- why use Coke cans near oak trees
       when you can put messages into files and post them
       worldwide, with untraceably? (but, importantly, with a
       digital signature!)
    - transparency of borders
    - arms trade, arms deals
    - virus, weaponry
11.4.6. NSA budget
  - $27 billion over 6 years, give or take
  - may actually increase, despite end of Cold War
  - new threats, smaller states, spread of nukes, concerns
     about trade, money-laundering, etc.
  - first rule of bureaucracies: they always get bigger
  + NSA-Cray Computer supercomputer
    + press release, 1994-08-17, gives some clues about the
       capabilities sought by the surveillance state
      - "The Cray-3/SSS will be a hybrid system capable of
         vector parallel processing, scalable parallel
         processing and a combination of both. The system will
         consist of a dual processor 256 million word Cray-3 and
         a 512,000 processor 128 million byte single instruction
         multiple data (SIMD) array......SIMD arrays of one
         million processors are expected to be possible using
         the current version of the Processor-In-Memory (PIM)
         chips developed by the Supercomputing Research Center
         once the development project is completed. The PIM chip
         contains 64 single-bit processors and 128 kilobyte bits
         of memory. Cray Computer will package PIM chips
         utilizing its advanced multiple chip module packaging
         technology. The chips are manufactured by National
         Semiconductor Corporation."
    - This is probably the supercomputer described in the
       Gunter Ahrendt report
11.4.7. FINCEN, IRS, and Other Economic Surveillance
  - Financial Crimes Enforcement Network, a consortium or task
     force made up of DEA, DOJ, FBI, CIA, DIA, NSA, IRS, etc.
  - set up in Arlington as a group to monitor the flows of
     money and information
  - eventually these groups will see the need to hack into
     computer systems used by various groups that are under
     investigation
  - Cf. "Wired," either November or December, 1993
11.4.8. "Why are so many computer service, telecom, and credit agency
   companies located near U.S. intelligence agency sites?"
  + For example, the cluster of telecom and credit reporting
     agencies (TRW Credit, Transunion, etc.) in and around the
     McLean/Langley area of Northern Virginia (including
     Herndon, Vienna, Tyson's Corner, Chantilly, etc.)
    - same thing for, as I recall, various computer network
       providers, such as UUCP (or whatever), America Online,
       etc.
  - The least conspiratorial view: because all are located near
     Washington, D.C., for various regulatory, lobbying, etc.
     reasons
  + The most conspiratorial view: to ensure that the
     intelligence agencies have easy access to communications,
     direct landlines, etc.
    - credit reporting agencies need to clear identities that
       are fabricated for the intelligence agencies, WitSec,
       etc. (the three major credit agencies have to be
       complicit in these creations, as the "ghosts" show up
       immediately when past records are cross-correlated)
    - As Paul Ferguson, Cypherpunk and manager at US Sprint,
       puts it: "We're located in Herndon, Virginia, right
       across the street from Dulles Airport and a hop, skip &
       jump down the street from the new NRO office.   ,-)"
       [P.F., 1994-08-18]
11.4.9. Task Force 157, ONI, Kissinger, Castle Bank, Nugan Hand Bank,
   CIA
11.4.10. NRO building controversy
  - and an agency I hadn't seen listed until August, 1994: "The
     Central Imagery Office"
11.4.11. SIGINT listening posts
  + possible monkeywrenching?
    - probably too hard, even for an EMP bomb (non-nuclear,
       that is)
11.4.12. "What steps is the NSA taking?"
  * besides death threats against Jim Bidzos, that is
  * Clipper a plan to drive competitors out (pricing, export
     laws, harassment)
  * cooperation with other intelligence agencies, other nations
    - New World Order
  * death threats were likely just a case of bullying...but
     could conceivably be part of a campaign of terror--to shut
     up critics or at least cause them to hesitate

