On Fri, Apr 5, 2013 at 9:17 PM, NgPS <n...@rulemaker.net> wrote: > In the movies and presumably in real life, bad guys have smart crooked > lawyers advising them. Surely the bad guys have the resources to set up > bunch of servers a la iMessage/Whatsapp, and write/deploy their own apps on > their mobile devices, running stripped-down custom ROMs, to communicate via > these servers, to avoid 3rd party MITM. Don't even need crooked developers, > just advertise on Hacker News and whole bunch of "hackers" will jump on it.
It'd be nice (for good guys certainly) to be able to open-code everything that one needs, or otherwise review all of the source code to the object code that one needs. In practice you cannot do this. It's ETOOMUCH. In the worst case scenario for the LEA there's still traffic analysis and warrants/court orders/rubber hoses that they can resort to. Crypto only helps the good guys w.r.t. bad guys and other governments (and then only sometimes); crypto is just a polite way of saying "try harder, get a warrant" to the LEA with jurisdiction over you (or your devices). For LEA my guess is that the biggest problem isn't how to get at evidence, but how to know who the bad guys are: in a sea of traffic it's hard to tell when you don't even know what's needles and what's hay, which must be why LEA tend to have such a dislike for good guy crypto. We hope the NSA types haven't forgotten that good guys need crypto, whether LEA like it or not. Nico -- _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography