[cryptography] Tahoe-LAFS developers' statement on backdoors

Randall rvh40 at insightbb.com
Wed Oct 6 23:35:08 EDT 2010

> On Oct 6, 2010, at 11:04 PM, silky wrote:
>> On Thu, Oct 7, 2010 at 11:27 AM, Randall Webmail  
>> <rvh40 at insightbb.com> wrote:
>>> From: silky <michaelslists at gmail.com>
>>>>> The core Tahoe developers promise never to change Tahoe-LAFS to
>>>>> facilitate government access to data stored or transmitted by
>>>> it. Even
>>>>> if it were desirable to facilitate such access—which it is not—we
>>>>> believe it would not be technically feasible to do so without
>>>> severely> compromising Tahoe-LAFS' security against other
>>>> attackers. [...]
>>>> How will you stand by this if it becomes illegal not to comply  
>>>> though?
>>> The USG can come down on PKZIP Inc, but how are they going to  
>>> harass an Open Source project?   (Especially one with no  
>>> particular Home Office or Agent For Service of Process)?
>> Eh? I don't see why the project being "Open Source" has any  
>> relevancy.
>> If it's not based in America, then I agree I don't understand the law
>> there (but then I also don't understand why Zooko would make any
>> statement at all, if the whole thing was irrelevant for him).
> The USG says it wants to have back doors into all encryption  
> programs.  They could have put Phil Zimmerman in prison and  
> bankrupted PKZIP, Inc. if they liked - but what leverage do they  
> have against an Open Source project, which by its very nature has  
> no domicile and no developer (like Phil) against whom to apply  
> coercion?
> NO ONE PERSON owns or controls Tahoe-LAFS.  What if a few mooks  
> visit Zooko and say "Nice little Open Source project you got here.  
> Be a shame if anything was to happen to it ..."
> Like that's going to get a USG Back Door into Tahoe-LFAS?
>> I'm just trying to understand the level of commitment this statement
>> belies. What happens when a given project refuses to comply with what
>> may be *law*? Jail? I don't know. Intrigued to understand the
>> ramifications.
> Unless ALL of the Tahoe-LFAS developers are subject to USG  
> jurisdiction and/or coercion and NOBODY who views the OPEN SOURCE  
> code notices the USG back door, there ain't gonna be a back door  
> into Tahoe-LFAS.

More information about the cryptography mailing list