dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
679
share rss forum feed


Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7

1 recommendation

Finspy trojan requires a licence to export outside the EU...

.. as it uses controlled cryptography.

»www.guardian.co.uk/world/2012/se···quipment



StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2

1 edit

1 recommendation

LOL.

"Sorry I can't infect your machine due to export restrictions."

Ok...
--
Don't feed trolls--it only makes them grow!



KodiacZiller
Premium
join:2008-09-04
73368
kudos:2

said by StuartMW:

LOL.

"Sorry I can't infect your machine due to export restrictions."

Ok...

While I agree with the British government's decision to restrict the export of such software to oppressive regimes, their basis for doing it is silly (crypto export laws). The U.S. pretty much gave up enforcing such laws in the late 90's because they knew the cat was out of the bag and was impossible to put back in.

According to their brochures, FinSpy uses AES and RSA. Both algorithms are public knowledge, available on the internet and completely open-source. There is no way to "restrict" the "export" of this information since it is already widely available on the web and in academic journals, etc. Hell, AES is a NIST standard.
--
Getting people to stop using windows is more or less the same as trying to get people to stop smoking tobacco products. They dont want to change; they are happy with slowly dying inside. -- munky99999


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2

said by KodiacZiller:

While I agree with the British government's decision to restrict the export of such software to oppressive regimes...

Ok. How would you implement such a restriction? It is trivial to get code anywhere (with or without internet access).
--
Don't feed trolls--it only makes them grow!


KodiacZiller
Premium
join:2008-09-04
73368
kudos:2

said by StuartMW:

said by KodiacZiller:

While I agree with the British government's decision to restrict the export of such software to oppressive regimes...

Ok. How would you implement such a restriction? It is trivial to get code anywhere (with or without internet access).

I wouldn't. There's no way to do so. The Brits are using outdated crypto export laws as a way to do it in this case, but such an approach is nothing but theatre.

The U.S. tried to exercise the export laws against Phil Zimmermann in the 90's because of his dissemination of PGP. So he took the code to PGP and published it in a book and sent copies of the book abroad. A very clever tactic it was since books are protected by the 1st amendment. The government knew it was a losing battle and dropped all charges. Shortly after, Clinton and company relaxed the crypto export restrictions.

My only point was that I agree with the *intentions* of the British government, not with the practicality of enforcing it. I cringe when I hear tech companies are making money by aiding oppressive regimes in their surveillance programs. FinSpy is but one example. An example of an American company doing the same thing is Narus (owned by Boeing) with it's ISP snooping hardware (this is the hardware NSA used to tap AT&T's backbone). Narus has also sold these boxes to oppressive regimes in the Middle East and appear to be getting away with doing so. And they have a former Deputy Director of NSA on their Board of Directors. Money trumps morals in this case.
--
Getting people to stop using windows is more or less the same as trying to get people to stop smoking tobacco products. They dont want to change; they are happy with slowly dying inside. -- munky99999


StuartMW
Who Is John Galt?
Premium
join:2000-08-06
Galt's Gulch
kudos:2

said by KodiacZiller:

Money trumps morals in this case.

Agreed. But that has always been the case and always will be which is why such "restrictions" are pointless IMO.
--
Don't feed trolls--it only makes them grow!


Name Game
Premium
join:2002-07-07
Grand Rapids, MI
kudos:7
reply to KodiacZiller

why I wrote PGP

»www.philzimmermann.com/EN/essays···PGP.html



siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
Reviews:
·Bell Sympatico

1 recommendation

reply to Name Game

Wikipedia now how a standing page for FinFisher

Previous ESET Blog entries that may of interest to some and on-point for the post.

»blog.eset.com/2012/08/30/finfish···-or-evil

»blog.eset.com/2012/08/31/finfish···etection



Blackbird
Built for Speed
Premium
join:2005-01-14
Fort Wayne, IN
kudos:3
Reviews:
·Frontier Communi..

1 recommendation

reply to Name Game

quote:
... The government has a track record that does not inspire confidence that they will never abuse our civil liberties. ...
Perhaps the understatement of our lifetime, made over 10 years ago, and even more relevant today.
--
"Is life so dear, or peace so sweet, as to be purchased at the price of chains and slavery? Forbid it, Almighty God!" -- P.Henry, 1775