SSSCA = Digital Rectal Thermometer Security Act ?
Nexus
nexus at patrol.i-way.co.uk
Tue, 11 Sep 2001 11:03:12 +0100
Ron Rivest has some interesting comments on this :
----- Original Message -----
From: "InfoSec News" <isn@c4i.org>
To: <isn@attrition.org>
Sent: Tuesday, September 11, 2001 7:08 AM
Subject: [ISN] SSSCA = Digital Rectal Thermometer Security Act ?
> ---------- Forwarded message ----------
> Date: Mon, 10 Sep 2001 00:55:51 -0400
> From: Ronald L. Rivest <rivest@mit.edu>
> To: cryptography@wasabisystems.com, farber@cis.upenn.edu
> Subject: SSSCA = Digital Rectal Thermometer Security Act ?
>
> Hi all --
>
> I just sat down and read the proposed text of the Holling's SSSCA bill.
> http://cryptome.org/sssca.htm
> Boy is this bill breathtaking in its breadth! I have tried to understand
> its language. It says in Section 101:
>
> "It is unlawful to manufacture, import, offer to the public, provide
> or otherwise traffic in any interactive digital device that does not
> include and utilize certified security technologies that adhere to
> the security systems standards adopted under section 104."
>
> and says in Section 109:
>
> "The term "interactive digital device" means any machine, device,
> product, software, or technology, whether or not included with or as
> part of some other machine, device, product, software, or technology,
> that is designed, marketed or used for the primary purpose of, and
> that is capable of, storing, retrieving, processing, performing,
> transmitting, receiving, or copying information in digital form."
>
> Putting 2+2 together, we see that essentially all digital devices and
> software will have to have "certified security technologies" in them.
> Anything that works primarily with digital data is covered.
>
> My feeble brain came up with the following list of things that would
> have to be secured. I'm sure you can think of lots more.
> -- All bar-code scanners
> -- All computer-controlled ignition systems
> -- All metro ticket readers
> -- All digital watches and calculators
> -- All ATM machines
> -- All digital cellular phones
> -- All digital answering machines
> -- All GPS receivers
> -- All sports scoreboards and the marquee signs in Times Square
> -- All electronic parking meters
> -- Almost all lab equipment (everything is digital these days)
> -- All software, for sure
> -- All digital cameras and digital movie cameras
> -- All PC's and game consoles
> -- All remote key-entry systems and most home security systems
> -- All stop-light controllers
> Well, I should leave some of the fun to you. But of course
> my favorite should be listed:
> -- All digital rectal thermometers
>
> Presumably some staffers will try to rescue this
> laughable (albeit a bit scary) lobbyist-written proposal.
> Of course, just letting the bill die is probably best. But if
> they want to fix things, they should consider adding language
> that makes it ILLEGAL to sell copy-protection technology
> that doesn't permit at least
>
> -- fair use, including time-shifting and making a reasonable
> number of copies for personal or educational use, or
> for backups,
>
> -- free use of a copyrighted item once the copyright has
> expired
>
> (This list should be expanded.)
>
> But in any case, making any security technology *mandatory* on all
> digital devices and computers is clearly a non-starter. Why, we'd
probably
> have to close down all the country's computer science departments
> (can't have these kids making unsecured devices, you know, even if
> it is their homework assignment to build a computer...)
>
> Cheers,
> Ron Rivest
>
>
>
> Ronald L. Rivest
> Room 324, 200 Technology Square, Cambridge MA 02139
> Tel 617-253-5880, Fax 617-258-9738, Email <rivest@mit.edu>
>
>
>
>
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to
majordomo@wasabisystems.com
>
>
>
> -
> ISN is currently hosted by Attrition.org
>
> To unsubscribe email majordomo@attrition.org with 'unsubscribe isn' in the
BODY
> of the mail.
>