[halostatue]

It still is, to an extent: if you have strong enough encryption products, you have to get an export permit for it, even now.

I’ve had to sign ITAR certifications when I’ve worked for U.S.-based companies, and some companies here in Canada have to prevent any Iranian-born employees from working on certain software in order to comply with ITAR (even if those employees are now Canadian citizens).

It’s stupid and I’m glad that I don’t work for those sorts of companies anymore.

[yuhong]

For most "mass market" software, since 2010 all you need is an encryption registration. Before that you had to do a classification request which was a harder and more difficult process. I wonder why this took until 2010 before it was fixed.