Good to read some actual balanced thoughts on the matter for a change.
Bruce Schneier is the man who literally wrote the book on modern encryption, publishing Applied Cryptography in 1994, and for the past 20 years has been an important and sometimes outspoken voice in the security industry. He founded the firm Counterpane Internet Security (later sold to BT), and is also a board member of the …
It's a deferred threat. Encrypt them so that you cannot (currently) decrypt them, stash them somewhere. If they're deleted, you don't lose much. You can't be coerced to decrypt them because it's not possible for you to do so.
Under pressure, you could release them into the public domain and THEN... well, there's some clever bastards out there.
If he encrypted them using someone else's public key
Yes (or more precisely using a symmetric cipher and an ephemeral key, which in turn was encrypted with someone else's key). Or used a key-splitting protocol, so M of N key holders would have to cooperate in order to recover the ephemeral key. Or used an ephemeral key and shared part of it with some collaborators, so the remainder would have to be brute-forced even with the assistance (or compulsion) of a collaborator.
Hell, you could treat the entire corpus as a secret and split it among collaborators. (The simplest approach is to give every Mth byte, mod N, to the Mth of N collaborators.) That's not encryption per se, but it's an easy way for someone to get rid of sensitive data while leaving the possibility of recovering it later.
There are all sorts of possibilities between "he still has access" and "no one will ever have access" (i.e., the data was irrecoverably deleted).
I thoroughly fail to share his enthusiasm about being spied on by the US instead of, say, Russia. Actually, I sort of see it the other way around; I'd be hard-pressed to think of an entity throwing its (considerable) weight around in the world with more wanton disregard for, well, everybody else than the 'land of the free'.
Not to mention, one's own government (or a close ally) poses a more immediate threat. If they take a dislike to you they can have arrested or worse at a moment's notice. China and Russia are both less likely to care and less able to act on anything they learn about me.
Hypothetically, of course.
I have to agree. I go into the US for conferences. I go into the UK for same. I live here at home. I have nothing to do with China or Russia nor do I ever expect to. If China and Russia want to spy on me, I'm perfectly okay with that.
The US, however, I'm not okay with. I have to go through their border patrol. Those guys are the bottom of the barrel to begin with, but they have absolute power. They decide based on their gut instinct and fuck all else the course of the rest of your life. I'm not okay with the USA spying on everything I do just so they can present some information to their overworked, underpaid and undereducated border guards to take completely out of context.
China spying on me doesn't impact my life at all. The USA spying on me can ruin it.
I thoroughly fail to share his enthusiasm about being spied on by the US instead of, say, Russia.
As with all things security, it depends on your threat model. Clearly it is not true for every individual and organization that "being spied on by the US" is less of a risk than "being spied on by Russia". Neither is the converse true.
For example, at the present moment, I personally am not likely to suffer direct adverse effects due to my communications being monitored by any national government (however much I might find it an abhorrent breach of basic civil liberties). I estimate that I am at somewhat more risk should that information fall into the hands of unscrupulous private parties. So my threat model for this area is "what national government is least likely to leak the information they shouldn't have gathered about me in the first place"?
And under that rubric, I trust the US a bit more than Russia. Only a bit, mind you, particularly when the US Federal government makes such data available to the lower echelons of law enforcement who, being closer to the ground, have more incentive to abuse it. But still.
"I estimate that I am at somewhat more risk should that information fall into the hands of unscrupulous private parties...under that rubric, I trust the US a bit more than Russia."
Wow, in no way do we think alike here. While I agree there is a very critical threat model of personal information getting into the private sector (where it will be abused), I view the USA as far more likely to loose this info than Russia. Russia might sell some info to the mob, but the USA will make selling it legal.
If the mob gets your credit card, you are inconvenienced and you get a new card. The bank reimburses you because their security was breached.
If the USA sells all your info to insurance companies, suddenly you find you can't be covered for anything, ever, without forking over $_virgins. Meanwhile every advertising company on the planet has your full psychological profile and are able to coerce you into buying things you don't need using methodologies custom-tailored so that you cannot resist.
The USA is a far bigger threat with mass data than Russia. Hoodlums - organized or not - can be dealt with. Banks, insurance companies, and advertisers powerful enough to buy up the world's supply of group psychology PhDs cannot.
The security services are there to protect the nation and thus you. You must really have an inflated ego if you think any spy gives two craps about you. All the data is aggregated and only those thought to be doing something wrong are flagged.
If no different to walking down the street. The police will only intervene if they think you're up to no good.
So get your panties out of a twist.
I'm "getting my panties in a twist" because:
1) I'm a law abiding, tax-paying citizen of the U.S., but I have no idea if I might be getting surveilled because of my publicly stated beliefs that governments shouldn't be gathering communications data on law-abiding, tax-paying citizens.