11.5 - Surveillance in Other Countries
11.5.1. Partly this overlaps on the earlier discussion of crypto laws
   in other countries.
11.5.2. Major Non-U.S. Surveillance Organizations
  + BnD -- Bundesnachrichtendienst
    - German security service
    - BND is seeking constitutional amendment, buy may not need
       it, as the mere call for it told everyone what is already
       existing
    - "vacuum cleaner in the ether"
    - Gehlen...Eastern Front Intelligence
    - Pullach, outside Munchen
    - they have always tried to get the approval to do domestic
       spying...a key to power
  + Bundeskriminalamt (BKA) -- W. German FBI
    - HQ is at Wiesbaden
    - bomb blew up there when being examined, killing an
       officer (related to Pan Am/Lockerbie/PFLP-GC)
    - sign has double black eagles (back to back)
  - BVD -- Binnenlandse Veiligheids Dienst, Dutch Internal
     Security Service
  + SDECE
    - French intelligence (foreign intelligence), linked to
       Greepeace ship bombing in New Zealand?
    - SDECE had links to the October Surprise, as some French
       agents were in on the negotiations, the arms shipments
       out of Marseilles and Toulon, and in meetings with
       Russbacher and the others
  - DST, Direction de la Surveillance du Territoire,
     counterespionage arm of France (parallel to FBI)
  + DSGE, Direction Générale de la Sécurité Extériere
    - provides draft deferments for those who deliver stolen
       information
  + Sweden, Forsvarets Radioanstalt ("Radio Agency of the
     Defense")
    - cracked German communications between occupied Norway and
       occupied Denmark
    - Beurling, with paper and pencil only
  + Mossad, LAKAM, Israel
    + HQ in Tel Aviv, near HQ of AMAN, military intelligence
      - doesn't HQ move around a lot?
    - LAKAM (sp?),  a supersecret Israeli intelligence
       agency...was shown the PROMIS software in 1983
    + learned of the Pakistani success in building an atom bomb
       and took action against the Pakistani leadership:
       destruction of the plane carrying the President (Zia?)
       and some U.S. experts
      - Mossad knew of DIA and CIA involvement in BCCI
         financing of Pakistani atom bomb efforts (and links to
         other arms dealers that allowed triggers and the like
         to reach Pakistan)
    - revelations by Vanunu were designed to scare the Arab and
       Muslim world-and to send a signal that the killing of
       President Zia was to be the fate of any Pakistani leader
       who continued the program
11.5.3. They are very active, though they get less publicity than do
   the American CIA, NSA, FBI, etc.

11.6 - Surveillance Methods and Technology
11.6.1. (some of this gets speculative and so may not be to
   everyone's liking)
11.6.2. "What is TEMPEST and what's the importance of it?"
  - TEMPEST apprarently stands for nothing, and hence is not an
     acronym, just a name. The all caps is the standard
     spelling.
  - RF emission, a set of specs for complying
  - Van Eyck (or Van Eck?) radiation
  + Mostly CRTs are the concern, but also LCD panels and the
     internal circuitry of the PCs, workstations, or terminals.
    - "Many LCD screens can be read at a distance. The signal
       is not as strong as that from the worst vdus, but it is
       still considerable. I have demonstrated attacks on Zenith
       laptops at 10 metres or so with an ESL 400 monitoring
       receiver and a 4m dipole antenna; with a more modern
       receiver, a directional antenna and a quiet RF
       environment there is no reason why 100 metres should be
       impossible." [Ross Anderson, Tempest Attacks on Notebook
       Computers ???, comp.security.misc, 1994-08-31]
11.6.3. What are some of the New Technologies for Espionage and
   Surveillance
  + Bugs
    + NSA and CIA have developed new levels of miniaturized
       bugs
      - e.g., passive systems that only dribble out intercepted
         material when interrogated (e.g., when no  bug sweeps
         are underway)
      - many of these new bugging technologies were used in the
         John Gotti case in New York...the end of the Cold War
         meant that many of these technologies became available
         for use by the non-defense side
      - the use of such bugging technology is a frightening
         development: conversations can be heard inside sealed
         houses from across streets, and all that will be
         required is an obligatory warrant
    + DRAM storage of compressed speech...6-bit companded,
       frequency-limited, so that 1 sec  of speech takes
       50Kbits, or 10K when compressed, for a total of 36 Mbits
       per hour-this will fit on a single chip
      - readout can be done from a "mothership" module (a
         larger bug that sits in some more secure location)
      - or via tight-beam lasers
    + Bugs are Mobile
      - can crawl up walls, using the MIT-built technology for
         microrobots
      - some can even fly for short distances (a few klicks)
  + Wiretaps
    - so many approaches here
    - phone switches are almost totally digital (a la ESS IV)
    - again, software hacks to allow wiretaps
  + Vans equipped to eavesdrop on PCs and networks
    + TEMPEST systems
      + technology is somewhat restricted, companies doing this
         work are under limitations not to ship to some
         customers
        - no laws against shielding, of course
    - these vans are justified for the "war on drugs" and
       weapons proliferation controle efforts (N.E.S.T., anti-
       Iraq, etc.)
  + Long-distance listening
    - parabolic reflectors, noise cancellation (from any off-
       axis sources), high gain amplification, phoneme analysis
    - neural nets that learn the speech patterns and so can
       improve clarity
  + lip-reading
    - with electronically stabilized CCD imagers, 3000mm lenses
    - neural net-based lip-reading programs, with learning
       systems capable of improving performance
  - for those in sensitive positions, the availability of new
     bugging methods will accelerate the conversion to secure
     systems based on encrypted telecommunications and the
     avoidance of voice-based systems
11.6.4. Digital Telephony II is a major step toward easier
   surveillance
11.6.5. Citizen tracking
  + the governments of the world would obviously like to trace
     the movements, or at least the major movements, of their
     subjects
    - makes black markets a bit more difficult
    - surfaces terrorists, illegal immigrants, etc. (not
       perfectly)
    + allows tracking of "sex offenders"
      - who often have to register with the local police,
         announce to their neighbors their previous crimes, and
         generally wear a scarlet letter at all times--I'm not
         defending rapists and child molesters, just noting the
         dangerous precedent this is setting
    - because its the nature of bureaucracies to want to know
       where "their" subjects are (dossier society = accounting
       society...records are paramount)
  + Bill Stewart has pointed out that the national health care
     systems, and the issuance of social security numbers to
     children, represent a way to track the movements of
     children, through hospital visits, schools, etc. Maybe even
     random check points at places where children gather (malls,
     schools, playgrounds, opium dens, etc.)
    - children in such places are presumed to have lesser
       rights, hence...
    - this could all be used to track down kidnapped children,
       non-custodial parents, etc.
    - this could be a wedge in the door: as the children age,
       the system is already in place to continue the tracking
       (about the right timetable, too...start the systme this
       decade and by 2010 or 2020, nearly everybody will be in
       it)
    - (A true paranoid would link these ideas to the child
       photos many schools are requring, many local police
       departments are officially assisting with, etc. A dossier
       society needs mug shots on all the perps.)
  - These are all reasons why governments will continue to push
     for identity systems and will seek to derail efforts at
     providing anonymity
  + Surveillance and Personnel Identification
    + cameras that can recognize faces are placed in many
       public places, e.g., airports, ports of entry, government
       buildings
      - and even in some private places, e.g., casinos, stores
         that have had problems with certain customers, banks
         that face robberies, etc.
    + "suspicious movements detectors"
      + cameras that track movements, loitering, eye contact
         with other patrons
        + neural nets used to classify behvaiors
          - legal standing not needed, as these systems are
             used only to trigger further surveillance, not to
             prove guilt in a court of law
        - example: banks have cameras, by 1998, that can
           identify potential bank robbers
        - camera images are sent to a central monitoring
           facility, so the usual ploy of stopping the silent
           alarm won't work
      - airports and train stations (fears of terrorists),
         other public places
11.6.6. Cellular phones are trackable by region...people are getting
   phone calls as they cross into new zones, "welcoming" them
  - but it implies that their position is already being tracked
11.6.7. coming surveillance, Van Eck, piracy, vans
  - An interesting sign of things to come is provided in this
     tale from a list member:  "In Britain we have 'TV detector
     Vans'. These are to detect licence evaders (you need to pay
     an annual licence for the BBC channels). They are provided
     by the Department of Trade and Industry. They use something
     like a small minibus and use Van Eck principles. They have
     two steerable detectors on the van roof so they can
     triangulate. But TV shops have to notify the Government of
     buyers - so that is the basic way in which licence evaders
     are detected. ... I read of a case on a bulletin board
     where someone did not have a TV but used a PC. He got a
     knock on the door. They said he appeared to have a TV but
     they could not make out what channel he was watching!
     [Martin Spellman, , 1994-
     0703]
  - This kind of surveillance is likely to become more and more
     common, and raises serious questions about what _other_
     information they'll look for. Perhaps the software piracy
     enforcers (Software Publishers Association) will look for
     illegal copies of Microsoft Word or SimCity!   (This area
     needs more discussion, obviously.)
11.6.8. wiretaps
  - supposed to notify targets within 90 days, unless extended
     by a judge
  - Foreign Intelligence Surveillance Act cases are exempt from
     this (it is likely that Cypherpunks wiretapped, if they
     have been, for crypto activities fall under this
     case...foreigners, borders being crossed, national security
     implications, etc. are all plausible reasons, under the
     Act)

