On Apr 4, 2013, at 4:51 PM, ianG <[email protected]> wrote:
> On 4/04/13 21:43 PM, Jon Callas wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>>
>> On Apr 4, 2013, at 6:27 AM, ianG <[email protected]> wrote:
>>
>>> In a project similar to Wikileaks, ICIJ comments on tools it used to secure
>>> its team-based project work:
>>>
>>> "ICIJ’s team of 86 investigative journalists from 46 countries
>>> represents one of the biggest cross-border investigative partnerships in
>>> journalism history. Unique digital systems supported private document and
>>> information sharing, as well as collaborative research. These included a
>>> message center hosted in Europe and a U.S.-based secure online search
>>> system. Team members also used a secure, private online bulletin board
>>> system to share stories and tips."
>>>
>>> "The project team’s attempts to use encrypted e-mail systems such
>>> as PGP (“Pretty Good Privacy”) were abandoned because of complexity and
>>> unreliability that slowed down information sharing. Studies have shown that
>>> police and government agents – and even terrorists – also struggle to use
>>> secure e-mail systems effectively. Other complex cryptographic systems
>>> popular with computer hackers were not considered for the same reasons.
>>> While many team members had sophisticated computer knowledge and could use
>>> such tools well, many more did not."
>>>
>>>
>>> http://www.icij.org/offshore/how-icijs-project-team-analyzed-offshore-files
>>>
>>
>> Thanks!
>>
>> This is great. It just drives home that usability is all.
>
>
> Just to underline Jon's message for y'all, they should have waited for
> iMessage:
>
>
>
> "Encryption used in Apple's iMessage chat service has stymied attempts
> by federal drug enforcement agents to eavesdrop on suspects' conversations,
> an internal government document reveals.
>
> "An internal Drug Enforcement Administration document seen by CNET
> discusses a February 2013 criminal investigation and warns that because of
> the use of encryption, "it is impossible to intercept iMessages between two
> Apple devices" even with a court order approved by a federal judge.
>
> "The DEA's warning, marked "law enforcement sensitive," is the most
> detailed example to date of the technological obstacles -- FBI director
> Robert Mueller has called it the "Going Dark" problem -- that police face
> when attempting to conduct court-authorized surveillance on non-traditional
> forms of communication.
>
> "When Apple's iMessage was announced in mid-2011, Cupertino said it
> would use "secure end-to-end encryption." It quickly became the most popular
> encrypted chat program in history: Apple CEO Tim Cook said last fall that 300
> billion messages have been sent so far, which are transmitted through the
> Internet rather than as more costly SMS messages carried by wireless
> providers.
>
> http://news.cnet.com/8301-13578_3-57577887-38/apples-imessage-encryption-trips-up-feds-surveillance/
>
>
There's a long thread on Twitter (look for Julian Sanchez, @normative) on this,
with comments from me, Matt Blaze, Nick Weaver, and others. Also see Julian's
blog post at http://www.cato.org/blog/untappable-apple-or-dea-disinformation
--Steve Bellovin, https://www.cs.columbia.edu/~smb
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