2) Am I getting surveilled by other governments because I work in the economically and strategically vital tech sector and I handle confidential corporate customer, bid/contract and product data? Who knows?!!
3) If the U.S. government were to announce today that they've stopped gathering data on law-abiding, tax-paying citizens, could they be believed? Did they just outsource the surveillance to GCHQ or someone else?
4) And quite frankly, your contention that the government only ever grabs the guilty is niave. Trust me, they have few compunctions about leaning on someone they are pretty sure they can't convict to get to those they view as higher priority targets. They lean on the innocent to keep them from doing things that might be counter to government policy, but not illegal. They lean on the innocent to make a political point about how tough they are being from a regulatory or law-enforcement perspective.
5) And all these programs are highly classified, and can be very untargeted. The Guardian today just released a story about the GCHQ intercepting pictures from Yahoo! chats, but apparently the GCHQ can't separate these feeds by country of origin, and some of the pictures and video are sexually explicit. So technically, your daughter could be sexting her boyfriend or husband, and it could end up at GCHQ. And if the GCHQ can't separate these even by country, how can they claim that this program is looking for terrorists, hostile spies or organized crime?
"You must really have an inflated ego if you think any spy gives two craps about you. All the data is aggregated and only those thought to be doing something wrong are flagged."
OK, I'll bite. As we know anyone who works for the security services must be, by definition trustworthy, and competent, and in no way perverted and sleazy. Not. And are the things you've done 'wrong' that caused you to be flagged necessarily things that would be considered wrong by anyone except the NSA and GCHQ? Such as saying things they don't like? Or winning contracts they'd really prefer their thieving, corrupt cronies to have?
That's before you consider the purposes of monitoring people 'thought to be doing something wrong' - unless you think murdering someone in cold blood with a drone strike without first bothering to confirm their identity, let alone guilt, rather than just the location of the phone constitutes 'justice'. The thinking comes before the typing. Try it sometime.
It will be sooner than later when some government leaders will use this data against the political opposition. The degree of spying is far greater than needed to prevent terrorism. Only the future will reveal the true purpose of this massive spying. I'll bet it won't be very pretty.
"The security services are there to protect the nation and thus you. You must really have an inflated ego if you think any spy gives two craps about you. All the data is aggregated and only those thought to be doing something wrong are flagged."
The storage and processing have grown so cheap that it's possible to snoop on everyone
So the do.
"The storage and processing have grown so cheap that it's possible to snoop on everyone. So they do."
Which is another aspect of what Bruce said about needing 10 records in a database of 10,000. Not only is it possible to snoop on everyone, it is actually easier to snoop on everyone and figure out later who you actually wanted to be snooping on.
Government snooping is one thing. Governments actively undermining my security is another.
Lets say I secure a system using RSA products to make it difficult for unethical competitors (I'm looking at you China) to compromise commercially sensitive information or original research.
I find the NSA have nobbled the encryption so they can snoop if they choose to (why would they want to? Who cares about me?).
If China has realised the product is flawed (nobbled or accidental) they will undoubtedly look to leverage that.
Outcome is having spent money and effort on trying to secure a business, the government is potentially exposing me to my foreign competitors.
If they think my company is committing fraud or doing something dirty they can get a WARRANT and they can come and take the servers away and forensically examine them. IN PRIVATE.
As opposed to examining them in the town square where anyone is at liberty to come peer over their shoulder.
We're not (just) talking about people emailing Aunty Mabel, we're talking about compromising business services and corporate intelligence. Although the idea of them snooping through nudy photos between husband/wife boyfriend/girlfriend is equally unsettling.
The answer - ultimately - is open source reference algorithms in open source software that multiple mathematicians and software engineers in multiple countries, some working in industry, some in academia, can independently sign.
And then use it for everything, including emails to aunty mabel.
"If no different to walking down the street. The police will only intervene if they think you're up to no good."
I've personally had my life made a misery by the police on occasion on both sides of the pond for no better reason than my face didn't fit, based on some narrow small town cop prejuduce. You really don't have to do anything wrong to get your collar felt, as a great many otherwise law abiding people find to their cost. Hardly a surprise then when the police find themselves the objects of public distrust and derision.
I'd be careful that panty twisting thing of yours doesnt earn you an informal interview with PC Savage and friends.
>only those thought to be doing something wrong are flagged.
What about when going on a countryside alliance march, a protest about a new road or a school closure gets you flagged?
Or you get flagged because you have the same name as somebody else, and that gets you on a no fly list, or you suddenly can't buy computer parts from Farnell in Australia because another John Smith is on the OFAC list.
Or you work for a company that competes with a US outfit with better connections and you are targetted. Your employer doesn't get the sale because of the confidential info they found on your phone and you are one of those made redundant.
The NSA has been gathering giggly-bytes of information for the last 13 years and ADMITS that they have not really stopped / prevented / even identified / any terroristic threats / plots with their catch-everything data dragnets. So what are they doing with those giggly-bytes of data? That's what I am worried / fearful of. If you are not, then I'd suggest you are the perfect person for me to sell a bridge to.
The police will only intervene if they think you're up to no good.
In my own experience, there are officers out there who can make up any excuse in the world to meet their stop and search quota.
My favourite was "seen in an area known for drug use". Really? Would that be.. uhm.. everywhere?
I even saw the pair of them next day and one of the cheeky fuckers asked me if I enjoyed "being processed".
I asked him if he'd be more worried if I said yes, sweetie. Well that one triggered a nervous laugh. I just got on the bus as it had just arrived. Never seen 'em since. Still got the chit though.
And don't get me started on the "processing" I got for the reasons of "seen filming a police officer"...
> You must really have an inflated ego if you think any spy gives two craps about you.
I don't think anyone gives two craps about me - at the moment. But do I think that no-one will ever give two craps about me ever in the future ? Who knows.
Lets take a real world scenario. Every 10 years in the UK we have the official census, in which we have to (under threat of punishment) list everyone living at an address together with age, sex, ethnicity, religious leanings, and a load of other stuff.
Is that a problem ? Well not right now. But rewind a few decades and pop across the Germany in the 30s. Was it a problem back then that they were "cataloguing" everyone with ethnicity/religious data ? Well no, it wasn't a problem at first.
But you may recall that a large chunk of the population later found out that it was a big problem when a later government was less benign and used that catalogue to round up and murder certain sections of the population.
Is that likely to happen again ? Who knows. Probably not in my lifetime in "the west", but it's clear that worldwide the issue is far from relegated to history. So the problem isn't "do I have to worry about who is doing it now", but it should be "do I have to worry about god knows who having access to that data in the future" - to which the answer is "yes - because I have absolutely no idea who I might have to worry about in the future".
"So the problem isn't "do I have to worry about who is doing it now", but it should be "do I have to worry about god knows who having access to that data in the future" - to which the answer is "yes - because I have absolutely no idea who I might have to worry about in the future"."
The same issue with the UK's National Identity Register, not the ID card per se, the cradle-to-grave surveillance it enabled.
Troll or fool? It's so difficult to tell. (Perhaps in the end there is no difference.)
I don't want the State "protecting me" to the point that it infringes on basic civil rights, thanks anyway. It doesn't matter whether they've actually successfully protected me from any threats with their massive surveillance state (dubious), or whether they're likely to do so in the future (dubious and hypothetical). It's irrelevant whether I am now, or will ever be, a target of the State's enmity.
The results don't matter. The government's motives don't matter.
Mass surveillance is not a clause I want in my social contract.
It's built into the DNA of the kind of government we have. This is based on the idea that a government collects taxes, the primary purpose of which is to secure its citizens based upon some kind of rule of law, as opposed to banditry or mafia rule which doesn't give a toss about any laws.
And if you don't like the consequences of this kind of DNA, based around the idea of government as having a monopoly over the exercise of power, then make this kind of government something we can progressively defund by supporting another kind, enabling us to vote how taxes are spent in a more direct and decentralised way: http://copsewood.net/writings/kaytax.html
According to what I understood a knowledgeable commentator on NPR a couple of weeks ago to be saying, the President would simply have to change the duties of one person and have them assumed in toto by another to comply completely with his "new policy" without materially altering the process at all.
And even that is ultimately not terribly relevant, since the Office of the President has no real way of ensuring the intelligence agencies are following the law, or of sanctioning them for violating it.
We now have an intelligence-industrial complex to join the others1 we produced during the twentieth century, and nothing short of a major civilization-altering event will put that genie back in the bottle. A great many people, vast vested interests, and a hugely convoluted system of interacting organizations is entirely capable of maintaining itself in the face of any amount of popular opinion, political grandstanding, and legislative and judicial action. It will periodically have to adapt, but it will not go away.
1The classic one is the military-industrial complex Eisenhower warned of, of course, but there are other similar public-private entanglements, such as the prison-industrial complex Angela Davis inveighed against four decades ago. Heilbroner famously declared that capitalism's political dividend was tension between the public and private sectors that helps keep both in check; unfortunately they're prone to collusion.
