"crypto-ninja-slash-stealth-sexy-leopard" is my new business card title, bee tee dubs.
~ Lurene On 09/03/2013 02:18 AM, Ben Nagy wrote: > Recently, a lot of people have been talking and possibly even > thinking about the "cryptopocalypse", surveillance, and the ideal > rate of exchange between liberty and safety. I have been vaguely > seeking the ideal derisive verse for a while, but this morning I > finally realised that it has already been sung. > > "When you believe in things that you don't understand, then you > suffer." > > - Stevie Wonder [1] > > Without quibbling over minor points, I think it's reasonable to > view the period since 2001 as one where privacy and fundamental > individual liberties have been at a steady ebb. Some might > characterise it as the 'theft' of those things by Governments, but > really, it's not. It has been driven by fear, and the belief that > "The Government" can provide protection against Dark Forces. > However, it's not the steady advance of ridiculous legislation that > I want to focus on. Those shavings of liberty can be counted where > they fell, as a simple matter of public record. > > What's interesting is the use of the tools that these Governments > already have. Nothing fundamental changed in the last few months. > The NSA, GCHQ, MI5, DSD didn't SUDDENLY ramp up any ops. They > haven't gone rogue. They've just been doing the same thing they've > been doing for years, because people ASKED them for protection, but > weren't too bothered about asking for details. They may not have > even had a concept of the missions of these organisations, except > as a nebulous part of "Government". They believed in things that > they did not, fundamentally, understand, and now we all suffer. > > So now we, the super smart computer crowd, get to be all smug and > "I told you so!", because we called it, just like that guy with no > pants and a bird in his beard. > > What I find hilarious, however, is the reaction. "Tor is the BEST > tool that fails to fix a different but related problem!", "You > should all use CryptoCat because I say sorry every time I screw > up!", "Hemlis messenger is totes unbreakable, and has nice graphic > design!", "5 Weird Tips to NSA-proof YOUR life!", "Try Silent > Circle! We have Beards!" > > All of this rubbish is just as much Security Theatre as the shoe > removals, crotch-gropings and warrantless detention we've been > enduring at airports. Statically, you're just not a target, so it's > ALL going to be as "100% Effective" as Werewolf Repellent. So go > nuts, I guess. Use CraptoCat inside TorBB to update your location > on Facebook. Whatever. > > If you happen to actually BE a person of interest, however, "better > than nothing" is actually worse than nothing. If you had zero > crypto, you might actually think about the content and traffic / > timing patterns of your comms. If you had no 'anonymisation' then > you might actually give a shit when and from where you connect. In > either case you might give some measure of incredibly serious > thought to: > > - The known capabilities of your anticipated adversary - Your > operating risk - Your worst case outcome > > Because if you don't have a strong mental picture of these things > BEFORE you start deploying tools and being all > crypto-ninja-slash-stealth-sexy-leopard, then you're going to see > exactly what that worst case outcome looks like from the inside. > > I'm not saying it's "impossible". I'm just saying (to quote The > Grugq) " Nobody's going to go to jail for you", and that includes > the authors of these new (and old) "spook-proof" tools. The hard > truth is that the only way to stay 'safe' from state-level actors > is going to involve a consistently disciplined regimen of tools, > techniques and procedures, and any software that claims to make it > "easy" is flat-out lying. > > Don't outsource understanding. > > "When you believe in things that you don't understand, then you > suffer. Superstition aint the way." > > ( please now allow the best Clav riff EVER to stick in your head ) > > Baby Seals, > > ben > > [1] http://www.youtube.com/watch?v=wDZFf0pm0SE (and if you need > this WHY ARE YOU SO YOUNG??) > > > > _______________________________________________ Dailydave mailing > list [email protected] > https://lists.immunityinc.com/mailman/listinfo/dailydave > _______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
