Re: [cryptography] To Protect and Infect Slides

[Jeffrey Walton]

On Wed, Jan 1, 2014 at 7:22 AM, coderman  wrote:
> On Wed, Jan 1, 2014 at 3:56 AM, Ralph Holz  wrote:
>> Hi Jake,
>>
>> Ian Grigg just made a point on metzdowd that I think is true: if you
>> want to change the NSA, you need to address the [...]
>> [... money] Because the chain goes like this:
>>
>> corporate money -> election campaigns -> representatives -> NSA
>
>
> it should be noted that corporate money influence is currently aimed
> at privacy eroding efforts in myriad manner.
In the US, I believe Step 1 is to recognize citizens' the Right to
Privacy. Step 2 applies to the US and abroad, and its recognize a
Right to be Forgotten.

The US is well behind the curve for the first step considering privacy
is a right in many places like Europe. That's what makes the US
activities so egregious: these are human rights violations, and not
merely minor transgressions.

Jeff
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

Re: [cryptography] To Protect and Infect Slides

[Ed Stone]

On Wed, Jan 1, 2014 at 3:56 AM, Ralph Holz  wrote:

> Hi Jake,
> 
> Ian Grigg just made a point on metzdowd that I think is true: if you
> want to change the NSA, you need to address the many corporates that
> profit from what they are doing. Because the chain goes like this:
> 
> corporate money -> election campaigns -> representatives -> NSA
> 
> What do you think? And any ideas how to exercise pressure?
> 
> Ralph

The notion that corporate money is the driver of election campaigns, and that 
those campaigns offer genuine, non-cooptible choices, and that elected 
representatives control and direct the resources and activities of the NSA or 
any other “black” portion of the executive branch is quaint.
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

Re: [cryptography] To Protect and Infect Slides

[John Young]

Jake's, Assange's and others' emphasis at 30c3 was to pursue
technological offenses rather than futile expectation of political,
financial and legal controls of spying which inevitably confirm
what spies do, for it is in their interest to support spyin and
secrecy to maintain hegemonic, heirarchial institutions under
"the rule of law."

Reminder, at the origin of cypherpunks there was a crackdown
on encryption as a munitions. That skirmish was thought to
have been won. Now Snowden has revealed that victory
was a delusion, the real one-sided battle was fought
surreptiously in secret, not only by contaminating crypto
but by development of bypasses, implants, backdoors,
booby traps, ruses, scams, bribes, dual-hatted contracts
with crypto-hackers.

Can an openly avowed combat on the technologies of political
control (1) work or will it be demonized, fought by secret
underhanded means? Public debate deployed as a ruse in
the 1990s as now.

(1) An Appraisal of the Technologies of Political Control

http://cryptome.org/stoa-atpc.htm

This combat is about far more than crypto and coders must
be supplemented with all the discplines of science and
technology which are now serving industry and the
"lawful" hegemons.

30c3 advocated a direct attack on these means, not wait for
the public debate to be rigged in favor of the hegemon with
PR, propaganda, lobbying, bribery, contracts, scare stories,
terrifying incidents, the customary dirty fighting and tricks of
spies and "defense" industry.

Is that technological attack on the political, financial, legal
hegemon likely to succeed? Or will the crackdown on
armed (technological) dissent become as violent as it has
in the past?

There is a likelihood encryption will be restricted, by fiat,
by planting weaknesses, by covert attacks, by technological
bypasses, by rigged failures to create doubt of effectiveness.

That was the way CryptoAG operation was run. Now the RSA
ploy is operative. Is the effect of Snowden to be a series
of ploys and ruses. Worse, hop on board the paranoia train,
is Snowden a disinfo op for leaking gobs of ruses?

Musings:

A singular feature of hegemons is that they are dominated by
"self-regulating organizations" which set the terms and conditions
of the ruling entity, assure enforcement of the rules, and perpetuate
themselves under "self-regulation."

These are successors of royalty which instead of divine right,
backed by military power, they invoke the "Constitution," a law
which distinctively empowers "lawful" behavior according to the
rules of the hegemon.

No wonder the US promotes constitutional government around
the planet, backed by military power, most often by denigrating
other forms of government.

A striking parallel is the rise of the clerics in Europe as an alternative
to religious hegemons. From clerics came lawyerly self-regulating
hegemons. A new religion hidden within supremacist judges' black
robes.

Enough of lawful self-regulation in secrecy, unpunishable by
lawful means. Justice is out of control, prison populations stuffed,
bloated law enforcement and spies raiding the public till, private
spies, cops and mercenaries worse than the official, or
indistinguishable.

Back to the military which backs the hegemons. Technology
controls its effectiveness, thus the need for the hegemons to
control manufacture, distribution, ownership and application
of military means. Concentration of wealth through government
regulation, economic and tax policy, and military supremacy
reifies special privileges and exculpations for the enforcers
of law. Law->taxation->enforcement->informants->spying->
assassination->military action.





