– By Grant Gross –

As some U.S. lawmakers contemplate outlawing some forms of encryption, the leader of the GNU-Darwin project is arguing that it’s the patriotic duty of U.S. citizens to use some encryption tools.

In his article, GNU-Darwin authentication and encryption position paper for the US, Michael L. Love says the “open-signing” form of encryption that’s available with encryption programs such as PGP and GnuPG would keep would-be terrorists from hijacking other people’s email to send their messages. Under open signing, the text of the email is open for all to read, but the identify of the sender is authenticated.

Love writes: “All US citizens should immediately start open-signing their email messages as a voluntary act of patriotic duty. In addition, any information
which would assist our terrorist enemies should be encrypted as a matter of course. Let’s use this powerful software to help us win the war against terrorism.”

Love released the paper late last week, after the terrorist attacks on New York and the Pentagon, but he updated it this week to suggest that encryption could’ve limited the damage of the Nimda worm that’s been attacking Windows servers this week.

He writes: “Email worms can be thwarted by an authentication system, because your email must be signed with your passphrase before it is sent. If someone receives email from you that is improperly signed, then they automatically know that something went wrong. PGP could have prevented Nimda worm attacks via email.”

Love argues that the proposal by U.S. Senator Judd Gregg to ban encryption products without backdoors that government agents could exploit would open up all kinds of secure systems that Americans take for granted.

“We are arguing that internet authentication must be based
on strong encryption without back doors, or else the infrastructure
will be weakened,” Love tells NewsForge. “In our group we are thinking about .NET and
about avoiding bad encryption legislation, but this new email worm is
an example that most people can relate to right now.

“The majority of the public still thinks that back doors are a good
thing, because they don’t know any better. I feel that it is important
to get counter-examples like this into the open, because Congress could
still add an encryption amendment to one of the existing funding or
national defense bills that are being considered right now. That would
disastrous, IMHO.”

In the paper, Love gives examples of ATM machines and online purchasing systems as trusted services that could be compromised if encryption backdoors are required. “Nearly everyone who has ever made a purchase on the web has used encryption, and if you live in the US, it was certainly strong encryption,” he writes. “If you made an online donation to help the people of New York City, then you certainly used encryption, even though you may not have realized it. Such encryption capabilities are vital,
because we do not want sensitive information such as credit card numbers to fall into the hands of criminals or terrorists.”

Kelly McNeill writes: “If sources quoted in a recent report published on The Register are to be believed, then many consumers may end up even more confused about MHz than even before. The report suggest that Motorola is scheduled to start high-volume production of the company’s upcoming G5 processor, in speeds ranging from 800 MHz on the low end to 1.6 GHz on the high, as soon as February 2002. If the speculative reports are true, Apple will have to market computers to a newly reeducated demographic that now believes MHz is unimportant. Apple’s new computers will be significantly faster but almost identical in MHz to those PCs employing misleading MHz levels.”

Joe Barr writes: LinuxWorld: “It’s not Big Brother we need to fear, it’s the Little Brothers with
which we do business that encroach on our privacy.”

Joe Barr writes: LinuxWorld: “It’s not Big Brother we need to fear, it’s the Little Brothers with
which we do business that encroach on our privacy.”

MSNBC: “In November, Microsoft plans to invite other companies to discuss plans
for developing an authentication network based on Kerberos. Assuming that
effort moves forward, users of Web services or corporations that incorporate
the latest version of Kerberos won’t have to sign up for Passport in order to
log on to multiple sites with one user name and password, Muglia said.”

The Register: “Here’s an embarrassing one, security firm Alternative Computer Technology appears to have got
infected with the Nimda virus which not only infects Windows PCs but also sticks itself on Web
servers, so some browsers pick it up automatically when they visit an infected site.”

Kelly McNeill writes: “When the first computer chip design pioneers huddled around in their low-tech, under-financed labs, one of the decisions they had to make was whether to stick in a clock. They needed something that would regulate all the components of the microprocessor in a reliable way, if they were to build something people could depend on. They decided there was no way around it, they had to go with a clock. Design historians say they made the right choice at the time. In any case, chip designers ever since have been trained to design microprocessors to work to the steady, if lightning-fast, beat of a clock. It’s worked great so far. But there will come a time soon when those tiny, oscillating crystals in chips will bump head on into the laws of physics. That’s why a handful of designers today are working on chips free from the constraints of man-made time.”

Mozilla: “Some time ago mozilla.org announced its intent to seek relicensing of Mozilla code under a new licensing scheme that would address perceived incompatibilities of the Mozilla Public
License (MPL) and Netscape Public License (NPL) with the GNU General Public License (GPL). Many people provided useful comments on this proposal, and in particular identified
Mozilla-related license issues that could arise with developers using the GNU Lesser General Public License (LGPL) for their own code.”

LWN’s newest issue is now online, with security, kernel, and distribution updates, plus commentary on the latest Linux news.

ZDNET: “Microsoft is ready to go ahead with the full-scale launch of its new Windows
XP operating system next month, with a major event in New York City as the city
recovers from last week’s attack on the World Trade Center, Chief Executive Steve
Ballmer said Wednesday.

“If New York wants us, I’m sure we’ll want to be there,” said Ballmer, fielding questions from several hundred
software executives at a Chicago Software Association luncheon.”