| 1 | .. -*- coding: utf-8-with-signature -*- |
|---|
| 2 | |
|---|
| 3 | Statement on Backdoors |
|---|
| 4 | ====================== |
|---|
| 5 | |
|---|
| 6 | October 5, 2010 |
|---|
| 7 | |
|---|
| 8 | The New York Times has `recently reported`_ that the current |
|---|
| 9 | U.S. administration is proposing a bill that would apparently, if passed, |
|---|
| 10 | require communication systems to facilitate government wiretapping and access |
|---|
| 11 | to encrypted data. |
|---|
| 12 | |
|---|
| 13 | (login required; username/password pairs available at `bugmenot`_). |
|---|
| 14 | |
|---|
| 15 | .. _recently reported: https://www.nytimes.com/2010/09/27/us/27wiretap.html |
|---|
| 16 | .. _bugmenot: http://www.bugmenot.com/view/nytimes.com |
|---|
| 17 | |
|---|
| 18 | Commentary by the `Electronic Frontier Foundation`_, `Peter Suderman / |
|---|
| 19 | Reason`_, `Julian Sanchez / Cato Institute`_. |
|---|
| 20 | |
|---|
| 21 | .. _Electronic Frontier Foundation: https://www.eff.org/deeplinks/2010/09/government-seeks |
|---|
| 22 | .. _Peter Suderman / Reason: http://reason.com/blog/2010/09/27/obama-administration-frustrate |
|---|
| 23 | .. _Julian Sanchez / Cato Institute: http://www.cato-at-liberty.org/designing-an-insecure-internet/ |
|---|
| 24 | |
|---|
| 25 | The core Tahoe developers promise never to change Tahoe-LAFS to facilitate |
|---|
| 26 | government access to data stored or transmitted by it. Even if it were |
|---|
| 27 | desirable to facilitate such access -- which it is not -- we believe it would |
|---|
| 28 | not be technically feasible to do so without severely compromising |
|---|
| 29 | Tahoe-LAFS' security against other attackers. There have been many examples |
|---|
| 30 | in which backdoors intended for use by government have introduced |
|---|
| 31 | vulnerabilities exploitable by other parties (a notable example being the |
|---|
| 32 | Greek cellphone eavesdropping scandal in 2004/5). RFCs `1984`_ and `2804`_ |
|---|
| 33 | elaborate on the security case against such backdoors. |
|---|
| 34 | |
|---|
| 35 | .. _1984: https://tools.ietf.org/html/rfc1984 |
|---|
| 36 | .. _2804: https://tools.ietf.org/html/rfc2804 |
|---|
| 37 | |
|---|
| 38 | Note that since Tahoe-LAFS is open-source software, forks by people other |
|---|
| 39 | than the current core developers are possible. In that event, we would try to |
|---|
| 40 | persuade any such forks to adopt a similar policy. |
|---|
| 41 | |
|---|
| 42 | The following Tahoe-LAFS developers agree with this statement: |
|---|
| 43 | |
|---|
| 44 | David-Sarah Hopwood [Daira Hopwood] |
|---|
| 45 | |
|---|
| 46 | Zooko Wilcox-O'Hearn |
|---|
| 47 | |
|---|
| 48 | Brian Warner |
|---|
| 49 | |
|---|
| 50 | Kevan Carstensen |
|---|
| 51 | |
|---|
| 52 | Frédéric Marti |
|---|
| 53 | |
|---|
| 54 | Jack Lloyd |
|---|
| 55 | |
|---|
| 56 | François Deppierraz |
|---|
| 57 | |
|---|
| 58 | Yu Xue |
|---|
| 59 | |
|---|
| 60 | Marc Tooley |
|---|
| 61 | |
|---|
| 62 | Peter Secor |
|---|
| 63 | |
|---|
| 64 | Shawn Willden |
|---|
| 65 | |
|---|
| 66 | Terrell Russell |
|---|
| 67 | |
|---|
| 68 | Jean-Paul Calderone |
|---|
| 69 | |
|---|
| 70 | meejah |
|---|
| 71 | |
|---|
| 72 | Sajith Sasidharan |
|---|
