steve@apollo.cfht.hawaii.edu (Steven Smith) (07/31/90)
So why does running the crypt command produce the following message: "This command is not available."? Yes, I read the FM, and it lamely proclaims: "The decryption facilities provided by this software are under control of the United States Government and cannot be exported without special licenses. These capabilities are only available by special arrangement through HP." What kind of chowder-headed BS is this? It's not like the commies couldn't have gotten it 57 zillion time in the past. (And still can from a "standard" Unix implementation, read SunOS) Let alone the fact that there are DES algorithms (and *code*) floating around ?! Just how am I supposed to keep my prying sysadm from reading all my files? (nevermind that he is me). Or decrypt all those things I crypted with an earlier version of the OS? Is this only happening to me because I work at Canada-France-Hawaii Telescope Corp (a non-profit US company, with a foreign sounding name)? snarl, (but not at you ;-) steve -- Steven S. Smith Canada-France-Hawaii Telescope Corp. steve@cfht.hawaii.edu
wayne@dsndata.uucp (Wayne Schlitt) (07/31/90)
In article <STEVE.90Jul30153405@apollo.cfht.hawaii.edu> steve@apollo.cfht.hawaii.edu (Steven Smith) writes: > > > So why does running the crypt command produce the following message: > "This command is not available."? > its to remind you not to use the crypt command because you can break the encryption fairly easily by using the crypt-breakers-workbench. (available at any source archive near you... 1/2 :-) > > Just how am I supposed to keep my prying sysadm from reading all my files? > (nevermind that he is me). to keep prying sysadmins from reading your files, use one of the good des encryption programs available at a source archive near you. > [ ... ] Or decrypt all those things I crypted > with an earlier version of the OS? umm... you can either restore the crypt command from a backup, get someone else with the crypt command to decript it for you, or get the crypt-breakers-workbench... > > Is this only happening to me because I work at Canada-France-Hawaii Telescope > Corp (a non-profit US company, with a foreign sounding name)? > no, we dont have it either.... -wayne
guy@auspex.auspex.com (Guy Harris) (08/01/90)
>What kind of chowder-headed BS is this? It's not like the >commies couldn't have gotten it 57 zillion time in the past. You're dealing with government bureaucrats; chowder-headed BS is their specialty. I mean, really, it's based on a frigging *German* encryption machine, which was broken by the *British* during WW2... but no, it's *encryption technology*, which means it's *munitions*, so you have to screw around with export licenses. >(And still can from a "standard" Unix implementation, read SunOS) Sun doesn't ship that stuff abroad, either.... >Is this only happening to me because I work at Canada-France-Hawaii Telescope >Corp (a non-profit US company, with a foreign sounding name)? Could be. You might want to check whether you got a domestic HP-UX release....
mlight@hp-ptp.HP.COM (Mike Light) (08/01/90)
>So why does running the crypt command produce the following message: >"This command is not available."? Technically speaking, because it uses puts(3C) to do so. :-) >Yes, I read the FM, and it lamely proclaims: >"The decryption facilities provided by this software are >under control of the United States Government and cannot be >exported without special licenses. These capabilities are >only available by special arrangement through HP." HP is a multi-national company, and has taken a conservative step to insure that HP company cannot be accused of espionage by our dear U.S. government. By requiring all customers to apply for crypt(), HP can attempt to show its good faith in "protecting U.S. intellectual property". >What kind of chowder-headed BS is this? It is the "natural evolution" produced by U.S. government laws. >It's not like the >commies couldn't have gotten it 57 zillion time in the past. >(And still can from a "standard" Unix implementation, read SunOS) Perhaps Sun does not try to handle international markets directly? (beats me - I haven't looked at their marketing department). >Is this only happening to me because I work at Canada-France-Hawaii Telescope >Corp (a non-profit US company, with a foreign sounding name)? Nope - it's S.O.P. for all of our customers. >snarl, (but not at you ;-) >steve No problem. Chances are, your friendly S.E. can probably deliver a crypt() for you. "No charge" I hope. ----------------------------------------------------------------------- Mike Light HP Industrial Applications Center - mlight@hpiala9.HP.COM -----------------------------------------------------------------------
sartin@hplabsz.HPL.HP.COM (Rob Sartin) (08/01/90)
