A couple of weeks ago, the Electronic Frontier Foundation (EFF), a group very interested in lots of free speech and very little censorship on the Internet, announced that it had easily decoded a message encrypted with the 56-bit DES algorithm. DES is the most popular encryption system in the world and the one the U.S. government prefers we all use because they invented it and know how to break it. And now, apparently, so does the EFF. What does this mean to you and me? Nothing, because Internet nationalism has been dead for a long time -- only our government doesn't realize it.

The Electronic Frontier Foundation is a political -- not a technological -- organization. Their concern is government policy related to high technology, especially policies that might affect free speech. The EFF has long advocated individual rights to send coded messages and fought government policies that attempted to restrict such messages. The EFF also is opposed to censorship of any type, but we'll leave that topic for some other week.

Let me say right up front that I generally agree with the work of the EFF. I just wish they'd be a little clearer about what they really mean. In their July 17th announcement, for example, they said that DES encryption was no longer secure for online transactions. The reason -- they had been able to crack a message coded with 56-bit DES encryption within 56 hours for a cost of less than $250,000. In a world where we give our credit card numbers to call center operators who sometimes are in prison, where every waiter and hotel desk clerk and video rental shop in America can write down our credit card numbers whenever they damn well feel like it, I don't feel any further compromised by some bunch of nerds spending two days and a quarter of a million bucks to share my $1500 credit limit. True, the next time around they'll crack my Visa bill for next to nothing, but it will still take two days and they still won't be able to buy a decent Barcalounger with the proceeds.

I'm not speaking for the EFF now, but my take on this is that they actually have nothing against the DES algorithm itself. They just don't want the U.S. government first mandating its use, rather than some other encryption technique, and then restricting its distribution. Both efforts are bound to fail and are bad for business. So they've cobbled-up this ruse to make the government either believe that DES is useless or to allow it a graceful way out of what has been a really stupid policy. They are hoping the stupid politicians will be convinced and the smart ones will be relieved.

The EFF didn't really "break" DES in the sense that they found some secret backdoor that instantly deciphers what was once indecipherable. Their DES breaker is just a very fast computer designed to try passwords by the billions until it finds one that fits. Forty-bit keys, the kind that are used in exportable encryption, can probably be broken in a few hours. The non-exportable 128-bit encryption used in SSL Web sessions would still take the EFF months or years to crack. My car was once stolen in two minutes by a 14 year-old kid with a screwdriver.

So it's not that DES no longer has value, but that exportable DES -- the 40-bit variety -- has no value. This, of course, relies on the supreme confidence of the U.S. government that the only good encryption is American encryption. The truth is that the very fact that there is an international encryption software market is because of this doltish U.S. policy that dates back well into the Cold War. All those Israeli cryptographers who are selling their very fine encryption software on the world market today can thank the U.S. government for every sale. Rather than making the world safer, U.S. policy is making it less safe.

What's wrong with these people? Two things: They love conspiracies and telling us what to do.

Nearly 20 years ago, I was an investigator for the President's Commission on the Nuclear Accident at Three Mile Island. Midway during our work in that summer of 1979, stories began to appear in the Washington Post and New York Times -- stories about what had happened in the accident and what our final report would say. There was a leak! In came the security consultants, cigar-smoking men with white belts and white shoes. They added armed guards, security cameras, and metal detectors to our offices at 18th and M St. NW, Washington D.C. Still the stories kept coming, so the security consultants talked of building walls or maybe entire buildings within buildings to save our knowledge from the people who were paying us. "Who are we afraid will break in here?" asked the administrator who was writing the checks one day as they inspected my office. "Why the Washington Post!" said the guy with the white belt.

The Washington Post will never have to break into federal offices as long as there are bars in Washington and federal employees who drink in them. The "leak" was not a conspiracy, but a lush -- one guy with a big mouth who couldn't hold his liquor. This is how the news business really works. "Leaks" are drunks, people with grudges, folks who either owe favors to reporters or want reporters to owe them, thrill-seekers who want to make history, and sometimes perfectly normal people who just don't like what's going on at work.

Which brings us to folks who like to tell us what to do. There was a time, back when Ollie North was sending those smug e-mail messages on the PROFS system at the White House and the in thing was to call yourself a "patriot," which meant breaking rules because you felt like it, when this crypto stuff might have made some twisted sense. Then the Cold War ended, administrations changed a couple of times, and everything was supposed to get easier, except it didn't. There is a peculiar disconnect between the Clinton administration's fascination with Silicon Valley and their ultimate acceptance of the idea that censorship and the use of technology by governments to control what people can and can't know isn't good. It's the policy thing, stupid. They seem to feel that there ought to be a policy for everything when that just isn't true. National security is not helped by policies that literally created the Bulgarian crypto industry.

The cryptography export limitations are a joke anyway. IBM awoke one day several years ago and realized its executives were taking hard encryption out of the country in their laptop computers. Afraid it would incur hundreds of thousands of $10,000 fines, IBM asked for a ruling and so it became legal to take your laptop out of the country as long as you brought it back in. How do they enforce that? How do the U.S. officials keep Canadians from exporting hard encryption and why don't they trust the Mexicans given that we're in one happy free trade zone? Finally, what is it that makes us believe even Americans and Canadians can be universally trusted or that alien residents of those countries can be trusted to use DES but not take it home with them?

It's all a cruel joke and the EFF, tired of making the argument I just made, is trying instead to say that the game is over and we might as well just give up. If only it was that easy.

Jumping from a sad story to a happy one, from something that isn't what it seems to something that is even more than it seems, let's look at Jini, Sun Microsystems' code for bringing networking to almost anything. Jini and Java are inextricably linked, so if you don't believe in Java you won't believe in Jini. But Java is suddenly getting a lot better and that is making me a Jini believer.

The simple story here is that Jini is a group of Java classes that will let anything that runs Java talk to anything else with which it has some sort of physical or virtual connection. Think of Jini as DNA that can be injected into a Java-based anything (cellphone, computer, cable box, you name it) and suddenly give it the ability to share data and processing power with every other such device it can find on the net. This isn't going to change your stereo system into a supercomputer, but it is an important step to putting a tiny web server in everything you own. And because of the way Sun will license Jini, it's going to be everywhere very quickly and cheaply with thousands of companies working to extend its capabilities.

This is very exciting stuff. It's the real thing.