I think the appropriate answer to this would be ‘no f-ing way’.
The NSA knows better than anybody that unbreakable encryption just isn’t that hard anymore. It’s relatively simple mathematics and there isn’t anything they can do to make it difficult.
Surely using larger and larger keys will at least keep most people at bay for a few years until computing power catches up?
Side channels and other implementation bugs. That’s where the gold still lies.
But good luck standing against the worldwide army of geeks, whose strength is not in secrecy but in open collaboration, who are so scattered over the jurisdictions to make any effective legislation attempt futile, and who by now are pissed.
NSA seems to like being in a losing fight.
Rogers can clamour for this all he wants, general purpose computing isn’t going away. At best (worst?), they’ll get some form of this implemented for data in the cloud. But short of a radical change in our attitudes towards computing, worrying too much about this borders on paranoia.
I agree, ‘No f-ing way.’ These agencies are proven untrustworthy. Cut their budgets and start the layoffs.
Man, I never thought I’d miss the cold war. Remember the ridicule we heaped on the Soviet bloc, for registering all photocopy machines? Those were good times.
This is just as great an idea as it was when it was called “the Clipper chip”. Hopefully will end up in the same circular file too.
I looked over the G-man who walked into my office. He looked like a lobster stuffed in a cheap suit. “So what’s da scam?” I put my feet up, just to show him whose office he was in. “What do these boys got that the feds want so bad?”
“A hundred-digit prime that’s not on the approved list.”
I let out a low whistle. With loot like that, a guy could start his own country. “And you want me to get it because…” He raised his eyebrows, silently. Spooks all think alike. “I get it. Plausible deniability. It’s gonna cost you… Ten thousand up front, plus expenses.”
“Dollars or Bitcoin?”
“Whadda I look like, a rube?”
Uh, no, with sufficiently large keys (and the right algorithm), it’ll keep them ALL people at bay until way past the heat death of the all the universes.
I want to see how they plan to lock down a Raspberry Pi that was built in a basement and programmed over the Sneakernet.
Dear Admiral Rogers: FUCK. YOU. You can have my keys when you pry my passphrases out of my cold dead brain. P.S. I suggest you start observing the fourth amendment before someone carves it into your forehead.
I’d go with ‘yes and no’ on this one. Full extermination is going to be pretty tricky, and I suspect that the NSA is well aware of that; but ‘most of the people, most of the time’? That’s already a reality in the poxed world of ‘mobile’ and most online services of various flavors(pretty much any of the ones that don’t make it quite obvious that you are experiencing the joy of key management yourself).
You typically don’t need to win all the time, or pick the very highest-hanging fruit, to get most of what you want and leave a manageable population of paranoid geeks doing things the hard way.
classic example of conspiracy to deprive rights under color of authority:
this man is a criminal for even suggesting this, as is anyone who helps him.
Algorithms may show unexpected weaknesses as the math research marches on. With enough Paul Erdoses and enough amphetamine pills, who knows what cornerstone of today will still hold tomorrow.
Then there’s all the buzz about factoring (a cornerstone of many of today’s algorithms utilizing prime numbers) and quantum computing; new classes of non-sequential hardware may dent some of the algos with brute force.
But there’s always a chance that some of the algorithms will actually hold up. It’s about the projected time; generally, aim for the hardness that will likely last over the statue of limitation of whatever you are playing with. Or your life expectations plus something. Always count with some reserve.
“My 4th is protected by my 2nd.”
That’s the sad truth. The question is, how to keep this population as large as practical, and as unmanageable as possible…
They can’t. They may however rely on informants to rat on those who were insufficiently silent about their gear, or attempted to teach others.
Oh, for crying out loud. Haven’t they figured out yet that the freaking djinni is out of the bottle already and isn’t going back in?
I used to work for a company that sold microcontrollers. Shipped literally millions of 32-bit versions every year with a steep volume growth curve. The number of 16- and 8-bit ones was a lot larger. ANY of them would do a good enough job to encrypt or decrypt messages that you wanted to be secure; they might take a while but so what?
And they’re all over the place. They’re even in coffee makers. If the company had to shut down all production tomorrow there’d still be so many out there that all the governments on Earth would never track down enough of them to seriously crimp the supply.
And that’s just one company and by no means the largest.
When they babble about this kind of mishegoss all I get as a take-away message is: “we haven’t a clue what we’re talking about but are willing to make life worse for everyone rather than admit it.”
In short, they can scrape the traffic from everyone either too honest or too stupid to hide it. Leaving only the smart malicious ones, who just happen to be the only ones who pose any sort of real threat.
Brilliant. Fucking brilliant.
Round up the underwear bombers but never mind the ones who executed 9/11. Yeah, I feel so much safer now.
Ask any sophomore-level engineering class (doesn’t matter which kind of engineers, we all think in terms of “how can this fail?”) how to bring down a plane or otherwise kill hundreds or thousands of people without being stopped by TSA and the rest of the security theater troop and you’ll get scores of answers. Generally several per student.
And the “blue team” in the Government know this. They’re not stupid. However, they also know that stopping the smart attackers will be too unpopular, so we just take our shoes off and never mind the stuff that they can’t scan for at the gate (or the densely-packed lines leading up to the gate, which would be a great place to light off a rollerbag full of explosives and shrapnel. Which has been pointed out countless times.)
We have not been clear with our representatives and our government. We have given them conflicting objectives. They are using the conflict against us. We must be very clear in our mandate. The first, most important goal is: “Protect and defend the Constitution of the United States against all enemies, foreign and domestic.” All other goals are secondary.
Preventing a repeat of 911 is a worthy goal. But it is not more important than the Constitution. Fighting Terrorism, Drug addiction, and child abuse are all important. But, NONE OF THEM are more important than protecting the Constitution.
The Constitution is the basis of US law. If any government entity says it’s objectives are more important than protecting the Constitution, then, they are rejecting the rule of law. They are staging a revolution. When the DEA says it must violate the Constitution to catch drug criminals, it is really saying, it is a lawless entity that will not be subject to rightful authority. When the NSA says it must violate the Constitution to prevent Terrorism, it is saying it only recognizes the authority of fear and hate.
We must oppose these well-meaning revolutions with all our power. If they are not brought to heel, we will have no law, no legal authority and no security. We will only have fear and the naked exercise of unlimited power that serves no goal other than it’s own.
Given the steady stream of utter morons the FBI coaches through ‘terrorist plots’ and then arrests, going after the dumb ones because it’s a lot easier would seem to be the plan.