11.7 - Surveillance Targets
11.7.1. Things the Government May Monitor
  - besides the obvious things like diplomatic cable traffic,
     phone calls from and to suspected terrorists and criminals,
     etc.
  + links between Congressmen and foreign embassies
    - claims in NYT (c. 9-19-91) that CIA had files on
       Congressmen opposing aid to Contras
  + Grow lamps for marijuana cultivation
    - raids on hydroponic supply houses and seizure of mailing
       lists
    - records of postings to alt.drugs and alt.psychoactive
    - vitamin buyers clubs
  + Energy consumption
    - to spot use of grow lamps
    + but also might be refined to spot illegal aliens being
       sheltered or any other household energy consumption
       "inconsistent with reported uses"
      - same for water, sewage, etc.
  + raw chemicals
    - as with monitors on ammonium nitrate and other bomb
       materials
    - or feedstock for cocaine production (recall various
       seizures of shipments of chemicals to Latin America)
  - checkout of books, a la FBI's "Library Awareness Program"
     of around 1986 or so
  - attendance at key conferences, such as Hackers Conference
     (could have scenes involving this), Computer Security
     Conference
11.7.2. Economic Intelligence (Spying on Corporations, Foreign and
   Domestic)
  + "Does the NSA use economic intelligence data obtained in
     intercepts?"
    - Some of us speculate that this is so, that this has been
       going on since the 1960s at least. For example, Bamford
       noted in 1982 that the NSA had foreknowledge of the plans
       by the British to devalue the pound in the late 1970s,
       and knowledge of various corporate plans.
    - The NSA clears codes used by the CIA, so it seem
       impossible for the NSA not to have known about CIA drug
       smuggling activities. The NSA is very circumspect,
       however, and rarely (or never) comments.
  + there have been calls for the government to somehow help
     American business and overall competitiveness by "levelling
     the playing field" via espionage
    - especially as the perceived threat of the Soviet bloc
       diminishes and as the perceived threat of Japan and
       Germany increases
  - leaders of the NSA and CIA have even talked openly about
     turning to economic surveillance
  + Problems with this proposal:
    - illegal
    - unethical
    + who gets the intelligence information? Does NSA just call
       up Apple and say "We've intercepted some message from
       Taiwan that describe their plans for factories. Are you
       interested?"
      - the U.S. situation differs from Japan and MITI (which
         is often portrayed as the model for how this ought to
         work) in that we have many companies with little or no
         history of obeying government recommendations
    + and foreign countries will likely learn of this espionage
       and take appropriate measures
      - e.g., by increasing encryption
11.7.3. War on Drugs and Money Laundering is Causing Increase in
   Surveillance and Monitoring
  - monitoring flows of capital, cash transactions, etc.
  - cooperation with Interpol, foreign governments, even the
     Soviets and KGB (or whatever becomes of them)
  - new radar systems are monitoring light aircraft, boats,
     etc.

