On Thu, Mar 28, 2013 at 7:24 PM, Kevin W. Wall <[email protected]> wrote: > On Thu, Mar 28, 2013 at 7:27 PM, Jon Callas <[email protected]> wrote: >> [Rational response elided.] > > All excellent, well articulated points. I guess that means that > RSA Security is an insane company then since that's > pretty much what they did with the SecurID seeds. Inevitably, > it cost them a boatload too. We can only hope that Apple > and others learn from these mistakes.
RSA did it for plausible, reasonable (if wrong) ostensible reasons not related to LEA. > OTOH, if Apple thought they could make a hefty profit by There is zero chance Apple would be backdooring anything for profit considering the enormity of the risk they would be taking. If they do it at all it's because they've been given no choice (ditto their competitors). > selling to LEAs or "friendly" governments, that might change > the equation enough to tempt them. Of course that's doubtful > though, but stranger things have happened. This the tin-foil response. But note that the more examples of bad-idea backdoors, the less confidence we can have in the rational argument, and the more the tin-foil argument becomes the rational one. In the worst case scenario we can't trust much of anything and we can't open-code everything either. But in the worst case scenario we're also mightily vulnerable to attack from bad guys. Let us hope that there are enough rational people at or alongside LEAs to temper the would-be arm-twisters that surely must exist within those LEAs. Nico -- _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
