And how long...
... before some NSA/ GCHQ shill proposes a law to make this illegal...?
An open-source hardware project aimed at making the internet "a little bit safer" needs an influx of cash to continue its work. The Cryptech effort was created following revelations from NSA whistleblower Edward Snowden that the US government and its pals are exploiting standards and weak crypto algorithms to gain access to …
Probably not effective in Iceland, and very unlikely to pass the US Congress. They can propose what they want but are very unlikely to succeed in suppressing cryptography in the US. I can't judge about the UK, where general surveillance seems to be a bit more advanced. However, there seems to be little indication in either country that existing government surveillance activities are connected to interference with civil liberties. It might be pertinent to examine countries where cryptography already is regulated by the government.
Great, another way for organised criminal gangs and terrorists to avoid detection.
Personally I would rather forgo a little "privacy" for the reassurance that law enforcement agencies have a better chance of stopping the lunatic blowing up the plane I'm on or gunning me down in a museum while on holiday.
I have nothing to hide in any emails I send, if the CIA or GCHQ want to look at the LOL cat pictures then let them. That said I do want my credit card transactions, etc. to be secure.
If people want this level of privacy from state surveillance then they are also going to have to accept the other side of the coin which is the increased risk from undetected terror or criminal events. With the rise of fanatical organisations legitimate law enforcement needs all the help it can get to keep its citizens safe.
Security agencies are dammed if they do intercept communications and prevent attacks and dammed if they don't and people die!
Strong crypto makes it harder for paedoterrorists to stalk our CHILDREN and do horrible paedoterroristy things to them.
I would risk the odd jewel thief escaping detection due to the use of strong crypto, if it saves one child from abuse it is worth the cost.
Oh good grief, do people *still* believe this sort of nonsense?
Dear AC, you stand much more chance of being killed in a traffic accident or even getting out of bed than you do of ever being the victim of a terrorist attack. And we're all *so* glad that you have so little to hide that you are not only willing to forego *your* privacy, but everyone else's too!
Please try to understand that we (mostly) have *no* problem with the Security Services doing their job in a targeted manner, what we object to is them treating *everyone* as a potential suspect and acting as if they have a better chance of finding a needle in a haystack by making the haystack so much bigger.
PS If you "have nothing to hide" why are you posting anonymously...?
> Oh good grief, do people *still* believe this sort of nonsense?
And do you seriously believe the CIA/GCHQ has the slightest interest in you? Even if they intercepted less than 1% of all traffic they still would not have the processing power/resources to scrutinise the content of your precious emails.
> Please try to understand that we (mostly) have *no* problem with the Security Services doing their
> job in a targeted manner, what we object to is them treating *everyone* as a potential suspect and
> acting as if they have a better chance of finding a needle in a haystack by making the haystack so
> much bigger.
That's right they need to only target the criminals and terrorists, remind me again the criminals are the ones with the little black masks and bags of swag over their shoulders and the terrorists have the balaclavas and AK-47s? If it hadn't escaped your notice real-life is not like a stereotyped cartoon, criminals and terrorists don't look like criminals and terrorists otherwise they would not get very far. How do you expect to target the bad guys if you don't first filter out normal innocent individuals.
>don't look like criminals and terrorists
They do however look like union leaders, anti-iraq war campaigners, families of black murder victims where the police fscked up the investigation, greenpeace/cnd members, future labour cabinet ministers - and all the other potential terrorists the security services targeted
While both points have some merit, they somewhat miss a more important one. Under US law, and I believe also the law of most English speaking nations, a citizen may disclose information to law enforcement personnel or agencies, but ordinarily is under no obligation to do so much beyond personal identification. In the US, at least, that right also extends to foreigners who are legally in the country. We require that agents of the government provide a presumptively disinterested court with a good reason before compelling disclosure of information, and maintain the polite fiction that even individuals caught while committing criminal acts are innocent until a jury has considered the evidence and returned a verdict of guilty. It doesn't always work out well - the laws don't always make sense, there are too many of them, prosecutors overcharge to force plea bargains, and so on - but in many respects does an acceptable job.
