On Wed, Dec 4, 2013 at 6:35 PM, Bruce Perens <[email protected]> wrote:
> On 12/04/2013 02:57 PM, Phillip Hallam-Baker wrote: > > > When someone starts accusing everyone of treason it isn't so much > refutation that is appropriate as the men in white coats. > > Oh, come on Phillip. I did not accuse anyone, I said that it was arguably > criminal or treasonous, and warned of the danger to you. > It seemed like more of a threat to me. The NSA is very aware of the work that I am doing and its purpose. I presented the work at MIT the week before Vancouver with several current NSA employees present and a former NSA director. One thing we know the NSA is going to need is usable data level security. The only thing that differentiates my proposal from previous ones is that (1) it requires exactly the same degree of effort as regular mail, (2) it does not depend on building out infrastructure before deployment and (3) it supports a policy layer so that in addition to discovering the recipient's key, an application can determine the security policy of the recipient. In other words, what differentiates my proposal is that it has a chance of keeping Britain, American and their allies safe against the attacks that are now going to be coming from all the other governments that are now going to be playing copycat in the wake of Snowdonia. The NSA is charged with two missions, not one. Protecting the US and its allies from attack is far more important than attacking other countries. The US has an electricity infrastructure that would embarrass many third world countries, it has been defeated by squirrels let alone cyber-attacks. Cyberwarfare has many of the same characteristics as terrorism. the barriers to entry are low. It is inherently non-attributable and so deterrence is infeasible. Any attempt to set red lines opens up the risk of a false flag attack. And what might shock you is that people who have spent their lives studying war had to have that pointed out by me. Cyber is inherently destabilizing. And the risk is not just of a cyber attack against the US and its allies. An attack against Russia or China could lead to catastrophic consequences as well. Neither has the capacity to develop an effective cyber defense in their critical infrastructure unless the western powers develop the technology first. One of the ugly costs of relying on industrial espionage is that it destroys any chance of developing an indigenous research capacity. The issues are vastly more complex than you imagine. NSA 1.0 spent its time cracking mechanical ciphers to enable the CIA coups that stopped when the world moved to digital in the mid 70s. NSA 2.0 grew large fat and lazy while its military management spent their time boosting each other's egos with (unsecured) Powerpoint presentations that almost certainly exaggerate their capabilities. We don't know what NSA 3.0 is going to be doing but it isn't going to have anything like the intercept capabilities of the past and it will be two congresses before they have any ability to shape the political landscape again. -- Website: http://hallambaker.com/
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