11.8 - Legal Issues
11.8.1. "Can my boss monitor my work?" "Can my bankruptcy in 1980 be
   used to deny me a loan?" etc.
  - Libertarians have a very different set of answers than do
     many others: the answer to all these questions is mostly
     "yes," morally (sorry for the normative view).
11.8.2. Theme: to protect some rights, invasion of privacy is being
   justified
  - e.g., by forcing employer records to be turned over, or of
     seizing video rental records (on the grounds of catching
     sexual deviants)
  - various laws about employee monitoring
11.8.3. Government ID cards, ability to fake identities
  - The government uses its powers to forge credentials, with
     the collusion of the major credit agencies (who obviously
     see these fake identities "pop into existence full-blown."
  - WitSec, FINCen, false IDs, ties to credit card companies
  - DEA stings, Heidi in La Jolla, Tava, fake tax returns, fake
     bank applications, fake IDs
  - the "above it all" attitude is typical of this...who guards
     the guardians?
  - WitSec, duplicity
11.8.4. Legalities of NSA surveillance
  - read Bamford for some circa 1982 poinra
  - UK-USA
  - ECPA
  - national security exemptions
  - lots of confusion; however, the laws have never had any
     real influence, and I cannot imagine the NSA being sued!

11.9 - Dossiers and Data Bases
11.9.1. "The dossier never forgets"
  + any transgressions of any law in any country can be stored
     indefinitely, exposing the transgressor to arrest and
     detention anytime he enters a country with such a record on
     him
    - (This came up with regard to the British having quaint
       ideas about computer security, hacking, and data privacy;
       it is quite possible that an American passing through
       London could be detained for some obscure violation years
       in the past.)
  - this is especially worrisome in a society in which legal
     codes fill entire rooms and in which nearly every day
     produces some violation of some law
11.9.2. "What about the privacy issues with home shopping, set-top
   boxes, advertisers, and the NII?"
  - Do we want our preferences in toothpaste fed into databases
     so that advertisers can target us? Or that our food
     purchases be correlated and analyzed by the government to
     spot violations of the Dietary Health Act?
  - First, laws which tell people what records they are
     "allowed" to keep are wrong-headed, and lead to police
     state inspections of disk drives, etc. The so-called "Data
     Privacy" laws of several European nations are a nightmare.
     Strong crypto makes them moot.
  - Second, it is mostly up to people to protect what they want
     protected, not to pass laws demanding that others protect
     it for them.
  - In practice, this means either use cash or make
     arrangements with banks and credit card companies that will
     protect privacy. Determining if they have or not is another
     issue, but various ideas suggest themselves (John Gilmore
     says he often joins groups under variants of his name, to
     see who is selling his name to mailing lists.)
  - Absent any laws which forbid them, privacy-preserving
     credit card companies will likely spring up if there's a
     market demand. Digital cash is an example. Other variants
     abound. Cypherpunks should not allow such alternatives to
     be banned, and should of course work on their own such
     systems.
11.9.3. credit agencies
  - TRW Credit, Transunion, Equifax
  - links to WitSec
11.9.4. selling of data bases, linking of records...
  - several states have admitted to selling their driver's
     license data bases

11.10 - Police States and Informants
11.10.1. Police states need a sense of terror to help magnify the
   power or the state, a kind of "shrechlichkeit," as the Nazis
   used to call it. And lots of informants. Police states need
   willing accomplices to turn in their neighbors, or even their
   parents, just as little Pavel Morozov became a Hero of the
   Soviet People by sending his parents to their deaths in
   Stalin's labor camps for the crime of expressing negative
   opinions about the glorious State.
  - (The canonization of Pavel Morozov was recently repudiated
     by current Russian leaders--maybe even by the late-Soviet
     era leades, like Gorbachev--who pointed out the corrosive
     effects of encouraging families to narc on each
     other...something the U.S. has forgotten...will it be 50
     years before our leaders admit that having children turn in
     Daddy for using "illegal crypto" was not such a good idea?)
11.10.2. Children are encouraged in federally-mandated D.A.R.E.
   programs to become Junior Narcs, narcing their parents out to
   the cops and counselors who come into their schools.
11.10.3. The BATF has a toll-free line (800-ATF-GUNS) for snitching on
   neighbors who one thinks are violating the federal gun laws.
   (Reports are this is backfiring, as gun owners call the
   number to report on local liberal politicians and gun-
   grabbers.)
11.10.4. Some country we live in, eh? (Apologies to non-U.S. readers,
   as always.)
11.10.5. The implications for use of crypto, for not trusting others,
   etc., are clear
11.10.6. Dangers of informants
  + more than half of all IRS prosecutions arise out of tips by
     spouses and ex-spouses...they have the inside dope, the
     motive, and the means
    - a sobering thought even in the age of crypto
  + the U.S. is increasing a society of narcs and stool
     pigeons, with "CIs" (confidential informants), protected
     witnesses (with phony IDs and lavish lifestyles), and with
     all sorts of vague threats and promises
    - in a system with tens of thousands of laws, nearly all
       behavior breaks at least some laws, often unavoidably,
       and hence a powerful sword hangs over everyone's head
  - corrosion of trust, especially within families (DARE
     program in schools encourages children to narc on their
     parents who are "substance abusers"!)

11.11 - Privacy Laws
11.11.1. Will proposed privacy laws have an effect?
  + I suspect just the opposite: the tangled web of laws-part
     of the totalitarian freezeout-will "marginalize" more
     people and cause them to seek ways to protect their own
     privacy and protect themselves from sanctions over their
     actions
    + free speech vs. torts, SLAPP suits, sedition charges,
       illegal research, etc.
      - free speech is vanishing under a torrent of laws,
         licensing requirements, and even zoning rules
    + outlawing of work on drugs, medical procedures, etc.
      - against the law to disseminate information on drug use
         (MDMA case at Stanford), on certain kinds of birth
         control
    - "If encrytion is outlawed, only outlaws will have
       encryption."
  + privacy laws are already causing encryption ("file
     protection") to be mandatory in many cases, as with medical
     records, transmission of sensitive files, etc.
    - by itself this is not in conflict with the government
       requirement for tappable access, but the practical
       implementation of a two-tier system-secure against
       civilian tappers but readable by national security
       tappers-is a nightmare and is likely impossible to
       achieve
11.11.2. "Why are things like the "Data Privacy Laws" so bad?"
  - Most European countries have laws that limit the collection
     of computerized records, dossiers, etc., except for
     approved uses (and the governments themselves and their
     agents).
  - Americans have no such laws. I've heard calls for this,
     which I think is too bad.
  - While we may not like the idea of others compiling dossiers
     on us, stopping them is an even worse situation. It gives
     the state the power to enter businesses, homes, and examine
     computers (else it is completely unenforceable). It creates
     ludicrous situations in which, say, someone making up a
     computerized list of their phone contacts is compiling an
     illegal database! It makes e-mail a crime (those records
     that are kept).
  - they are themselves major invasions of privacy
  - are you going to put me in jail because I have data bases
     of e-mail, Usenet posts, etc.?
  - In my opinion, advocates of "privacy" are often confused
     about this issue, and fail to realize that laws about
     privacy often take away the privacy rights of _others_.
     (Rights are rarely in conflict--contract plus self-privacy
     take care of 99% of situations where rights are purported
     to be in conflict.)
11.11.3. on the various "data privacy laws"
  - many countries have adopted these data privacy laws,
     involving restrictions on the records that can be kept, the
     registration of things like mailing lists, and heavy
     penalties for those found keeping computer files deemed
     impermissable
  - this leads to invasions of privacy....this very Cypherpunks
     list would have to be "approved" by a bureaucrat in many
     countries...the oportunites (and inevitabilities) of abuse
     are obvious
  - "There is a central contradiction running through the
     dabase regulations proposed by many so-called "privacy
     advocates".  To be enforceable they require massive
     government snooping into database activities on our
     workstatins and PCs,  especially the activities of many
     small at-home businesses (such as mailing list
     entrepreneurs who often work out of the home).
     
     "Thus, the upshot of these so-called "privacy" regulations
     is to destroy our last shreds of privacy against
     government, and calm us into blindly letting even more of
     the details of our personal lives into the mainframes of
     the major government agencies and credit reporting
     agenices, who if they aren't explicitly excepted from the
     privacy laws (as is common) can simply evade them by using
     offshore havesn, mutual agreements with foreign
     investigators, police and intelligence agencies."  [Jim
     Hart, 1994-09-08]
11.11.4. "What do Cypherpunks think about this?"
  + divided minds...while no one likes being monitored, the
     question is how far one can go to stop others from being
     monitored
    - "Data Privacy Laws" as a bad example: tramples on freedom
       to write, to keep one's computer private
11.11.5. Assertions to data bases need to be checked (credit,
   reputation, who said what, etc.)
  - if I merely assert that Joe Blow no longer is employed, and
     this spreads...

