[Cryptography] Old tech rulez!
ianG
iang at iang.org
Tue Dec 24 04:58:30 EST 2013
On 23/12/13 21:34 PM, dan at geer.org wrote:
>
> > What the recent revelations really show is that the NSA is abjectly
> > incompetent at its real job which is making America safe. They have
> > failed to protect the confidentiality of US government secrets.
> > They were pwned by a 29 year old contractor.
>
> It is said that the most important legacy for an executive
> is what did not happen on their watch. In a complexifying
> world, the list of things that did not happen (the numerator)
> becomes as inestimable as the list of things that could
> have happened (the denominator), thus reducing conversations
> on a given legacy to the listing of anecdotes.
Yes. The problem is that the number of risks is huge, and you have to
accept some. Insider threats are mitigated, but you cannot ever get
over the fact that insiders are human and don't bend well to risk
analysis or tech or rules.
Outsiders can never understand that. You've gotta take some losses on
the chin, elsewise you're in fantasy land.
> In the meantime, what do you think of the Russians going
> back to typewriters? To be crisp, on a scale from paranoid
> fantasy (0) to unshakeable genius (100), where would you
> place the mark?
There is historical precedent on switching to old tech [0]. The Battle
of the Bulge was a surprise attack because Adolf Hitler -- himself only,
and not his generals -- did not trust the crypto and comms anymore. He
got suspicious about how many battles were going the enemy's way.
In his last roll of the dice, Hitler sent all the orders by motorcycle
riders [1]. Total surprise.
iang
[1] Sorry, I don't have a reference. Ob crypto: the allies were
reading the Enigma traffic. Those that don't read history are doomed to
repeat it ...
[0] as well as Hollywood precedent: the line "Old tech rulez!" comes
from _Mercury Rising_ a well recommended entertaining film about crypto,
albeit based on a slightly unrealistic premise.
More information about the cryptography
mailing list