Server Help

[Grav@work]

German court rules email blocking 'illegal'

By Jan Libbenga
Published Tuesday 18th January 2005 12:27 GMT


Selectively filtering out emails of a specific sender may constitute an offence, the Higher Regional Court (OLG) in Karlsruhe ruled on Monday.

Two years ago a university in Baden-Württemberg blocked the email of a former employee who left after a quarrel with his peers, but continued to stay in touch with scientists and friends.

His former peers decided to filter out every message in which his name was mentioned without informing the ex-employee or his friends.

The Higher Regional Court now has ruled that blocking email by content is unlawful as it is considered confidential in German law. Blocking is only allowed when, say, a viral attack is imminent.

The implications of the ruling aren't yet fully clear. Whether the Higher Regional Court has unintentionally legalised spam (which frequently is filtered by content) remains to be seen. ®

//theregister.com


And they wonder why hitler failed...

[SuSE]

seems reasonable to me

I mean it's just like stealing people's snail mail - you could do serious damage

[CypherJF]

the FBI here just gave up on carnivor e-mail "tapping" software; interesting though.
_________________
Performance is often the art of cheating carefully. - James Gosling

[Dr Brain]

If I read correctly, that only affects centralized filtering of multiple users. And only in Germany, at that.

The FBI may no longer read your email (if cypher's comment is correct), but the NSA probably still does.
_________________
Hyperspace Owner

Smong> so long as 99% deaths feel lame it will always be hyperspace to me

[Gravitron]

PGP^2

[Dr Brain]

Oh, get real.

Do you really think that there is any publicly avalible crypto system that hasn't been broken?

[Mr Ekted]

Public key cryptography (RSA, PGP, etc) has not been broken. It can however be brute-forced given enough computing power--something that I'm sure the NSA is very good at.
_________________
4,691 irradiated haggis!

[Dr Brain]

Yes, brute force is always an option.

Do you think they would announce it if they broke it, though? How can you say for sure that it hasn't been cracked?

[CypherJF]

Is it not law that you must report any encryption routine you "make" to the federal law enforcement agencies for that reason, where the NSA doesn't have to break it, they have it on file? I'm pretty sure there is such a thing like that on the books somewhere.

Anywho...

[Blindmonkey21]

[Mine GO BOOM]

[Bak]

"Cracking" public key cryptography involves being able to factor large numbers(on the order of 2^128 for 128 bit encryption) into their prime factors(which these numbers each only have two of these factors). Factoring is not an easy problem in mathamatics, hence the security of RSA, PGP, and similar systems. If it was broken, it would probably be broken by a mathematician rather than a government agency (unless he or she is working for a government agency).

The ban on non-USA (and possibly their allies) to use encryption that uses a 40 bit or larger key is reassuring that they have not broken public key cryptography (I wonder where the US gets the authority to enforce this sort of law?). If I'm not wrong, I believe it took a distributed network of computers about two years to break 96 (or was it 128?) bit encryption using modern factoring methods, so even if the FBI or NSA has some super computer that was 10000 times faster than a distributed network, increasing the key by 128 bits makes the problem 2^128 times harder.
_________________
SubSpace Discretion: A Third Generation SubSpace Client

[Dr Brain]

The NSA is the biggest employer of mathematicians in the world. So, obviously, if the NSA broke an encryption, it would have been done by a mathematician.

[Gravitron]

www.distributed.net

Were good days doing the RC5 project back at INF.

[Mr Ekted]

Yes, the laws for encryption in the US are really retarded. It is illegal for me to download most freely available encryption source code, embed it into my own application, and release it online without notifying--and in most cases getting permission from--the NSA. This applies to private key >= 56 bits or public key (symmetric) >= 128 bits (when last I looked). The laws are very poorly worded, making it difficult to tell if you need to notify or apply, if your software is considered commercial or mass-market, etc. In some cases you must submit your encryption source code to them for approval.

Do they really think this prevents terrorists from using any encryption they want? All it does is hurts innovation and suppresses the 1st Amendment.

[CypherJF]

I don't think the original intent of the law was to surpress the rights of the developers, and innovators. Rather, more than likely, enacted to help protect the state by having archival of possible encryption routines at their disposal. Though, I have to admit, more recently legislation has begun to irritating such as new legislation before the california house of legislature providing for 1 year jailtime, and/or 2k$ fine for developing and/or distributing peer-to-peer applications. Don't even get me started on it.