11.12 - National ID Systems
11.12.1. "National ID cards are just the driver's licenses on the
   Information Superhighway." [unknown...may have been my
   coining]
11.12.2. "What's the concern?"
11.12.3. Insurance and National Health Care will Produce the "National
   ID" that will be Nearly Unescapable
  - hospitals and doctors will have to have the card...cash
     payments will  evoke suspicion and may not even be feasible
11.12.4. National ID Card Arguments
  - "worker's permit" (another proposal, 1994-08, that would
     call for a national card authorizing work permission)
  - immigration, benefit
  - possible tie-in to the system being proposed by the US
     Postal Service: a registry of public keys (will they also
     "issue" the private-public key pair?)
  - software key escrow and related ideas
  - "I doubt that one would only have to "flash" your card and
     be on your way.  More correctly, one would have to submit
     to being "scanned" and be on your way.   This would also
     serve to be a convienient locator tag if installed in the
     toll systems and miscellaneous "security checkpoints".  Why
     would anyone with nothing to hide care if your every move
     could be monitored?  Its for your own good, right?  Pretty
     soon sliding your ID into slots in everyplace you go will
     be common." [Korac MacArthur, comp.org.eff.talk, 1994-07-
     25]
11.12.5. "What are some concerns about Universal ID Cards?"
  - "Papierren, bitte! Schnell!
  - that they would allow traceability to the max (as folks
     used to say)... tracking of movements, erosion of privacy
  - that they would be required to be used for banking
     transactions, Net access, etc. (As usual, there may be
     workarounds, hacks, ...)
  - "is-a-person" credentially, where government gets involved
     in the issuance of cryptographic keys (a la the USPS
     proposal), where only "approved uses" are allowed, etc.
  - timestamps, credentials
11.12.6. Postal Service trial balloon for national ID card
  - "While it is true that they share technology, their intent
     and purpose is very different.  Chaum's proposal has as its
     intent  and purpose to provide and protect anonymity in
     financial transactions.  The intent and purpose of the US
     Postal Service is to identify and authenticate you to the
     government and to guarantee the traceability of all
     financial transactions." [WHMurray, alt.privacy, 1994-07-
     04]
11.12.7. Scenario for introduction of national ID cards
  - Imagine that vehicle registrations require presentation of
     this card (gotta get those illegals out of their cars, or,
     more benignly, the bureaucracy simply makes the ID cars
     part of their process).
  - Instantly this makes those who refuse to get an ID card
     unable to get valid license tags. (Enforcement is already
     pretty good....I was pulled over a couple of times for
     either forgetting to put my new stickers on, or for driving
     with Oregon expired tags.)
  + The "National Benefits Card," for example, is then required
     to get license plate tags.and maybe other things, like car
     and home insurance, etc. It would be very difficult to
     fight such a card, as one could not drive, could not pay
     taxes ("Awhh!" I hear you say, but consider the penalties,
     the tie-ins with employers, etc. You can run but you can't
     hide.)
    - the national ID card would presumably be tied in to
       income tax filings, in various ways I won't go into here.
       The Postal Service, aiming to get into this area I guess,
       has floated the idea of electronic filing, ID systems,
       etc.
11.12.8. Comments on national ID cards
  - That some people will be able to skirt the system, or that
     the system will ultimately be unenforceable, does not
     lessen the concern. Things can get real tough in the
     meantime.
  - I see great dangers here, in tying a national ID card to
     transactions we are essentially unable to avoid in this
     society: driving, insurance (and let's not argue
     insurance...I mean it is unavoidable in the sense of legal
     issues, torts, etc.), border crossings, etc. Now how will
     one file taxes without such a card if one is made mandatory
     for interactions with the government? Saying "taxes are not
     collectable" is not an adequate answer. They may not be
     collectible for street punks and others who inhabit the
     underground economy, but they sure are for most of us.

11.13 - National Health Care System Issues
11.13.1. Insurance and National Health Care will Produce the "National
   ID" that will be Nearly Unescapable
  - hospitals and doctors will have to have the card...cash
     payments will  evoke suspicion and may not even be feasible
11.13.2. I'm less worried that a pharmacist will add me to some
   database he keeps than that my doctor will be instructed to
   compile a dossier to government standards and then zip it off
   over the Infobahn to the authorities.
11.13.3. Dangers and issues of National Health Care Plan
  - tracking, national ID card
  - "If you think the BATF is bad, wait until the BHCRCE goes
     into action. "What is the BHCRCE?" you ask. Why, it the
     Burea of Health Care Reform Compliance Enforcement - the
     BATF, FBI, FDA, CIA and IRS all rolled into one."  [Dave
     Feustel, talk.politics.guns, 1994-08-19]
  - Bill Stewart has pointed out the dangers of children having
     social security numbers, of tracking systems in schools and
     hospitals, etc.

