At 5:09 PM -0500 2/11/2000, Dan Geer wrote:
>I agree with Peter and Arnold; in fact, I am convinced that
>as of this date, there are only two areas where national
>agencies have a lead over the private/international sector,
>namely one-time-pad deployment and traffic analysis. Of those,
>I would place a bet that only traffic analysis will remain an
>area of sustainable lead, that traffic analysis is the only
>area where commercial interests will not naturally marshall
>the resources to threaten the lead of the national agencies.
>
>--dan
Um, I think you are agreeing with something Peter attributes to me,
but [EMAIL PROTECTED] actually wrote. (C'mon Peter, I know it's summer
down there, but...). That said, here is my list of areas where I
think national agencies will enjoy a lead for some time to come:
1. Traffic analysis (as habs points out.)
2. Monitoring vast amounts of unclassified conversations and gleaning
intelligence from them
3. Exploiting the large amount of weak encryption that is already out there.
4. Black bag jobs to plant bugs and steal keys. The NY Times quoted a
source who said that the average jewelry store has better security
than most foreign consulates. How many of you know for sure where
your laptop spent last Thursday night?
5. Transmitting viruses and Trojan horses over networks to capture
and leak keys or plaintext. (infowar)
6. Exploiting Tempest
7. Getting large chip and software manufacturers to incorporate
exploitable hooks.
8. Penetrating secret organizations by bribes, brutality and
blackmail (think of all those usenet alt.sex.whatever messages saved
away for later use.)
9. Storing vast quantities of intercepted ciphertext so that they can
exploit any crack retrospectively.
10. Exploiting technological breakthroughs: quantum computing, better
factoring algorithms,... if and when they happen.
11. Exploiting small time screw ups like weak passwords, failure to
log off terminals, inadequately erased media, poorly designed
protocols, etc.
12. Waiting patiently for big time screw ups like Nikita Kruschchev's
gabbing on an unclassified car phone or John Deutch's using the same
laptop to store Top Secret reports and access the Internet from home.
In spite of strong encryption, the explosive growth of computing
power and the ubiquity of digital communication may make the 21st
century the golden age of SIGINT.
Arnold Reinhold
