Eric at Lucii.org on 18 Sep 2013 15:38:12 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
Re: [PLUG] encryption |
It's not obfuscation. If everyone (or even 10% of everyone) could encrypt their email it forces the nsa/dea/etc to expend *vastly* more resources to intercept, track, and possibly decrypt this traffic. An analogous situation is the air traffic controllers, who can't go out on strike, slowing the entire system to a crawl by following /every/ /single/ /rule/ to the letter. This is why I'm so sad to see the encrypted email services shut down although I damn well understand why they did and applaud them for it. I'd go so far as to speculate that if 10% of all the email traffic in the u.s. was encrypted there would be a strong move in the government to ban such encryption. Eric PS: I'm not digitally signing these emails because I'm in the middle of trying to set up a new key and NOW I know why almost nobody does this shit :-| If somebody could do a talk at PLUG about keys, sub-keys, and signing I'd be delighted :-D On 09/18/2013 12:00 PM, Paul Walker wrote: > At which point the discussion moves from encryption to obfuscation? > > > On Wed, Sep 18, 2013 at 11:45 AM, Eric H. Johnson <ejohnson@camalytics.com <mailto:ejohnson@camalytics.com>> wrote: > > > I should add one more important attribute, volume. Even the NSA is resource limited. If people would just more often use encrypted email, web browsing when available and alternate services such as Diaspora instead of Facebook, Duckduckgo instead of google, etc., it makes that much more work for anyone trying to monitor the activity of others. > > Regards, > Eric > > > Sent from Samsung Mobile > > > > -------- Original message -------- > From: "Eric H. Johnson" <ejohnson@camalytics.com <mailto:ejohnson@camalytics.com>> > Date: 18/09/2013 11:33 AM (GMT-05:00) > To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org <mailto:plug@lists.phillylinux.org>> > Subject: Re: [PLUG] encryption > > > > I suppose this is the point in the conversation where someone has to say that encryption is not an end unto itself when it comes to security or privacy. > > For the most part it seems that the NSA has been most effective in doing an end around on encryption by intercepting the traffic before it is encrypted, after it is decrypted or accessing the private keys used for encryption. > > If they could decrypt in real time they would not be forcing services to install monitoring software / devices on, for instance, the secure mail server used by Ed Snowden, which shut down rather than complied. Silent Circle proactively shut down their secure mail service too. > > Other attributes aiding security include anonymity, decentralization and of course the use of strong passwords. > > Even if at some future date the traffic can be decrypted, it still must be able to identify the parties to the conversation. In addition, if decentralized it will be very hard to install monitoring tools as described above where they could be of any significant use. > > Regards, > Eric > > > Sent from Samsung Mobile > > > > -------- Original message -------- > From: Andrew Libby <alibby@xforty.com <mailto:alibby@xforty.com>> > Date: 18/09/2013 11:00 AM (GMT-05:00) > To: Philadelphia Linux User's Group Discussion List <plug@lists.phillylinux.org <mailto:plug@lists.phillylinux.org>> > Subject: Re: [PLUG] encryption > > > > That's the whole hedge with encryption right? Make it > inaccessible until the value of the information decreases > enough to not matter. Frankly, that's not very long. > Most information that's sensitive is so for a relatively > short period of time. > > > > On 9/18/13 10:56 AM, Paul Walker wrote: > > As I understand it (I believe it was something disclosed in > > this keynote http://www.youtube.com/watch?v=FOFtQ6n3WR4) the > > NSA has access to the internet backbone infrastructure and > > is actually storing a large percentage of all internet traffic. > > > > Even if pgp (or any) encryption is currently unbreakable, > > it's silly to think that it is future proof. > > > > So, what I would do - if I wanted to know the contents of > > every human communication transmitted by electromagnetic > > radiation, and some of it was encrypted and unbreakable, and > > I had unlimited resources: store that stuff until such time > > as it became breakable. This is probably within the realm of > > possibility. > > > > > > -- > > Andrew Libby > xforty technologies > http://xforty.com > alibby@xforty.com <mailto:alibby@xforty.com> > 484-887-7505 x 1115 <tel:484-887-7505%20x%201115> > > ___________________________________________________________________________ > Philadelphia Linux Users Group -- http://www.phillylinux.org > Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce > General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug > > > ___________________________________________________________________________ > Philadelphia Linux Users Group -- http://www.phillylinux.org > Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce > General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug > > > > > - > > > ___________________________________________________________________________ > Philadelphia Linux Users Group -- http://www.phillylinux.org > Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce > General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug > -- # Eric Lucas # # "Oh, I have slipped the surly bond of earth # And danced the skies on laughter-silvered wings... # -- John Gillespie Magee Jr ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug