Re: "If you use encryption, you help the terrorists win"
At 03:12 PM 10/27/03 -0500, Tyler Durden wrote: >spend pennies. Eventually you gotta figure that'll eat into the invasionary >funds, no? (Or am I being naive?) To a troll-like extent. The government left the gold (etc) standard so they could print money to fund wars. They will also not hesitate to confiscate more of your income to fund wars. And will confiscate your children (or you) as cannon fodder.
Re: "If you use encryption, you help the terrorists win"
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Oct 26, 2003, at 3:57 PM, Jurgen Botz wrote: 1) The general public doesn't really use crypto... partly because it's "off the social radar", partly because it's just too difficult, etc., etc. As a result the TLAs can employ the kind of Orwellian mass surveilance they would like and get useful information out of So I think that they've learned that they really get the best of both worlds with the status quo, and I don't see any indication that they are about to rock this particular boat. This may change if the public infrastructure starts using more crypto by default and people use better key management (smart cards?) but I don't think that's really all that likely... at least at the moment there doesn't seem to be any good momentum in that direction. It's becoming easier for the public, though. Apple's new Mac OS X 10.3 includes S/MIME built into the mailer. No more watching their eyes glaze over as I explain to my friends that they first have to install GPG, then find a plugin for their mail program, then try to teach them to create & send people keys. I prefer the GPG model of relying on people I actually trust to certify a key belongs to who it claims to belong to than relying on a corporation, but at least this will start people thinking about securing their mail. jpb - -- Joe Block <[EMAIL PROTECTED]> The fetters imposed on liberty at home have ever been forged out of the weapons provided for defense against real, pretended, or imaginary dangers from abroad. - James Madison -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (Darwin) iD8DBQE/nWbHyEXo8W2M9hsRAqiIAKCps/2yD6rC9FtXGIwQDow3MBfiHACeJVkg bowdifaZFFGnewTC++i1eow= =01Zu -END PGP SIGNATURE-
Re: "If you use encryption, you help the terrorists win"
"YOU want to do the encryption, not the ISP who can be secretly subpoenaed to hand over the plain text." Well, that too! My point is and has been "crypto is econnomics" (to paraphrase Tim May during one of his moments of clarity). Better to get 'them' to get a subpeona and make 'em expend the effort (and $$$), just to find out the email's about Pamela Anderson's boobs. Or, better yet, to find out the enduser also encrypted the email (AND it's about Pamela Anderson's boobs). Even if they dig out the plaintext, let them spend thousands of $$$ while we spend pennies. Eventually you gotta figure that'll eat into the invasionary funds, no? (Or am I being naive?) -TD From: Neil Johnson <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Re: "If you use encryption, you help the terrorists win" Date: Mon, 27 Oct 2003 11:37:47 -0600 On Monday 27 October 2003 10:53 am, Tyler Durden wrote: > > Hum...can an ISP offer encryption as a service? > > -TD > Ummm, are we forgetting about the Patriot Act and siblings ? YOU want to do the encryption, not the ISP who can be secretly subpoenaed to hand over the plain text. At least if you get a subpoena you know about it. -- Neil Johnson http://www.njohnsn.com PGP key available on request. _ Fretting that your Hotmail account may expire because you forgot to sign in enough? Get Hotmail Extra Storage today! http://join.msn.com/?PAGE=features/es
Re: "If you use encryption, you help the terrorists win"
On Monday 27 October 2003 10:53 am, Tyler Durden wrote: > > Hum...can an ISP offer encryption as a service? > > -TD > Ummm, are we forgetting about the Patriot Act and siblings ? YOU want to do the encryption, not the ISP who can be secretly subpoenaed to hand over the plain text. At least if you get a subpoena you know about it. -- Neil Johnson http://www.njohnsn.com PGP key available on request.
Re: "If you use encryption, you help the terrorists win"
Nice! "You don't need to - just convince them that it is safe against casual snoopers (and to be honest, most "sensitive" email the government couldn't give a damn about, but your neighbours would find very interesting indeed :) As long as you get the desired end result (them using crypto) do you really care what they think?" Hum...can an ISP offer encryption as a service? -TD From: "Dave Howe" <[EMAIL PROTECTED]> To: "Email List: Cypherpunks" <[EMAIL PROTECTED]> Subject: Re: "If you use encryption, you help the terrorists win" Date: Mon, 27 Oct 2003 12:27:00 - [EMAIL PROTECTED] wrote: > On Saturday 25 October 2003 04:27 pm, Tyler Durden wrote: >> secure (every ask anyone if they believed there was such a thing as >> effectively 'unbreakable' encryption? Reglar folks always believe >> SOMEBODY'S got the technology to break what scheme you use, so "why >> bother"). > I have a few friends like thisanyone have suggestions for ways to > change their minds? > Basically they say things like "If you think the government can't > break all the encryption schemes that we have, you're nuts." This > guy was a math major too, so he understands the principles of crypto. Simpler solution there then is to say "well, good - that means that the Government can still monitor terrorists, but that the minimum-wage employees answering the helpdesk at AOL can't read though your mail while they are bored." > I feel pretty confident that 2048 bit encryption is reasonably safe > for now, but how can I convince others, and how safe should I really > feel in that opinion anyway? You don't need to - just convince them that it is safe against casual snoopers (and to be honest, most "sensitive" email the government couldn't give a damn about, but your neighbours would find very interesting indeed :) As long as you get the desired end result (them using crypto) do you really care what they think? _ Send instant messages to anyone on your contact list with MSN Messenger 6.0. Try it now FREE! http://msnmessenger-download.com
Re: "If you use encryption, you help the terrorists win"
[EMAIL PROTECTED] wrote: > On Saturday 25 October 2003 04:27 pm, Tyler Durden wrote: >> secure (every ask anyone if they believed there was such a thing as >> effectively 'unbreakable' encryption? Reglar folks always believe >> SOMEBODY'S got the technology to break what scheme you use, so "why >> bother"). > I have a few friends like thisanyone have suggestions for ways to > change their minds? > Basically they say things like "If you think the government can't > break all the encryption schemes that we have, you're nuts." This > guy was a math major too, so he understands the principles of crypto. Simpler solution there then is to say "well, good - that means that the Government can still monitor terrorists, but that the minimum-wage employees answering the helpdesk at AOL can't read though your mail while they are bored." > I feel pretty confident that 2048 bit encryption is reasonably safe > for now, but how can I convince others, and how safe should I really > feel in that opinion anyway? You don't need to - just convince them that it is safe against casual snoopers (and to be honest, most "sensitive" email the government couldn't give a damn about, but your neighbours would find very interesting indeed :) As long as you get the desired end result (them using crypto) do you really care what they think?
Re: "If you use encryption, you help the terrorists win"
At 12:57 PM 10/26/03 -0800, Jurgen Botz wrote: >Wasn't there a Mafioso who got busted and convicted based on >evidence that had been PGP encrypted and where they stole the >key with a keyboard dongle? Nicodemo Scarfo. He used his Dad's federal-prison ID number, but the Feds couldn't guess that, so they blackbagged his computer with a dongle. I don't know who was lamer. It *is* a parable for our community; they could also have used videobugs. There was also, later, some dude who keyboard-bugged Kinkos and got caught. Another sermon from the mount. What *is* your threat model?
Re: "If you use encryption, you help the terrorists win"
Tyler Durden wrote: Tim May wrote... "I predict we'll soon be seeing a new thought control campaign with this theme, that "if you use encryption, you help the terrorists win."" Well, I'm dubious. Right now I'm thinking their strategy has been to pull encryption down off of the social radar, and that's worked better I agree with this... and add the following... For the last decade or so many of the "bad guys" (by whoever's definition you want) have actually been using crypto, even if the general public has not. I think that by now the TLAs have learned that this works in their favor on both counts... 1) The general public doesn't really use crypto... partly because it's "off the social radar", partly because it's just too difficult, etc., etc. As a result the TLAs can employ the kind of Orwellian mass surveilance they would like and get useful information out of it. 2) The bad guys use crypto they know to be strong enough to stop brute force attacks even by "major governments". This does two things... it makes them stick out in mass surveilance, and it makes them put all their eggs in one basket (the encrypted one). The TLAs of course have many options other than brute force attack on the crypto itself... key theft, tempest, rubber hose, everyone here knows all the methods. The TLAs may have to make a little more effort, but the payoff is more likley to be very good. Wasn't there a Mafioso who got busted and convicted based on evidence that had been PGP encrypted and where they stole the key with a keyboard dongle? I'm sure that wasn't an exception; the TLAs have adapted to the technology and found that it doesn't /really/ make things harder for them... maybe it makes it easier because the bad guys feel more secure. So I think that they've learned that they really get the best of both worlds with the status quo, and I don't see any indication that they are about to rock this particular boat. This may change if the public infrastructure starts using more crypto by default and people use better key management (smart cards?) but I don't think that's really all that likely... at least at the moment there doesn't seem to be any good momentum in that direction. :j
Re: "If you use encryption, you help the terrorists win"
> I have a few friends like thisanyone have suggestions for ways to change > their minds? > > Basically they say things like "If you think the government can't break all > the encryption schemes that we have, you're nuts." This guy was a math major > too, so he understands the principles of crypto. It is impossible to rationalise long term consequences of data harvesting into immediate threat for most people. The only way to change behaviour in absence of the perceived threat is propaganda ... and those who have means for that have different agendas. What's left is a personal-level propaganda but the effects are negligible. You can't really save anyone. You can, however, make crypto tools that make things easier. Or surveillance tools that make things obvious. The latter, I think, is more effective. Time to open source Echelon ? = end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: __ Do you Yahoo!? Exclusive Video Premiere - Britney Spears http://launch.yahoo.com/promos/britneyspears/
Re: "If you use encryption, you help the terrorists win"
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Saturday 25 October 2003 04:27 pm, Tyler Durden wrote: > Tim May wrote... > > secure (every ask anyone if they believed there was such a thing as > effectively 'unbreakable' encryption? Reglar folks always believe > SOMEBODY'S got the technology to break what scheme you use, so "why > bother"). I have a few friends like thisanyone have suggestions for ways to change their minds? Basically they say things like "If you think the government can't break all the encryption schemes that we have, you're nuts." This guy was a math major too, so he understands the principles of crypto. I feel pretty confident that 2048 bit encryption is reasonably safe for now, but how can I convince others, and how safe should I really feel in that opinion anyway? Steve - -- Steve Wollkind 810 C San Pedro [EMAIL PROTECTED] College Station, TX 77845 http://njord.org/~steve 979.575.2948 - -- All these worlds are belong to us, except Europa. Take off no zigs there. -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/mwqO0uexoyuzySARApnNAKCUxOrLDh2gk1Ls5piL1zsnXzhHuwCfUW5l AYtOw2wfT0EqlvhWxo5rup4= =12ec -END PGP SIGNATURE-
Re: "If you use encryption, you help the terrorists win" [Reply to Durden]
At 05:27 PM 10/25/03 -0400, Tyler Durden wrote: >frontol assault. Also watch carefully for hole-pokers...I'd bet their's also >been disinfo campaigns to get the public to think that no crypto is secure >(every ask anyone if they believed there was such a thing as effectively >'unbreakable' encryption? Reglar folks always believe SOMEBODY'S got the >technology to break what scheme you use, so "why bother"). 1. Well there's always Silk and Cyanide. Ie OTP. 2. Big Bro does not marshall all the atoms in the observable universe. Remind Joe Sixpack of that. Joe isn't as paranoid as some of us, who worry about quantum engines sorting through our precious prime bodily fluids. *Do* remind Joe about such mundancities as key management, coercion of confederates, video bugs, how crypto is all economics, etc. >So let's beat them to the punch: "Use strong crypto in order to keep America >free from the terrorists." An RPG a day keeps the colonialists away. Or at least, losing in the polls. PS: extra points for someone who finds a good expansion of S.L.O.G. Or who finds Condosleeza Rice's secret lesbian sex tape. (I have nothing against secrecy, or lesbians, of course)
Re: "If you use encryption, you help the terrorists win"
Tim May wrote... "I predict we'll soon be seeing a new thought control campaign with this theme, that "if you use encryption, you help the terrorists win."" Well, I'm dubious. Right now I'm thinking their strategy has been to pull encryption down off of the social radar, and that's worked better than any frontol assault. Also watch carefully for hole-pokers...I'd bet their's also been disinfo campaigns to get the public to think that no crypto is secure (every ask anyone if they believed there was such a thing as effectively 'unbreakable' encryption? Reglar folks always believe SOMEBODY'S got the technology to break what scheme you use, so "why bother"). Let's also remember that 'terrorists' are only terrorists when their guns are small. Once they start winning a few battles they're no longer "terrorists" (eg: Mao and that whole gang). So let's beat them to the punch: "Use strong crypto in order to keep America free from the terrorists." -TD From: Tim May <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: "If you use encryption, you help the terrorists win" Date: Fri, 24 Oct 2003 14:52:02 -0700 I predict we'll soon be seeing a new thought control campaign with this theme, that "if you use encryption, you help the terrorists win." Similar to the heavy advertising (paid for by Big Brother, and hence by money stolen from taxpayers) with the theme that lighting up a doobie helps Osama, that taking an Oxycontin (sorry, Rush!) is equivalent to flying a plane into the World Trade Center. Why encryption? Why now? Perhaps Eric B. can comment on the status of encrypted cellphones, of whichever flavor, but it occurs to me that some people in Iraq desperately need them. I refer of course to those trying to expell the American soldiers occupying their cities and, as Anne Coulter put it and as senior Army officials agree, "occupy their country, take their oil, and convert them all to Christianity." You see, the landlines and central offices were largely wiped out in the War for Oil. So what is now going in is what makes sense for nearly all developing--or flattened--countries: cellphones. The U.S. had plans for the contracts to deploy cellphones to go to American companies, but the local puppets must have had no fear of the Americans, as they went with a better bribe: mostly Arabic cellphone providers will deploy the initial system. And of course this is why there are a lot of subcontractors with ties to the NSA, DIA, ASA, etc. now in Iraq monitoring communications. (Partly to track down Saddam's whereabouts, as he may use a cellphone, if he's careless. Recall the tale of Pablo Escobar.) So, what would happen if even 5% of the cellphones were encrypted with a sufficiently-strong system (Eric's 3DES would presumably be enough)? And if not encrypted cellphones, encryption of the usual sort, over networks. I wonder what would happen to someone found carrying copies of PGP into Iraq? (Which is not to say copies are not already widely circulating, or readily downloadable, etc.) It seems clear to me that the puppet state of Iraq (maybe we could dub it "The Puppet Republic of Iraq"?) will not allow significant use of encrypted cellphones, or perhaps even encryption over networks. If the daily attacks on the crusaders continue to rise, and there appears to be some kind of coordination, the intelligence agencies will be called to task on why they are not intercepting (or jamming) the coordination channels. If the expected attacks in Saudi Arabia and other soft targets happen on schedule in the next few weeks, we might even see reintroduction of crypto ban proposals inside the U.S. We should not assume the war for crypto is won. --Tim May "A democracy cannot exist as a permanent form of government. It can only exist until the voters discover that they can vote themselves money from the Public Treasury. From that moment on, the majority always votes for the candidate promising the most benefits from the Public Treasury with the result that a democracy always collapses over loose fiscal policy always followed by dictatorship." --Alexander Fraser Tyler _ Fretting that your Hotmail account may expire because you forgot to sign in enough? Get Hotmail Extra Storage today! http://join.msn.com/?PAGE=features/es
Re: "If you use encryption, you help the terrorists win"
At 02:52 PM 10/24/03 -0700, Tim May wrote: >The U.S. had plans >for the contracts to deploy cellphones to go to American companies, but >the local puppets must have had no fear of the Americans, as they went >with a better bribe: mostly Arabic cellphone providers will deploy the >initial system. Yes, but who makes their equiptment? How do you say backdoor in Arabic? >So, what would happen if even 5% of the cellphones were encrypted with >a sufficiently-strong system (Eric's 3DES would presumably be enough)? Those 5% get a special visit from the Colonial Eye for the Arabic Guy, (a Fox production) where they get to wear a nifty black hood complemented by a spiffy nylon bracelet for both hands. And then they get some special counseling from the friendly boys from interrogation. Its amazing how far a cell phone will go up a rectum when you really want an answer... What they need is good stego.