Muq Export Mechanics

The theory of operation is very simple: To export Muq source in problematic cases, we do the following:

• Remove every trace of cryptographic code, or even hooks for cryptographic code, from the source. Obviously, this is legal. The result is a fully functional Muq server which simply happens to be totally insecure.
• Export the resulting code. Since it contains nothing whatever problematic, this is legal.
• At the far end, download the missing crypto code from a crypto Free World site. This is done outside the US, and in any event the US laws in question say nothing about importing code, only exporting it, so this is unquestionably legal.
• Recombine the vanilla and crypto code to produce a secure server. This is happening on a single machine without any transport of code whatever being involved, so again there is no question whatever of violating export laws.

The practical procedure is equally simple:

• Run the 'muq/bin/muq-exportable' script. This will remove every trace of problematic code from the server, and put it in a file muq-crypto-src.tar.gz, which you may simply delete. (If you've made modifications to this part of the code, you'll have to do what I did: Print it out on hard copy, transport it to a crypto Free World country such as Finland or Switzerland, and type it in again there.)
• If you are moving your machine physically, you can now just up and move it. If you are moving the source code electronically, use the muq/bin/muq-src-tar script to produce a compressed tar archive. (You'll likely want to run muq/bin/muq-distclean first.) This file is exportable as sea salt, unless the secret laws have been tweaked yet again in some unpredictable way.
• Unpack the above tarfile in your home directory on the destination machine.
• Download a copy of muq-crypto-src.tar.gz from some Free World site such as ftp://ftp.cistron.nl/pub/people/cynbe/.
• Unpack muq-crypto-src.tar.gz in your home directory.
• That's it! The muq-crypto-src.tar.gz unpack will overwrite the insecure parts of the Muq source code with secure versions, and you are ready to compile and run.

Caveat: Be careful not to accidentally try compiling and running the insecure Muq server version in a network of secure Muq servers. The result will probably be obscure failures with unhelpful diagnostics. This is unfortunately legally required, as far as I can see: Any code specifically designed to detect this would count as 'hooks for encryption' and by the spooks' interpretations of their powers would land me in jail. Think of it as your tax dollars at work.

Go to the first, previous, next, last section, table of contents.