In article <STEVE.90Jul30153405@apollo.cfht.hawaii.edu> steve@apollo.cfht.hawaii.edu (Steven Smith) writes: >So why does running the crypt command produce the following message: >"This command is not available."? The US Government, in its infinite wisdom, has decided that "crypt" is sensitive munitions. We aren't allowed to export it. HP's solution is to make one release tape that doesn't have the real crypt and ship that to all customers. I believe that US customers *might* be able to get crypt through support channels. >Let alone the fact that there are DES algorithms (and *code*) floating >around ?! Crypt is not DES, it is far weaker. It's a lousy tool anyway. If you don't believe it, try looking at cbw, the Crypt Breakers Workbench, from comp.sources.unix. Disclaimer: If HP had an official net.spokesman, it certainly wouldn't be me. Rob
rjn@hpfcso.HP.COM (Bob Niland) (08/01/90)
re: > "This command is not available."? > "The decryption facilities provided by this software are under control of > the United States Government and cannot be exported without special > licenses. These capabilities are only available by special arrangement > through HP." > What kind of chowder-headed BS is this? Official U.S. Goverment-required chowder-headed BS. > It's not like the commies couldn't have gotten it 57 zillion times... True, and they probably have that many round of small arms ammo, but both "crypt" and the ammo are classified as "munitions" (I kid you not), and we can't export them without a special license. Since we decided not to have an "export" version of HP-UX, nobody gets "crypt" in the product. Sorry. If you are a genuine loyal Amuricun, contact your Hewlett-Packard SE, SR or CE. They can obtain crypt for you through official channels. > (And still can from a "standard" Unix implementation, read SunOS) If SUN is routinely shipping crypt in export versions of SunOS, they are skating on thin ice. Many years ago, we debated long and hard about this within HP, and decided to err on the side of caution. > Let alone the fact that there are DES algorithms (and *code*) floating > around ?! By restricting all implementations of algorithms more sophisticated than Cap'n Midnight decoder rings, our ever-vigilant NSA presumably keeps everyone guessing about which schemes are worth using. Regards, Hewlett-Packard Bob Niland Internet: rjn@hpfcrjn.FC.HP.COM 3404 East Harmony Road UUCP: [hplabs|hpfcse]!hpfcrjn!rjn Ft Collins CO 80525-9599
donn@hpfcdc.HP.COM (Donn Terry) (08/01/90)
Bob is absolutely correct: crypt is a munition according to the gummnt. (The rules are made by the same guys who would rather the US didn't export buttons, because the <enemy du jour> soldiers would be less effective if they had to use one hand to hold up their pants. (I didn't make that one up; it came from the folks actually talking to NSA and D of Commerce!)). (That software is easier to replicate than buttons didn't faze them.) We go thru this same issue about every six months because it clearly doesn't make any sense, but those are the rules. (We also check up on it when we hear rumors that the rules might have changed; to our knowledge those all have been unsubstantiated rumors.) AT&T follows (last I was aware) the same rules with their source products, but they do have separate domestic and international products; when you order the domestic you get a useful version of crypt source. (I don't know what their object products do.) Also, as Bob says, you can get it from your local HP support folks; if they say "Huh?", have them contact SE support. Donn Terry HP Ft. Collins
guy@auspex.auspex.com (Guy Harris) (08/03/90)
>If SUN is routinely shipping crypt in export versions of SunOS, they are >skating on thin ice. They're not (it's "Sun", not "SUN", BTW). Prior to SunOS 4.1, there were domestic and international distributions (except maybe in *very* early releases, before this "munitions" nonsense was widely known; back then, I think almost *everybody* shipped those Top Secret Deadly Munitions abroad); in 4.1, there's one distribution, without the encryption stuff, plus a US-only add-on tape with the encryption stuff.
bd@hpopd.HP.COM (Bob Desinger) (08/14/90)
> Yes, I read the FM, and it lamely proclaims: [etc.] Complain to your congressperson. The encryption algorithm is classified as a munition (!) by the US Government, from what I hear. > Just how am I supposed to keep my prying sysadm from reading all my files? Go to your local library and check out the issue of Computer Language that published the implementation of crypt or DES or whatever it was, and type in the code. Or copy Stroustrup's simple encryption code from his C++ book. > Or decrypt all those things I crypted > with an earlier version of the OS? Get out your backup tapes from the previous version and see if you can restore and run the old crypt. I don't know if that would qualify you for arrest by the FBI or something, so on second thought maybe you better just leave those backup tapes alone. Maybe the real problem is that you're lulling yourself into a false sense of security by keeping confidential material on a computer. I'm not speaking for HP. No warranties or merchantability or fitness for any particular purpose and all that. -- bd