The problem won't be solved by political pressure, but by economic pressure. Nobody gives a crap about my privacy... but there are hundreds of billions of dollars at stake even in the short term - and orders of magnitude more, in the long term, globally. As Schneier has rightly pointed out, our economy runs on trust, and the NSA has rather foolishly destroyed almost all of it.
If I was Satya Nadella, I'd immediately announce that Microsoft was going to bat against the US government's security policies, throwing at the problem just as much money, and as many lobbyists, as it takes. Same for the heads of Google, Apple, AT&T and every other big US corporation. They have nothing to lose, and everything to gain. If they don't do it, some other nation will - their big IT companies will get together with the government and establish procedures to build user-verifiable trust. Once that happens, Silicon Valley will never again be the center of the digital world.
Wouldn't it be hilarious if it was Russia that did it first?
"Once that happens, Silicon Valley will never again be the center of the digital world. Wouldn't it be hilarious if it was Russia that did it first?"
Nah. *Hilarious* would be if all the people currently working in Silicon Valley saw which was the wind was blowing and *relocated* to any country willing to guarantee the necessary freedoms. No way would that be Putin's Russia, but other countries exists and over the longer term the US needs to be something other than a "this'll have to do" option.
Nobody gives a crap about my privacy...
Except you of course, and those who care for/love you. Just as you care about their privacy.
The problem now is an agency of government has decided that you can't have privacy, irrelevant of anything you think or feel about that.
So it's not just about money. It's about privacy... and yes corporate privacy is a part of that, but the personal privacy is a bigger issue, because the personal privacy is EVERY single persons privacy, not just the privacy of corporate communications.
I'm in Canada, a dual Canadian/UK citizen.
I'm never going to visit Russia or China. I do not care if I am on their "no fly lists".
Russian and Chinese network spies are not my neighbours. I do not need to worry about them stalking my teenage daughter.
And Russian and Chinese companies do not compete with my employer.
The USA and UK, they export the same sorts of goods and services Canada does. Our corporate secrets are much more valuable to them.
Politically, Canada does much more trade with the USA than it does with China or Russia (and the USA does more trade with Canada than it does with China or Russia or anyone else).
That means the USA has much more motive to spy on our companies than China or Russia do.
Presumably you're at work again so posting as AC to make it harder for your bosses to spy on you?
They can't tell the good guys from the bad.
Maybe the advent of watching the leaders of the spying agencies sit in front of elected overseers and lie has made the 'sheeple' wonder if there are any good guys?
Maybe the revelations that show all this spying malarky wasn't about terrorosm at all, but about industrial espionage, and stealing commercial information, has made the 'sheeple' wonder if there are any good guys?
Maybe the revelations that agencies charged with securing nation states think recording webcam pornography for review, so they can inform their bosses that webcam networks are carrying an awful lot of person to person pornographic content (which they disapprove of), has made the 'sheeple' wonder if there are any good guys?
Taking that last point Matt, what do you think of the revelations that GCHQ have been watching person to person webcam sex sessions? Which of course they must have done so they could pass their disapproving opinion about it onto their bosses. I assume you've some justification for them being allowed to do that, maybe some explaination about how it fits into preventing terrorist attacks?
Tell me Matt whos private sex sessions do you think the spooks at GCHQ were watching when those bombs went off in Iraq? Cause they weren't looking for terrorist activity that day, were they Matt?
What fucking good guys?
From the first page of the article:
> So what's your solution?
>You can imagine some future technology where you can prove assurance, where you
> can prove that a piece of software or hardware does what you believe it does and
> nothing more. That's not beyond the realm of possibility.
Wrong. It is beyond the realm of possibility. I would have expected Bruce Schneier to be aware of the halting problem. Turing proved that there is no possibility to provide a procedure that will determine if a given program will halt (terminate). As any specific action can be mapped to termination (when X happens halt) you cannot prove it does or does not do something.
As far as I can see, no one (apart from Gray in his short comment) has mentioned the elephant in the server room. What Schneier said implies that nobody, from here on out, can trust the Internet. Nobody can be sure of anonymity, or privacy, or secrecy, or trust - no matter what they do, no matter what technology they use or what scrupulous precautions they take. What many of us took for a civilized, relatively safe community has suddenly degenerated into the Wild West. And that is exactly what many people in government wanted all along. They hated the idea that citizens could talk to each other in private, or even form associations without the politicians and their hired thugs knowing.
The next step, I take it, will be for governments to offer to keep our precious data and communications for us - so that the nasty mean foreigners and terrorists can't get it. Of course, subscribing to such services will be everyone's patriotic duty, and anyone who refuses will be viewed with justified suspicion. And I do mean VIEWED - 24 hours a day, in microscopic detail and with no benefit of the doubt.
Biting the hand that feeds IT © 1998–2021