On Dec 4, 2013, at 12:29 PM, Bruce Perens <[email protected]> wrote: > On 12/04/2013 11:55 AM, Jacob Appelbaum wrote: >> Dear Bruce, >> >> Why do you dignify these actions as 'law enforcement' or even as >> 'national defense' when we're discussing illegal spying? >> > Because some of them are in my interest. And yours. > > We have a nasty part of government that thinks it is in an an endless war. > Every liberal nation, historically, discontinues its nice rights and > protections during wartime.
Unfortunately this nasty part of government is not just targeting the nutcases, but practically everybody, using insanely intrusive methods and setting series of insanely dangerous precedents. How do you think the US would react to word that, say, the French or Chinese hacked AT&T (using packet injection, weaponizing the wiretaps), in order to practice covert surveillance upon senators and businessmen in the US? "Ballistic" wouldn't begin to describe the reaction. Not to mention the obvious economic targets [1] as well. Yet now the NSA has said, "hey, its OK". So if there is a reason for France, or China, or Russia, or Israel, or well anybody to not let their intelligence services off the leash? We know that the Chinese haven't been doing packet injection in the past (because we've caught their intrusions in the past, and they've been through phishing/watering hole), but they will in the future. Because hey, why not? Universal encryption is needed, NOW, not to limit the damage of surveillance but to reduce the huge attack surface that is now laid bare for the world. Your adversary is all countries which your traffic traverses except your own. [1] The NSA is quite happy to say they don't give the information to US companies, but its quite clear that a non-trivial amount of espionage is to further US economic interests. IMO, its a waste. What good is hacking Petrobras if you do NOT give the data to Exxon/Mobil? >> Pervasive surveillance, censorship and malware is a serious threat >> regardless of your feelings about the NSA. > And will continue to be so after all web transactions are encrypted. You're > not going to actually solve any problems. Yes, because unencrypted traffic is a huge open attack vector, which is now open-season. Enjoy... -- Nicholas Weaver it is a tale, told by an idiot, [email protected] full of sound and fury, 510-666-2903 .signifying nothing PGP: http://www1.icsi.berkeley.edu/~nweaver/data/nweaver_pub.asc
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