11.14 - Credentials
11.14.1. This is one of the most overlooked and ignored aspects of
   cryptology, especially of Chaum's work. And no one in
   Cypherpunks or anywhere else is currently working on "blinded
   credentials" for everyday use.
11.14.2. "Is proof of identity needed?"
  - This question is debated a lot, and is important. Talk of a
     national ID card (what wags call an "internal passport") is
     in the air, as part of health care, welfare, and
     immigration legislation. Electronic markets make this also
     an issue for the ATM/smart card community. This is also
     closely tied in with the nature of anonymous reamailers
     (where physical identity is of course generally lacking).
  + First, "identity" can mean different things:
    - Conventional View of Identity: Physical person, with
       birthdate, physical characteristics, fingerprints, social
       security numbers, passports, etc.--the whole cloud of
       "identity" items. (Biometric.)
    - Pseudonym View of Identity:  Persistent personnas,
       mediated with cryptography. "You are your key."
    - Most of us deal with identity as a mix of these views: we
       rarely check biometric credentials, but we also count on
       physical clues (voice, appearance, etc.). I assume that
       when I am speaking to "Duncan Frissell," whom I've never
       met in person, that he is indeed Duncan Frissell. (Some
       make the jump from this expectation to wanting the
       government enforce this claim, that is, provided I.D.)
  + It is often claimed that physical identity is important in
     order to:
    - track down cheaters, welchers, contract breakes, etc.
    - permit some people to engage in some transactions, and
       forbid others to (age credentials, for drinking, for
       example, or---less benignly--work permits in some field)
    - taxation, voting, other schemes tied to physical
       existence
  + But most of us conduct business with people without ever
     verifying their identity credentials...mostly we take their
     word that they are "Bill Stewart" or "Scott Collins," and
     we never go beyond that.
    - this could change as digital credentials proliferate and
       as interactions cause automatic checks to be made (a
       reason many of us have to support Chaum's "blinded
       credentials" idea--without some crypto protections, we'll
       be constantly tracked in all interactions).
  + A guiding principle: Leave this question of whether to
     demand physical ID  credentials up to the *parties
     involved*. If Alice wants to see Bob's "is-a-person"
     credential, and take his palmprint, or whatever, that's an
     issue for them to work out. I see no moral reason, and
     certainly no communal reason, for outsiders to interfere
     and insist that ID be produced (or that ID be forbidden,
     perhaps as some kind of "civil rights violation"). After
     all, we interact in cyberspace, on the Cypherpunks list,
     without any such external controls on identity.
    - and business contracts are best negotiated locally, with
       external enforcement contracted by the parties (privately-
       produced law, already seen with insurance companies,
       bonding agents, arbitration arrangements, etc.)
  - Practically speaking, i.e., not normatively speaking,
     people will find ways around identity systems. Cash is one
     way, remailers are another. Enforcement of a rigid identity-
     based system is difficult.
11.14.3. "Do we need "is-a-person" credentials for things like votes
   on the Net?"
  - That is, any sysadmin can easily create as many user
     accounts as he wishes. And end users can sign up with
     various services under various names. The concern is that
     this Chicago-style voting (fictitious persons) may be used
     to skew votes on Usenet.
  - Similar concerns arise elsewhere.
  - In my view, this is a mighty trivial reason to support "is-
     a-person" credentials.
11.14.4. Locality, credentials, validations
  + Consider the privacy implications of something so simple as
     a parking lot system. Two main approaches:
    - First Approach. Cash payment. Car enters lot, driver pays
       cash, a "validation" is given. No traceability exists.
       (There's a small chance that one driver can give his
       sticker to a new driver, and thus defraud the parking
       lot. This tends not to happen, due to the inconveniences
       of making a market in such stickers (coordinating with
       other car, etc.) and because the sticker is relatively
       inexpensive.)
    - Second Approach. Billing of driver, recording of license
       plates. Traceability is present, especially if the local
       parking lot is tied in to credit card companies, DMV,
       police, etc. (these link-ups are on the wish list of
       police agencies, to further "freeze out" fugitives, child
       support delinquents, and other criminals).
  - These are the concerns of a society with a lot of
     electronic payments but with no mechanisms for preserving
     privacy. (And there is currently no great demand for this
     kind of privacy, for a variety of reasons, and this
     undercuts the push for anonymous credential methods.)
  - An important property of true cash (gold, bank notes that
     are well-trusted) is that it settles immediately, requiring
     no time-binding of contracts (ability to track down the
     payer and collect on a bad transaction)

