Cryptography export policy
See also TBTF for 2000-02-06, 1999-10-05, 08-30, 08-23, 08-16, 07-26, 05-22, 05-08, 04-21, 03-01, 01-26, more...
Now refugees can email in safety from Internet cafes
Hush Communications has quietly begun beta testing a significant development in email privacy. HushMail  works like Hotmail or Rocketmail -- you can set up multiple free accounts and access them from any Web browser anywhere -- but when you email another HushMail user your communication is protected by unbreakable encryption. The crypto, implemented in a downloadable Java applet, was developed outside of US borders and so has no export limitations.
HushMail public and private keys are 1024 bits long, and are stored on a server located in Canada. All information sent between the HushApplet and the HushMail server is encrypted via the Blowfish symmetric 128-bit algorithm. The key to this symmetric pipe is randomly generated each session by the server and is transferred to the client machine over a secure SSL connection. When I posted news of HushMail to the Cryptography list, the moderator questioned the wisdom of storing keys on a remote server, and several posters (none from Hush) have provided the rationale. You can follow the discussion here .
When you sign on as a new user you can choose an anonymous account or an identifiable one. For the latter you have to fill out a demographic profile, to make you more attractive (in the aggregate) to HushMail's advertisers. The HushApplet walks you through generating a public-private key-pair. The process is fun and slick as a smelt. You need to come up with a secure pass-phrase, and in this process HushMail gives only minimal guidance. You might want to visit Arnold Reinhold's Diceware page , which lays out a foolproof passphrase protocol utilizing a pair of dice.
HushMail relies heavily on Java (JVM 1.1.5 or higher), so it can only be used with the latest browsers. For Netscape, version 4.5 or 4.6 is best; the earliest workable version is 4.04, and some features don't work before 4.07. For Internet Explorer, 4.5 is recommended, but the latest Windows release of IE 4.0 (sub-version 4.72.3110) works as well. Red Hat Linux version 5.2 is also tested and supported. Unfortunately, HushMail does not work on Macintoshes, due to limitations in Apple's Java implementation. (Mac users can crawl HushMail under Connectix Virtual PC. Note that I don't say "run." I've tried this interpretation-under-emulation and do not recommend it.) The company is trying urgently to connect with the right people at Apple to get this situation remedied.
One of the limitations of this early release of HushMail is that encryption can only be used to and from another HushMail account. It is not currently possible to export your public/private key-pair, to set up automatic forwarding of mail sent to a HushMail account, or to import non-Hush public keys. I spoke with Cliff Baltzley, Hush's CEO and chief technical wizard. He stresses that Hush's desire and intention is to move toward interoperability with other players in the crypto world, such as PGP and S/MIME. The obstacles to doing so are the constraints on technical resources (read: offshore crypto programmers) and legal questions of intellectual property. Baltzley believes that HushMail's positive impact on privacy worldwide will be enhanced by maximizing the product's openness.
Domain name policy
See also TBTF for 2000-04-19, 03-31, 1999-12-16, 10-05, 08-30, 08-16, 07-26, 07-19, 07-08, 06-14, 05-22, more...
Diverse critics voice concern about the organization's sewardship of domain names
Complaints are building about the way ICANN, the organization tasked with guiding Internet naming and numbering from government to private oversight, is pursuing its charter. This Telepolis article  summarizes some of the concerns. Here are three separate controversies that have arisen in recent days in advance of ICANN's next meeting in Berlin, scheduled for 26 May.
EU reverses course, won't ban caching
TBTF for 1999-03-26  reported on an EU proposal, backed by music copyright interests, that would have banned caching of Internet data in Europe. On 13 May the EU inserted a critical nine-word amendment into the Report on Copyright in the Information Society that appears to lift the threat of imminent European Internet molasses. The amendment reads: "...including those which facilitate effective functioning of transmission systems..." .
