On 06/28/2013 04:00 PM, John Gilmore wrote: > Let's try some speculation about what this phrase, > "fabricating digital keys", might mean.
Here's one hypothesis to consider. a) The so-called "digital key" was not any sort of decryption key. b) The files were available on the NSA machines in the clear. c) The files were protected only by something like the Unix file protection mechanism ... or the SELinux Mandatory Access Controls. d) The "digital key" might have been not much more than a userID and password, plus maybe a dongle, allowing him to log in as a shadow member of some group that was supposed to have access to the files. =============== Crypto is great for protecting stuff while it is being transmitted or being stored offline ... but when the stuff is in active use, the temptation is to make a cleartext working copy. Then anybody who can attach a thumb drive and can get past the access controls can grab whatever he wants. It is against NSA policy to attach a thumb drive. I betcha some folks really want to know how he did that without getting caught. _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography