----- Forwarded message from Phillip Hallam-Baker <[email protected]> -----
Date: Tue, 15 Jul 2014 14:00:21 -0400 From: Phillip Hallam-Baker <[email protected]> To: "Rick Smith, Cryptosmith" <[email protected]> Cc: "[email protected]" <[email protected]> Subject: Re: [Cryptography] Security clearances and FOSS encryption? Message-ID: <camm+lwiut1cet2gafkxaqk27a8yd6a+sd1+j_7u+hyjosh3...@mail.gmail.com> On Tue, Jul 15, 2014 at 12:14 PM, Rick Smith, Cryptosmith <[email protected]> wrote: > I think our discussion is getting a little muddy: some authors are using > "security clearance" when they really mean "employment" by a government > agency (directly or as a contractor, including military and intel > organizations). > > The security clearance is a side-effect of one's employment. > > And let me remind everyone, again, that you don't need a clearance or any > public form of government employment in order to be a spy, confidential > informant, or agent provocateur. Exactly, the people to worry about are the people who don't declare their affiliations and/or clearances. And that is why what the NSA did with the Bullrun program is such a problem. How would a government spy be likely to behave? One possibility is that they would be a very visible and prominent technical contributor leading a major working group working for a company like BBN or Van Dyke or SAIC or one of the other beltway contractors that is likely a wholly owned subsidiary of the CIA/NSA from the days that they had to conceal the funding sources to the black budget. But another possibility is that they would be a less technical, non technical type who was always willing to do work like write up reports or drafts or chair a working group and you would wonder how they managed to do so much without an apparent source of funds. In other words an NSA plant looking to derail a project is going to look just like the 10% of IETF members who do 80% of the actual technical work. _______________________________________________ The cryptography mailing list [email protected] http://www.metzdowd.com/mailman/listinfo/cryptography ----- End forwarded message -----