You are free, if you wish, to reveal your communications by declining to encrypt them (knowing that they will be accessibly by many more than government agencies). I, on the other hand, am free (and wish to remain so) to encrypt whatever I wish and decide if the situation arises whether to unencrypt for someone, not necessarily an agent of my government, who wishes access, or to refuse and accept whatever the consequences might be.
Another point is that universal data collection and analysis, as in John Poindexter's "Total Information Awareness" plan, was thought creepy at the time and its successors are very unlikely ever to succeed in the aim of providing advance warning of low probability terrorist attacks. At best, having a pile of searchable communication data may allow identification and capture of those responsible for a completed attack or crime, and access to a significant part of the data stream may allow tracking those thought likely on other grounds to be criminals or terrorists. For domestic criminals or terrorists the norm should be search based on a warrant.
How do you expect to target the bad guys if you don't first filter out normal innocent individuals.
By making the police doing the policing job we pay them for, instead of creating a large puddle of statistical data they can pick and choose from to build a case purely based on circumstances (which is another word for meta data).
If you focus on finding criminals instead of having to discard most of the population as innocent first you end up with a much more efficient approach, and may end up respecting and creating reliable HUMINT again, which is the single most important information asset you can have (which also costs a lot less, btw). Your preferred approach is equivalent to going to a busy shopping street on a Saturday and jail every 10th person without any form of trial.
It is a statistical certainty that by doing so you will catch a couple of bad people, all it takes is an equivalent trivialising of the basic human rights of those other unfortunates who are now locked up.
"If you focus on finding criminals instead of having to discard most of the population as innocent first you end up with a much more efficient approach, and may end up respecting and creating reliable HUMINT again, which is the single most important information asset you can have (which also costs a lot less, btw). Your preferred approach is equivalent to going to a busy shopping street on a Saturday and jail every 10th person without any form of trial."
But when the criminals know your tricks, they can hide in plain sight resulting in near-perfect sleepers who leave no tracks until it's too late, and by too late we're now talking about potential situations which can make 9/11 look like a picnic. It doesn't matter if they're low incidence because they're high consequence events that make the public shout at the government why they didn't do better. The thing is, the governments are running out of techniques. HUMINT is practically useless against cliques who know everyone around them insist on initiations that no mole would be allowed to undertake.
A good argument for surveillance of the police. They know all the tricks, they are truly dangerous! Let's create the popolice to police the police to guard against that. And then we need the popopolice to do surveillance on the popolice.
> If I'm not interesting, why do they want to look at my stuff?
Well obviously the AC agrees with the Police and Security Services that you *might* do something, so it's far better to keep an eye on you "just in case" than risk missing spotting you being a naughty boy!
Cash doesn't necessarily allow the underworld to work, it's just the easiest thing for them to use over barter or a substitute currency like gold dust. If all cash were to disappear tomorrow, they'd quickly settle on something else, much as how the world of Fallout happened to settle on bottlecaps...
The security of financial transactions and cat pictures are inseparable. Law enforcement officials do not have a much greater problem with good encryption, in reality, than they have with physical mail and opaque envelopes. The fact that they can obtain court orders that allow them to open and examine the mail still does not give them access to the contents if it is encrypted or encoded.
As others doubtless have mentioned, if communications are to be secure from criminals they will, necessarily, be secure as well from governments. The "master key" proposed by some would be a target of enormous value to a great many people, some of them quite nasty and willing to go to great expense and effort to obtain it, even if split. If it exists, the probability and costs of compromise are unacceptable.
Yeah, 'cause they're doing such a bang up job of catching the terrorists now with the existing crypto. Can you point to a single incident where breaking an encrypted communication actually stopped an attack? No? Didn't think so.
The security agencies these days are damned for not doing their jobs. They spy on the innocent and let the evil continue because they're drown in the flood of useless data gleaned from the communications of the innocent.
Back in the day I had a lucky escape from being a terrorist victim (I handled a booby-trapped weapon in the course of my job). So do I support all this surveillance? No. It implies a suspension of the presumption of innocence which is one of the basic elements of freedom under the law.
This post has been deleted by its author
Great, another way for organised criminal gangs and terrorists to avoid detection.
Personally I would rather forgo a little "privacy" for the reassurance that law enforcement agencies have a better chance of stopping the lunatic blowing up the plane I'm on or gunning me down in a museum while on holiday.
