On 2014-11-17 at 19:49, Robert J. Hansen wrote: >> Most of the technical reasons can be bypassed by making a single >> subscriber key (public and private) available as a part of the >> subscription process, but that eliminates most of the technical >> advantages of encryption, so it's really a moot point. > > It also means there's pretty much no point in keeping archives, > because it's inevitable that the keys will become separated from the > archives. And if the key is part of the archive, then what's the > purpose of the crypto in the first place? > > Once, for my job, I had to look into the way the Roman Senate > conducted its elections. I was able to find ballots that were over > 1500 years old. It was pretty neat, and it changed my perspective on > things like crypto. > > The crypto dream is that the confidentiality of our messages will be > preserved for centuries after our death,
Well, no. The crypto dream is that powerful people will stop being able to retrieve lot of informations on why they exerce power on, and that these people will be able to inform and communicate in a decentralized, horizontal and autonomous manner wathever this autority wants. > which sounds really great up until you consider what an archaeologist > circa 4000 AD is going to be thinking. "I have a stack of records > here that could shed light on the way people lived in a long-dead > civilization, but I can't read them. Why? What were these people > doing that they thought their email to their Aunt Edna needed to > remain secret for all time? Why is it that, millennia after they're > gone, Aunt Edna's recipe for potato salad has to be gone with them?" Then the question is not “Do we want to encrypt everything?”, but more precisely: “do we want to make everything *accessible*”. Actually imagine mail servers today, quite all encrypting everything with TLS. Not a problem, mails are still accessible. It just means it’s harder for ISPs (MITM is visible, and being visible means a great risk) to spy on people. If we make only some traffic encrypted they have at least the information of what is enough important to be hidden, when, where, by who, to who, for how long, etc. meta-data. Here we make cryptoanarchy and hide everything so that they don’t even have the information of what is to hide. But that doesn’t obligate us to make what is public public. We could imagine a web where everybody uses HTTPS: pages are still accessible to everybody. We could imagine bittorrent where almost all clients encrypt everything (hint: it’s already this way), and everything is still accessible. We could imagine Tor Hidden Services, and everything is still accessible. What’s not accessible anymore is metadata. > Or think about your own kids, circa 2040 AD. "I'd love to read these > emails between Mom and Dad when they were courting, but ... they were > afraid of Somebody-with-an-S reading their emails. I wonder if they > ever thought that the Somebody might be their son, who wanted to > understand after their deaths how it was these two people came to meet > and fall in love." Then comes the problem of private messages, made to be private. First, future archeology is pointless argument between our security and our freedom, it sounds a lot more better like kind of an excuse. Second, a reccurent problem in cryptography is we know computers power and algorithms constantly evolves, and that what’s encrypted a way today is not guaranted to always be forever. What’s encrypted with DSA today will maybe be accessible within more time. Finally, information generally needs to be private only for a limited amount of times. If we have a message describing date and place for a dissidents reunion in a totalitarian state, once the reunion is over, the message doesn’t need to be private anymore, and could be “released”, if it’s for archival/archeology/history needs. Actually it would be something quite interesting for people to know in what kind of place reunions are planned (anyway a place should never be the same twice). > Historians called the early medieval period "the Dark Ages" not > because the era was full of villainy and evil, but because > record-keeping became so austere that we really don't know much of > what happened for that period. Because they had no efficient way to keep information in front of the quantity of information producible. The press solved this problem. > We're living in a new Dark Age right now. Historians of the future > are going to see human record-keeping basically end around 1960. They’re still accessible. And what’s saying you in the future all hard-disk will die at the same moment with no backup? It could be plausible if our civilization could break down just like others before and let others develop. The problem is: today we have a world-wide civilization, if this one break down, there will be no more civilization to study us. So we have absolutely no reasons to care. > Fewer records were printed out and more were put on digital media -- > media that deteriorates much more quickly than paper, and depends on > technology to read it, technologies which become obsolete and are > discarded even faster than the media degrades. I doubt a paper newspaper can subsist more time than a hard disk. > So when you hear people advocate "crypto everywhere, always, for > everything," ask yourself this: if they get what they want, what will > it do to future generations' ability to make sense of our time? Can you explain in what future generations’ curiosity is more important than this generation’s freedom?
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
