6.4.1. corporations are becoming increasingly concerned about interception of important information-or even seemingly minor information-and about hackers and other intruders - calls for network security enhancement - they are hiring "tiger teams" to beef up security + cellular phones - interceptions are common (and this is becoming publicized) - modifications to commercial scanners are describe in newsletters - something like Lotus Notes may be a main substrate for the effective introduction of crypto methods (ditto for hypertext) 6.4.2. Corporate Espionage (or "Business Research") + Xeroxing of documents - recall the way Murrray Woods inspected files of Fred Buch, suspecting he had removed the staples and Xeroxed the documents for Zilog (circa late 1977) - a precedent: shapes of staples + colors of the paper and ink...blues, for example - but these low-tech schemes are easy to circumvent + Will corporations crack down on use of modems? + after all, the specs of a chip or product could be mailed out of the company using the companies own networks! - applies to outgoing letters as well (and I've never heard of any company inspecting to this detail, though it may happen at defense contractors) + and messages can still be hidden (covert channels) - albeit at much lower bandwidths and with more effort required (it'll stop the casual leakage of information) - the LSB method (though this still involves a digital storage means, e.g., a diskette, which might be restricted) - various other schemes: buried in word processing format (at low bandwidth) - subtleties such as covert channels are not even considered by corporations-too many leakage paths! + it seems likely that government workers with security clearances will face restrictions on their access to AMIX- like systems, or even to "private" use of conventional databases - at least when they use UseNet, the argument will go, they can be overseen to some extent + Offsite storage and access of stolen material + instead of storing stolen blueprints and schematics on company premises, they may be stored at a remote location - possiby unknown to the company, via cryptoanarchy techniques + "Business research" is the euphemism for corporate espionage - often hiring ex-DIA and CIA agents + American companies may step up their economic espionage once it is revealed just how extensive the spying by European and Japanese companies has been - Chobetsu reports to MITI - Mossad aids Israeli companies, e.g., Elscint. Elbit + Bidzos calls this "a digital Pearl Harbor" (attacks on network security) - would be ironic if weaknesses put into encryption gear came back to haunt us + corporations will want an arms length relationship with corporate spies, to protect themselves against lawsuits, criminal charges, etc. - third party research agencies will be used 6.4.3. Encryption to Protect Information - the standard reason + encryption of e-mail is increasing - the various court cases about employers reading ostensibly private e-mail will sharpen this debate (and raise the issue of employers forbidding encryption; resonances with the mostly-settled issue of reasonable use of company phones for private calls-more efficient to let some personal calls be made than to lose the time of employees going to public phones) + encryption of faxes will increase, too, especially as technology advances and as the dangers of interception become more apparent - also, tighter links between sender and receive, as opposed to the current "dial the number and hope it's the right one" approach, will encourage the additional use of encryption - "electronic vaulting" of large amounts of information, sent over T1 and T3 data networks, e.g., backup material for banks and large corporations + the miles and miles of network wiring within a corporation-LANs, WANs, Novell, Ethernet, TCP-IP, Banyan, and so on-cannot all be checked for taps...who would even have the records to know if some particular wire is going where it should? (so many undocumented hookups, lost records, ad hoc connections, etc.) - the solution is to have point-to-point encryption, even withing corporations (for important items, at least) - wireless LANs - encryption provides "solidity" to cyberspace, in the sense of creating walls, doors, permanent structures - there may even be legal requirements for better security over documents, patient files, employee records, etc. 6.4.4. U.S. willing to seize assets as they pass through U.S. (Haiti, Iraq) 6.4.5. Privacy of research - attacks on tobacco companies, demanding their private research documents be turned over to the FDA (because tobacco is 'fair game" for all such attacks, ...) 6.4.6. Using crypto-mediated business to bypass "deep pockets" liability suits, abuse of regulations, of the court system, etc. + Abuses of Lawsuits: the trend of massive judgments...several million for a woman burned when she spilled hot coffee at a MacDonald's ($160K for damages, the rest for "punitive damages") - billions of dollars for various jury decisions - "deep pockets" lawsuits are a new form of populism, of de Tocqueville's pocket-picking + For example, a shareware author might collect digital cash without being traceable by those who feel wronged - Is this "right"? Well , what does the contract say? If the customer bought or used the product knowing that the author/seller was untraceable, and that no additional warranties or guarantees were given, what fraud was committed? + crypto can, with some costs, take interactions out of the reach of courts - replacing the courts with PPL-style private-produced justice 6.4.7. on anonymous communication and corporations - Most corporations will avoid anonymous communications, fearing the repercussions, the illegality (vis-a-vis antitrust law), and the "unwholesomeness" of it + Some may use it to access competitor intelligence, offshore data havens, etc. - Even here, probably through "arm's length" relationships with outside consultants, analogous to the cutouts used by the CIA and whatnot to insulate themselves from charges - Boldest of all will be the "crypto-zaibatsu" that use strong crypto of the crypto anarchy flavor to arrange collusive deals, to remove competitors via force, and to generally pursue the "darker side of the force," to coin a phrase.
Next Page: 6.5 Digital Signatures
Previous Page: 6.3 General Uses of and Reasons for Crypto
By Tim May, see README
HTML by Jonathan Rochkind