EU passes mandatory Net wiretap regulation
TBTF for 1999-05-08  noted the European movement towards a US CALEA-style requirement. With little scrutiny and in a nearly empty chamber on a Friday afternoon, the European Parliament passed a regulation that would require European ISPs to provide full real-time access to law enforcement for Internet, telephony, and wireless traffic, with the cost to be borne by ISPs and other communications carriers .
The civilization to the north shows us how it should be done
The minister of the Canadian Radio-television and Telecommunications Commission, equivalent to the US FCC, announced that CRTC will not regulate new media over the Internet . Francoise Bertrand's message was so sensible and straightforward as to make grown men weep in such benighted backwaters as the US, Australia , and the European Union. "By not regulating, we hope to support the growth of new media services in Canada," said Bertrand. "Our message is clear. We are not regulating any portion of the Internet."
NSI still claims ownership of the Whois database, and acts like it
Esther Dyson is the chair of ICANN, the entity chartered with moving control of Internet naming and numbering out from under the purview of the US government. Dave Winer interviewed her by email  and here is what she has to say about competition in the granting of domain names.
Here is an interview  with the CEO of another of the new registrars, Register.com. He is all understated discretion.
Open source software and the Linux OS
See also TBTF for 1999-08-16, 05-22, 03-26, 02-15, 02-01, 1998-11-17, 11-11, 11-03, 10-27, 10-12, 08-31, more...
David Sklar reports from what has become a Big Show
For the second year, David Sklar <sklar at student dot net> is
feeding TBTF readers color commentary from Linux Expo in Raleigh,
NC, USA. This report was filed Friday 21 May at 14:16 EDT (-0400).
The show is definitely much bigger and snazzier than last year -- the location (Raleigh Convention Ctr. vs. Duke's campus) is a big part plus the exhibitors -- a huge booth from IBM (with some really comfy super-plush carpeting) plus HP, Compaq, Oracle, etc. Curiously, Sun only has a little booth on the fringes of the room. Lots of cool freebies and giveaways in the exhibit hall. I think the coolest are the lollipops that LinuxCare is giving away -- they have a real cricket inside them. I think the LinuxCare line about them is something like These are open source lollipops -- you can see the bugs.
My favorite part so far was the technical keynote from Jim Gettys yesterday. He talked mostly about design decisions in [the X Window System] and how they can help promote GUI standardization today. Towards the beginning, he mentioned that a particular feature in some window managers enables easy ways to abstract input devices and showed a 7-year old (but still supercool) video demo using voice input to X. Miguel DeIcaza, the GNOME guy, was sitting in the front row and yelled out that GNOME would have the feature that Jim was talking about "by tomorrow." Shortly before Jim finished his talk, the GNOME guys interrupted to say that they had added the feature while he was talking. Jim laughed and said that he had been bugging them for a month and a half to add it, and Miguel replied, to much laughter, that it was the video that really convinced him.
Tonight is the Linux Bowl trivia challenge, which should be fun.
Global warming is cooling and shrinking the upper atmosphere
Lloyd Wood, satellite maven, forwarded this bit from the New Scientist . As the lower atmosphere heats due to the greenhouse effects caused by human activity, the upper layers of the atmosphere cool down. This is happening at a rate far faster than had been predicted 10 years ago. The cooling in the stratosphere contributes directly to the ozone hole over Antartica, and is expected to open up a similar hole over the Arctic any year now; Greenland and northern Europe will bear the brunt of the effects of the increased solar radiation reaching the earth's surface. As the upper atmosphere cools it shrinks, many satellites orbiting in the layer known as the thermosphere, above 90 km, will find themselves registering less air resistance as the atmosphere literally falls away below them. This effect will throw off current calculations of satellite longevity in orbit.
TBTF home and archive at http://tbtf.com/ . To subscribe send the the message "subscribe" to email@example.com. TBTF is Copyright 1994-1999 by Keith Dawson, <dawson dot tbtf at gmail dot com>. Commercial use pro- hibited. For non-commercial purposes please forward, post, and link as you see fit. _______________________________________________ Keith Dawson dawson dot tbtf at gmail dot com Layer of ash separates morning and evening milk.