I think the appropriate answer to this would be âno f-ing wayâ.
The NSA knows better than anybody that unbreakable encryption just isnât that hard anymore. Itâs relatively simple mathematics and there isnât anything they can do to make it difficult.
Surely using larger and larger keys will at least keep most people at bay for a few years until computing power catches up?
Side channels and other implementation bugs. Thatâs where the gold still lies.
But good luck standing against the worldwide army of geeks, whose strength is not in secrecy but in open collaboration, who are so scattered over the jurisdictions to make any effective legislation attempt futile, and who by now are pissed.
NSA seems to like being in a losing fight.
Rogers can clamour for this all he wants, general purpose computing isnât going away. At best (worst?), theyâll get some form of this implemented for data in the cloud. But short of a radical change in our attitudes towards computing, worrying too much about this borders on paranoia.
I agree, âNo f-ing way.â These agencies are proven untrustworthy. Cut their budgets and start the layoffs.
Man, I never thought Iâd miss the cold war. Remember the ridicule we heaped on the Soviet bloc, for registering all photocopy machines? Those were good times.
This is just as great an idea as it was when it was called âthe Clipper chipâ. Hopefully will end up in the same circular file too.
I looked over the G-man who walked into my office. He looked like a lobster stuffed in a cheap suit. âSo whatâs da scam?â I put my feet up, just to show him whose office he was in. âWhat do these boys got that the feds want so bad?â
âA hundred-digit prime thatâs not on the approved list.â
I let out a low whistle. With loot like that, a guy could start his own country. âAnd you want me to get it becauseâŚâ He raised his eyebrows, silently. Spooks all think alike. âI get it. Plausible deniability. Itâs gonna cost you⌠Ten thousand up front, plus expenses.â
âDollars or Bitcoin?â
âWhadda I look like, a rube?â
Uh, no, with sufficiently large keys (and the right algorithm), itâll keep them ALL people at bay until way past the heat death of the all the universes.
I want to see how they plan to lock down a Raspberry Pi that was built in a basement and programmed over the Sneakernet.
Dear Admiral Rogers: FUCK. YOU. You can have my keys when you pry my passphrases out of my cold dead brain. P.S. I suggest you start observing the fourth amendment before someone carves it into your forehead.
Iâd go with âyes and noâ on this one. Full extermination is going to be pretty tricky, and I suspect that the NSA is well aware of that; but âmost of the people, most of the timeâ? Thatâs already a reality in the poxed world of âmobileâ and most online services of various flavors(pretty much any of the ones that donât make it quite obvious that you are experiencing the joy of key management yourself).
You typically donât need to win all the time, or pick the very highest-hanging fruit, to get most of what you want and leave a manageable population of paranoid geeks doing things the hard way.
classic example of conspiracy to deprive rights under color of authority:
http://www.justice.gov/crt/about/crm/242fin.php
this man is a criminal for even suggesting this, as is anyone who helps him.
Algorithms may show unexpected weaknesses as the math research marches on. With enough Paul Erdoses and enough amphetamine pills, who knows what cornerstone of today will still hold tomorrow.
Then thereâs all the buzz about factoring (a cornerstone of many of todayâs algorithms utilizing prime numbers) and quantum computing; new classes of non-sequential hardware may dent some of the algos with brute force.
But thereâs always a chance that some of the algorithms will actually hold up. Itâs about the projected time; generally, aim for the hardness that will likely last over the statue of limitation of whatever you are playing with. Or your life expectations plus something. Always count with some reserve.
âMy 4th is protected by my 2nd.â
Thatâs the sad truth. The question is, how to keep this population as large as practical, and as unmanageable as possibleâŚ
They canât. They may however rely on informants to rat on those who were insufficiently silent about their gear, or attempted to teach others.
Oh, for crying out loud. Havenât they figured out yet that the freaking djinni is out of the bottle already and isnât going back in?
I used to work for a company that sold microcontrollers. Shipped literally millions of 32-bit versions every year with a steep volume growth curve. The number of 16- and 8-bit ones was a lot larger. ANY of them would do a good enough job to encrypt or decrypt messages that you wanted to be secure; they might take a while but so what?
And theyâre all over the place. Theyâre even in coffee makers. If the company had to shut down all production tomorrow thereâd still be so many out there that all the governments on Earth would never track down enough of them to seriously crimp the supply.
And thatâs just one company and by no means the largest.
When they babble about this kind of mishegoss all I get as a take-away message is: âwe havenât a clue what weâre talking about but are willing to make life worse for everyone rather than admit it.â
In short, they can scrape the traffic from everyone either too honest or too stupid to hide it. Leaving only the smart malicious ones, who just happen to be the only ones who pose any sort of real threat.
Brilliant. Fucking brilliant.
Round up the underwear bombers but never mind the ones who executed 9/11. Yeah, I feel so much safer now.
Ask any sophomore-level engineering class (doesnât matter which kind of engineers, we all think in terms of âhow can this fail?â) how to bring down a plane or otherwise kill hundreds or thousands of people without being stopped by TSA and the rest of the security theater troop and youâll get scores of answers. Generally several per student.
And the âblue teamâ in the Government know this. Theyâre not stupid. However, they also know that stopping the smart attackers will be too unpopular, so we just take our shoes off and never mind the stuff that they canât scan for at the gate (or the densely-packed lines leading up to the gate, which would be a great place to light off a rollerbag full of explosives and shrapnel. Which has been pointed out countless times.)
We have not been clear with our representatives and our government. We have given them conflicting objectives. They are using the conflict against us. We must be very clear in our mandate. The first, most important goal is: âProtect and defend the Constitution of the United States against all enemies, foreign and domestic.â All other goals are secondary.
Preventing a repeat of 911 is a worthy goal. But it is not more important than the Constitution. Fighting Terrorism, Drug addiction, and child abuse are all important. But, NONE OF THEM are more important than protecting the Constitution.
The Constitution is the basis of US law. If any government entity says itâs objectives are more important than protecting the Constitution, then, they are rejecting the rule of law. They are staging a revolution. When the DEA says it must violate the Constitution to catch drug criminals, it is really saying, it is a lawless entity that will not be subject to rightful authority. When the NSA says it must violate the Constitution to prevent Terrorism, it is saying it only recognizes the authority of fear and hate.
We must oppose these well-meaning revolutions with all our power. If they are not brought to heel, we will have no law, no legal authority and no security. We will only have fear and the naked exercise of unlimited power that serves no goal other than itâs own.
Given the steady stream of utter morons the FBI coaches through âterrorist plotsâ and then arrests, going after the dumb ones because itâs a lot easier would seem to be the plan.