11.15 - Records of all UseNet postings
11.15.1. (ditto for CompuServe, GEnie, etc.) will exist
11.15.2. "What kinds of monitoring of the Net is possible?"
  - Archives of all Usenet traffic. This is already done by
     commercial CD-ROm suppliers, and others, so this would be
     trivial for various agencies.
  - Mail archives. More problematic, as mail is ostensibly not
     public. But mail passes through many sites, usually in
     unencrypted form.
  - Traffic analysis. Connections monitored. Telnet, ftp, e-
     mail, Mosaid, and other connections.
  - Filtered scans of traffic, with keyword-matched text stored
     in archives.
11.15.3. Records: note that private companies can do the same thing,
   except that various "right to privacy" laws may try to
   interfere with this
  - which causes its own constitutional privacy problems, of
     course
11.15.4. "How can you expect that something you sent on the UseNet to
   several thousand sites will not be potentially held against
   you? You gave up any pretense of privacy when you broadcast
   your opinions-and even detailed declarations of your
   activities-to an audience of millions. Did you really think
   that these public messages weren't being filed away? Any
   private citizen would find it almost straightforward to sort
   a measly several megabytes a day by keywords, names of
   posters, etc." [I'm not sure if I wrote this, or if someone
   else who I forgot to make a note of did]
11.15.5. this issue is already coming up: a gay programmer who was
   laid-off discussed his rage on one of the gay boards and said
   he was thinking of turning in his former employer for
   widespread copying of Autocad software...an Autodesk employee
   answered him with "You just did!"
11.15.6. corporations may use GREP and On Location-like tools to
   search public nets for any discussion of themselves or their
   products
  - by big mouth employees, by disgruntled customers, by known
     critics, etc.
  - even positive remarks that may be used in advertising
     (subject to various laws)
11.15.7. the 100% traceability of public postings to UseNet and other
   bulletin boards is very stifling to free expression and
   becomes one of the main justifications for the use of
   anonymous (or pseudononymous) boards and nets
  - there may be calls for laws against such compilation, as
     with the British data laws, but basically there is little
     that can be done when postings go to tens of thousands of
     machines and are archived in perpetuity by many of these
     nodes and by thousands of readers
  - readers who may incorporate the material into their own
     postings, etc. (hence the absurdity of the British law)

11.16 - Effects of Surveillance on the Spread of Crypto
11.16.1. Surveillance and monitoring will serve to increase the use of
   encryption, at first by people with something to hide, and
   then by others
  - a snowballing effect
  - and various government agencies will themselves use
     encryption to protect their files and their privacy
11.16.2. for those in sensitive positions, the availability of new
   bugging methods will accelerate the conversion to secure
   systems based on encrypted telecommunications and the
   avoidance of voice-based systems
11.16.3. Surveillance Trends
  + Technology is making citizen-unit surveillance more and
     more trivial
    + video cameras on every street corners are technologically
       easy to implement, for example
      - or cameras in stores, in airports, in other public
         places
      - traffic cameras
    - tracking of purchases with credit cards, driver's
       licenses, etc.
    - monitoring of computer emissions (TEMPEST issues, often a
       matter of paranoid speculation)
    + interception of the Net...wiretapping, interception of
       unencrypted communications, etc.
      - and compilation of dossier entries based on public
         postings
  + This all makes the efforts to head-off a person-tracking,
     credentials-based society all the more urgent.
     Monkeywrenching, sabotage, public education, and
     development of alternatives are all needed.
    - If the surveillance state grows as rapidly as it now
       appears to be doing, more desperate measures may be
       needed. Personally, I wouldn't shed any tears if
       Washington, D.C. and environs got zapped with a terrorist
       nuke; the innocents would be replaced quickly enough, and
       the death of so many political ghouls would surely be
       worth it. The destruction of Babylon.
    + We need to get the message about "blinded credentials"
       (which can show some field, like age, without showing all
       fields, including name and such) out there. More
       radically, we need to cause people to question why
       credentials are as important as many people seem to
       think.
      - I argue that credentials are rarely needed for mutually
         agreed-upon transactions

11.17 - Loose Ends
11.17.1. USPS involvement in electronic mail, signatures,
   authentication (proposed in July-August, 1994)
  + Advantages:
    - many locations
    - a mission already oriented toward delivery
  + Disadvantages:
    - has performed terribly, compared to allowed compettion
       (Federal Express, UPS, Airborne, etc.)
    - it's linked to the goverment (now quasi-independent, but
       not really)
    - could become mandatory, or competition restricted to
       certain niches (as with the package services, which
       cannot have "routes" and are not allowed to compete in
       the cheap letter regime)
    - a large and stultified bureaucracy, with union labor
  - Links to other programs (software key escrow, Digital
     Telephony) not clear, but it seems likely that a quasi-
     governemt agency like the USPS would be cooperative with
     government, and would place limits on the crypto systems
     allowed.
11.17.2. the death threats
  + An NSA official threatened to have Jim Bidzos killed if he
     did not change his position on some negotiation underway.
     This was reported in the newspaper and I sought
     confirmation:
    - "Everything reported in the Merc News is true. I am
       certain that he wasnot speaking for the agency, but when
       it happened he was quite serious, at least appeared to
       be.  There was a long silence after he made the threat,
       with a staring contest.  He was quite intense.
       
       "I respect and trust the other two who were in the room
       (they were shocked and literally speechless, staring into
       their laps) and plan to ask NSA for a written apology and
       confirmation that he was not speaking for the agency.
       We'll see if I get it.  If the incident made it into
       their trip reports, I have a chance of getting a letter."
       [jim@RSA.COM (Jim Bidzos), personal communication, posted
       with permission to talk.politics.crypto, 1994-06-28]
11.17.3. False identities...cannot just be "erased" from the computer
   memory banks. The web of associations, implications, rule
   firings...all mean that simple removal (or insertion of a
   false identity) produces discontinuities, illogical
   developments, holes...history is not easily changed.