On Sun, Oct 20, 2013 at 5:39 AM, Tony Rutkowski <[email protected]>wrote:
> Reality check. > > That is assuming the "average person" or the providers > of services to such persons, cares enough to do anything. > If the past ten years have demonstrated anything, the > average person and provider do not care. Indeed, > conversely, they will be concerned about cost, > performance, ease of use, and attractive feature sets. > > I think we are increasingly aware of folks who do care; journalists, for example, are pretty sensitized at the moment to these issues. > Only the non-average will care in the following order: > governments (mostly), companies communicating > sensitive information, criminals and terrorists, and > a few super-paranoid. > > The latest traitor-theft incident has principally > accomplished: 1) a significant shift of resources > by almost all the other governments to scale up > their ability to do better pervasive surveillance, > 2) the significant scaling of surveillance and > analysis vendors to sell into the expanding > government and commercial markets, 3) the > shift of criminals and terrorists to more secure > communication, and 4) a degree of largely self > serving flailing around for exploitation purposes > by politicians and lobbying groups. Perpass falls > into the noise, I think you and I disagree pretty fundamentally on this topic. I think our work can be signal that rises above the noise. It's up to us to determine whether or not we'll spend our efforts boosting the signal or not. Ted Hardie > except for generating new ideas > for the above actors. It is called the law of > unintended consequences. :-) > > -t > > > On 2013-10-20 5:28 AM, Yoav Nir wrote: > >> So while I don't think we can make any particular protocol safe for a >> suspect, we can make it so that the average person feels safe enough to >> risk private communications as long as they believe they are "under the >> radar". Ideally, the steps to reach that goal would be enough to obscure >> the few who do use strong person-to-person authentication. >> >> >
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