___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

Re: [cryptography] To Protect and Infect Slides

[Shawn Wilson]

If you'll notice that both political parties have expanded on the NSA's 
mission, scope, and probably funding. I doubt there are any business motives 
here. In fact, it seems to me there are the exact opposite. Though, since much 
of government is now contracted out, I do wonder who this was billed out to? 
Also sorta interesting that the possibility of the NSA contracting a French 
company (Vupen) to find exploits. I always assumed HP, Rapid7, Mandiant, etc 
would do this type of thing and that it would be easier to clear companies in 
the US. 

coderman  wrote:
>On Wed, Jan 1, 2014 at 3:56 AM, Ralph Holz  wrote:
>> Hi Jake,
>>
>> Ian Grigg just made a point on metzdowd that I think is true: if you
>> want to change the NSA, you need to address the [...]
>> [... money] Because the chain goes like this:
>>
>> corporate money -> election campaigns -> representatives -> NSA
>
>
>it should be noted that corporate money influence is currently aimed
>at privacy eroding efforts in myriad manner.
>
>
>you need to change the incentive to result in a privacy enhancing
>impetus like this:
>  corporate money -> election campaigns -> representatives ->
>defunding much NSA/CIA/DoD actvity.
>
>which is implemented not just in US, but all reasonable governments,
>at the same time privacy aware corporations are implementing privacy
>enhancing operations and software. this can be as simple as HTTPS only
>with forward secret suites, or as significant as desired.
>
>
>in other words: it's even more difficult! an effective response
>requires cooperation of most governments and international corporate
>entities.
>
>
>there are tens and tens of billions that could be trimmed from the
>black budget and DoD budget while preserving a minimal, defensive
>force and command, allowing for targeted, HUMINT focused operations to
>replace all wholesale and endemic COMSEC vulnerability exploiting
>efforts.
>
>
>good luck finding the incentive of sufficient force, and defending
>against the significant pushback!
>
>
>best regards,
>___
>cryptography mailing list
>cryptography@randombit.net
>http://lists.randombit.net/mailman/listinfo/cryptography

___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

Re: [cryptography] To Protect and Infect Slides

[coderman]

On Wed, Jan 1, 2014 at 3:56 AM, Ralph Holz  wrote:
> Hi Jake,
>
> Ian Grigg just made a point on metzdowd that I think is true: if you
> want to change the NSA, you need to address the [...]
> [... money] Because the chain goes like this:
>
> corporate money -> election campaigns -> representatives -> NSA


it should be noted that corporate money influence is currently aimed
at privacy eroding efforts in myriad manner.


you need to change the incentive to result in a privacy enhancing
impetus like this:
  corporate money -> election campaigns -> representatives ->
defunding much NSA/CIA/DoD actvity.

which is implemented not just in US, but all reasonable governments,
at the same time privacy aware corporations are implementing privacy
enhancing operations and software. this can be as simple as HTTPS only
with forward secret suites, or as significant as desired.


in other words: it's even more difficult! an effective response
requires cooperation of most governments and international corporate
entities.


there are tens and tens of billions that could be trimmed from the
black budget and DoD budget while preserving a minimal, defensive
force and command, allowing for targeted, HUMINT focused operations to
replace all wholesale and endemic COMSEC vulnerability exploiting
efforts.


good luck finding the incentive of sufficient force, and defending
against the significant pushback!


best regards,
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

Re: [cryptography] To Protect and Infect Slides

[Ralph Holz]

Hi Jake,

Ian Grigg just made a point on metzdowd that I think is true: if you
want to change the NSA, you need to address the many corporates that
profit from what they are doing. Because the chain goes like this:

corporate money -> election campaigns -> representatives -> NSA

What do you think? And any ideas how to exercise pressure?

Ralph

On 12/31/2013 09:13 PM, Jacob Appelbaum wrote:
> Kevin W. Wall:
>> On Tue, Dec 31, 2013 at 3:10 PM, John Young  wrote:
>>
>>> 30c3 slides from Jacob Appelbaum:
>>>
>>> http://cryptome.org/2013/12/appelbaum-30c3.pdf (3.8MB)
>>>
>>
>> And you can find his actual prez here:
>> 
>>
>> Worth the hour, although I'm sure your blood
>> pressure will go up a few points.
>>
> 
> I'm also happy to answer questions in discussion form about the content
> of the talk and so on. I believe we've now released quite a lot of
> useful information that is deeply in the public interest.
> 
> All the best,
> Jacob
> 
> ___
> cryptography mailing list
> cryptography@randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography
> 


-- 
Ralph Holz
I8 - Network Architectures and Services
Technische Universität München
http://www.net.in.tum.de/de/mitarbeiter/holz/
Phone +49.89.289.18043
PGP: A805 D19C E23E 6BBB E0C4  86DC 520E 0C83 69B0 03EF
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography