One can always get a satellite phone for about the same cost as this Blackwater scam, or up to $2,000, with connectivity costing about a dollar a minute and available everywhere on Earth, no roaming charges. Security and privacy are also better at that premium price. Or, one could get a Linux phone, which, being open source, is also continually upgraded and favored by fierce advocates of privacy and security. One model, the PinePhone, has physical switches to disable and enable any and all audio, video, and signal. Nothing guarantees privacy like an off switch that needs a finger to operate.
4 Likes
It’s always funny to see the phrase “military-grade encryption”. Everyone uses the same encryption methods; it’s just math, so why would you not use whatever’s best? The phrase basically just screams “this is a grift”.
7 Likes
Insert “This ^” meme.
I came here to make exactly those points, but Veronica Connor said it better I could ever have done, clearly and concisely. Quoted in full for added exposure.
Thanks.
4 Likes
They probably don’t say which government, though.
3 Likes
If you want mobile discretion I’d run away screaming from satellite phones.
Not only are they at least as bad as their terrestrial brethren when it comes to the architecture being somewhere between apathetic and hostile to the user’s privacy interests; they come with the extra disadvantage of being a relatively expensive niche product often used by interesting people to do interesting things; so they could hardly be more obvious targets for any sort of dragnet surveillance of phone users.
Episodes like that one time Motorola spent $5 billion dollars building a profoundly unprofitable constellation which got saved from de-orbit by some friendly people in Mclean, VA, with a little help from a DoD hazard indemnification when private insurance was insufficient also don’t give off a strong ‘Definitely no feds here’ vibe.
6 Likes
The phrase is even more tainted because of how often it meant “we just rolled our own total garbage and called it a feature” in the period prior to the mid-late 90s when US encryption export controls were largely relaxed and it at least could have meant ‘the good stuff, that’s on the United Stats Munitions List’; not the 40-bit export grade nonsense’.
Thankfully attempting to roll your own seems to have finally fallen out of fashion; but at least we still have making critical errors in implementing robust standards, so there’s that.
3 Likes
This is a classic. People who don’t know anything about software security fall for lines like this because the only metaphor they have is physical security. They assume military must have “better” stuff or that they must somehow be better at this.
I’ve gotten into arguments with know-it-all friends who insist that encryption can be “cracked” like they do on TV and in movies all the time. NSA back doors into RSA not withstanding, that’s of course incorrect. I try to explain that it’s just math- you can mathematically prove that a (say) 2048 bit key cannot be brute-forced before the heat death of the universe, assuming one calculation per vibration of a hydrogen atom. But movies!
The funny thing is, the military is not stupid and knows this, which is why they tried to ban strong encryption back in the early aughts. They tried to classify it as a weapon and you couldn’t import PlayStation 2s briefly because of it. Of course, as you say, it’s just math, so that’s super dumb. Banning math is not a winning strategy. People were walking through airports wearing shirts with code snippets for strong encryption to make that point. One guy even got a tattoo.
6 Likes
Yeah, it’s marketing blurb like ‘airplane aluminium’ or ‘surgical steel’ and stuff like that. And it never fails to annoy me slightly.
5 Likes
Haha, yes, I love “aerospace grade aluminum”. So… 6061 then, the single most common alloy of aluminum that is absolutely average. People assume airplanes must be made of something special.
6 Likes
But of course successful attacks are rarely brute force ones.
1 Like
And usually against the weakest link.
3 Likes
If they contracted out sections of the work without a careful review, they might as well call it the Xerodae.
4 Likes
Same with politicians and law enforcement nowadays all over the world wanting devs to create backdoors. It just ensures that the only people with good encryption will be those who care enough to implement the known methods themselves. In other words, common people will become vulnerable and the only people with good encryption will be criminals and cryptography nuts.
1 Like
Yah, but people think they are. Successful attacks are always social engineering, of course.
3 Likes
This topic was automatically closed after 5 days. New replies are no longer allowed.
