-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
First time caller, recent listener... In regards to this: > > Back to the latest failure to reveal technical docs. Those who know > what's important about them are not likely to tell journalists > that, may be incapable of doing so in a way that journalists can > apply their vaunted skepticism of sources -- using word skills of > truthiness. So what is transferred are narratives, stories, > rhetoric, bombast, in lieu of technical specs, math, algorithms, > fabrication drawings, chemical and electrical formulations, doses > of EM and anti-EM just precisely zapped to the nano-fullerine > /->^256/1029: the myrrh and honey of technies, sleep-eeze to the > wordies who yawn is that a go or no go to slick brochure printing. > In reading this: http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance My take away is the Scheiner is now on board advising Greenwald and company and is *reading* the Snowden documents for himself. Quote: For the past two weeks, I have been working with the Guardian on NSA stories, and have read hundreds of top-secret NSA documents provided by whistleblower Edward Snowden. I wasn't part of today's story – it was in process well before I showed up – but everything I read confirms what the Guardian is reporting. And: 5) Try to use public-domain encryption that has to be compatible with other implementations. For example, it's harder for the NSA to backdoor TLS than BitLocker, because any vendor's TLS has to be compatible with every other vendor's TLS, while BitLocker only has to be compatible with itself, giving the NSA a lot more freedom to make changes. And because BitLocker is proprietary, it's far less likely those changes will be discovered. Prefer symmetric cryptography over public-key cryptography. Prefer conventional discrete-log-based systems over elliptic-curve systems; the latter have constants that the NSA influences when they can. Since I started working with Snowden's documents, I have been using GPG, Silent Circle, Tails, OTR, TrueCrypt, BleachBit, and a few other things I'm not going to write about. There's an undocumented encryption feature in my Password Safe program from the command line); I've been using that as well. =========== I'm personally happy to see Bruce directly involved in this, seeing as he's also directly involved with the EFF and other critical organizations and has the technical know-how to understand the implications of what the docs say. Regards, Dave -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (MingW32) iQEcBAEBAgAGBQJSKSRsAAoJEDMbeBxcUNAepTwH/2c4evnWHwZ7S916oWiFNNJn yio7buBO1ElCn3Juo9l8OgKTmlSxRrT1IvJe7mSYI0LRu0hBTVOfvOoMGr3Mr0s6 pjLfMHFZdTwqygz0MqS/GxQbW545u9AFTAFuA+YwllR4KhQyb+KnZMiXaAn884J0 yvKipf4aL4w9Ej4lWqPV4zxONVT3U/PosnuMxWEnJjaeFu7Gyq5lNmqoj2+Uz8H6 WLfhaPFU6F6sgX5WSRiHxafcCKio++QaDaJmbF+ob9AjFcCUVjVRERbVrbJNXL6M Nmki60inhlUDokWg071tBufLos8ESuABTir7+xDBFFtNvr6LxnAkoj29ia2C72o= =gILd -----END PGP SIGNATURE----- _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
