On Mon, Nov 12, 2012 at 01:17:56PM -0700, phester wrote: > >4. If the internal mechanisms of government aren't sufficient to (quickly) > >catch a very very senior person having an affair -- and doing it > >incompetently -- then why should we believe that they're sufficient to > >catch a well-trained, careful, diligent spy? > > By reading their personal mails? Should this be done by an > algorithm, or live person?
a) I would hope that any competent spy would encrypt their email *or* would use covert channels (possibly over SMTP, possibly not). b) Of course that still permits traffic analysis, and that certainly has its counter-espionage uses. Add geolocation data from headers and it's even more useful. c) But to answer your question: both have their features/drawbacks. Automation scales and doesn't get tired or careless. But natural language parsing and pattern recognition is still done better by humans. Automation can be hacked, people can be bought. Automation is cheap, people are expensive. So I dunno. Maybe we should make it a job requirement: you cannot be Director of the CIA unless you can demonstrate that you're clueful enough to have an affair and get it away with for at least 6 months. If you're not at least that crafty, duplicitous, underhanded, sneaky, careful, etc. then what makes you think you're qualified to run the CIA? ---rsk _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