Well, here's a proposal for you which is a simple, direct, real life implementation of what you're proposing.
Move to a dodgy neighbourhood, and once you've got all you gear in place, remove all the locks on your doors. Yes, that's right, just leave it open. You're allowed hairpins to keep the draught out, but nothing more. Don't like it? Then why sing along with those that propose its digital equivalent?
You see, agencies have legal abilities to get your data, but there is close to NO obligation for them to keep it secure afterwards, and we know they're really good at checking the intentions of all the people that work for them - and that is just ONE of the fairly large list of issues with uncontrolled entities being allowed to rummage through your life with gay abandon.
"...they are also going to have to accept the other side of the coin which is the increased risk from undetected terror or criminal events."
There is no such things as zero risk. Ticking every box on the security services fantasy christmas list may reduce one type of risk, but it will certainly introduce a dozen more that may have the capacity to threaten a free society entirely. The most noticeable effects of RIPA was not an increase in the detention of paedoterrorists, but an explosion in the disproportionate use of the law by local authorities chasing down such heinous crimes as parents abusing school catchment areas, or attempts to discredit vociferous objectors to local planning decisions. Almost all of the illiberal laws passed in to the UK since 2000 have seen primary use as abuses of power without ever producing meaningful results in the area they were supposed to address. Almost all of these abuses were pointed out well in advance, but objections were ignored or those making them smeared.
In short, I simply do not wish to live in the world the OP proposes, because those to whom he would wish to hand the power have demonstrated so amply exactly why they should never be trusted with it without severe limitation and oversight.
I like how you think.
Can we "opt in" for the current Party Politics setup as well please?
The way I see it if enough people don't vote (at all) then a new system of government that actually represents its citizens could be "voted for" as that would mean "the people" don't accept the authority of current government.
I'm not proposing anarchy, just change.
And, worst case, say PP survives... what if voting meant filling in a questionnaire covering lots of different (divisive) issues, and the results were mapped to the closest matching party? Nah, I prefer the smug leader on the left with the pink tie and the monocle, he looks fun. But sir, that's the leader of the Mandatory Suicide party. So what, the tie, man... The tie!
> what if voting meant filling in a questionnaire covering lots of different (divisive) issues, and the results were mapped to the closest matching party?
As for the "don't vote" idea, unfortunately there's no way to tell the difference between that and apathy. At the very least, show up to spoil your ballot paper to register your protest, otherwise you end up with the nonsense of the Police and Crime Commissioners' election where some got in with less than 15% of the votes.
"... otherwise you end up with the nonsense of the Police and Crime Commissioners' election where some got in with less than 15% of the votes.
The difference with the PCCs was that it was understood that they were largely irrelevant. I'd agree re spoiling the ballot as things stand, but I'd really prefer to see a mass no-show of significant numbers because below a certain percentage claiming victory or legitimacy just wouldn't be sustainable, and I think that is well understood in political circles. My guess would be <50 percent forcing a rerun at least, but I'm pretty sure a turnout below 40 would force a very rapid rethink, the most likely result of which would almost certainly be PR of one kind or another. Even with the results and turnout that are likely, first past the post looks increasingly unsustainable.
> As for the "spoilt vote" idea, unfortunately there's no way to tell the difference between that and stupidity.
"Stupidity" is your word. I used the word "apathy".
There's a difference.
And even if there was a massive no-show (like when Blair got a "majority" with 34% of a 60% turnout) it wouldn't matter, because whoever got in would still declare that they had a mandate to do what they liked.
The only way to get their attention is to either a) spoil your paper or b) vote for a "minor" party (ie not LibLabCon) and demonstrate just how broken our First Past the Post system is.
There's a big difference; spoilt ballots are confirmed with the candidates or their representatives by the returning officer. The "stupid" ones are argued over if they look like someone misunderstood how to do it, ringed the box or whatever, before some agreement is finally reached. Those with "none of the above" or whatever clearly written in a blank area can't be construed as 'looks like they meant to tick Labour'. They are eventually all tallied together, but do receive a degree of scrutiny, so a sufficiently well supported campaign of ballot spoiling where everybody repeated exactly the same thing, clearly and legibly would I think have an impact because you can be sure each one is seen by operatives from all parties.
I'm sure it would get wider discussion even if its only word of mouth internally, but the two main parties would be very likely to take note as these days both only dominate because of FPtP, and its preservation is clearly an abiding interest of theirs. Probably one of those rare occasions where a few 'democracy in crisis' headlines in the Daily Fail is worth its weight in gold.
My entire adult life I've lived in seats so safe that my vote (never for one of the main parties) has been basically meaningless. To my mind, this just isn't democracy when the collective national (or even regional) vote for party X would have equated to half a dozen seats or so.
Now put that against the cost, not only monetary value but the cost of losing your freedom and for what?
What's the end game here? Population control, Subvert the masses, or just work out better ways to sell me things I don't actually need that end up in cupboards.
What's the end game here? Population control, Subvert the masses, or just work out better ways to sell me things I don't actually need that end up in cupboards.
AFAIK the first two. Surveillance always gets a significant ramp up if those in charge are either up to no good in the future, or already have something to hide. If you need a recent example, just look at how surveillance increased during New Labour, and what the end result was for the nation's finances. This is why the Conservatives' attempt to sing along with it worries me no end.
I haven't found a proper causation, but there is definitely a fairly direct correlation between just how much democracy is actually available to citizens and the amount of surveillance deployed. It's about respecting the rights of the individual.
This post has been deleted by its author
This post has been deleted by its author
Paypal?
Maybe they didn't want to provide the US with intelligence of who is interested. Just a thought.
Also, they probably need the money to build things - from what I hear, it is apparently easy to "encourage" Paypal to hang on to funds for even the slightest problem, and this probable use for "terrists" strikes me as one of those typical excuses Paypal loves for not releasing funds..
Wait .. it is 2015 and they are building AES-Hardware without protection against Sidechannel-Attacks?
Well, as long as the board is locked up in a sealed EMV-shielded box in your own data centre that might be acceptable.
On the plus side: They are working in the open and the roadmap looks promising. Might be worth throwing a few underlings aspiring towards their masters degree on this.
I suspect such side-channel attacks are only a real problem for remote equipment, or DRM applications where the end user/customer/dupe also "owns" the hardware that is intended to oppress them.
If you are enough of an intelligence agency target to have probes attached to hardware in your own business or home, I doubt the finer points of hardware design will be your biggest problem...
Now there's a rallying tagline if I've ever heard one.
Presumably it comes with a pink security sticker:
Please don't hack our cute HSM or we will be weally weally angwy
That plus the broken cert on the website doesn't inspire much confidence.
Is that you again, Rob Wainwright, with the FUD?
No, Rob is actually quite above board - he'd use his name.
He has spoken his mind, but he doesn't do underhand things, it's not his style.
I may disagree with his line of thinking, but I do respect the way he works - he gets results without breaking the rules (even if he doesn't like them :) ).
Just guessing, but:
I'd hope the thing was thoroughly audited by someone else before shipping - finding that someone will cost something.
Getting set up to manufacture, even with limited runs can be an expensive proposition. You might be able to design and build a rough prototype for 50, but good luck getting any manufacturing plants interested without
a) a high cost small run
b) a lower cost, guaranteed run of a given quantity
It's not like they're planning on building these hsms in their garage, is it?
The other option is to not raise so much upfront, and hold orders until the manufacturers minimum run size is achieved. IME that's insanely frustrating when you're wanting to get your hands on the thing.
But to build a high-security module that's resistant to acoustic, electrical, and other forms of side-channel attacks, you need way more than a halfway-competent designer. You basically need an expert or three poring over every little detail for a significant amount of time. It also means going beyond the FPGA design and onto a more-dedicated chip design where every detail, even on the electrical level, can be scrutinized with the utmost care.
This post has been deleted by its author
Not to target this project in particular, but if you use the crypto for non-ephemeral encryption, you need to defend against the device breaking/being stolen, so there better is a printout of a hexdump of your private key somewhere to initialize the replacement, right? So all the blackboxing of the hardware will only help you so far, because you don't generate the key on the device (and you have a physical copy) and with a threat level where you're worried about needing open-source hardware, all devices that could feasibly generate your key are compromised and the agencies will have access to your safe deposit box with the printout.
I'll get my coat, it's the one that doesn't have the crypto token in the pocket, because I don't leave that in my coat.