Simson Garfinkel analyses Skype - Open Society Institute

John Kelsey kelsey.j at ix.netcom.com
Mon Jan 31 10:31:09 EST 2005


>From: Adam Shostack <adam at homeport.org>
>Sent: Jan 30, 2005 1:09 PM
>Subject: Re: Simson Garfinkel analyses Skype - Open Society Institute

>   That's a very interesting point.  There are clearly times when it's
>the case.  I suspect, with no data to back me up, that a form of
>hyperbolic discounting occurs here:  The family member who is clearly
>present ends up dominating consideration, and the less
>likely/understood eavesdropping threat disappears.  (As does the 'yell
>for attention, pick up another extension attack,' but that's another
>story.)

I think there are two parts to this.  First of all, this may be a case of simply not understanding the implications of the loss of privacy to sophisticated eavesdroppers.  I tend to think this is the case with a lot of privacy issues (like grocery store bonus cards), but not here.  Second, this may be a correct evaluation of the relative risks.  Until the set of eavesdroppers who listen in on digital cellphone traffic becomes pretty large, most people aren't very interesting targets for eavesdropping, at least not in terms of making any profit from it.  Most people don't have a lot of money or power to reward blackmailers, aren't in a position to leak confidential, high-value data, aren't likely to end up in some powerful elective or appointed office, and aren't discussing information that would let an eavesdropper make a profit from it directly.  On the other hand, keeping secrets from your parents about who you're dating and what you're doing with them is really common among teenagers.  Embarassing personal revelations that you would be humiliated to disclose to your coworkers or roommates are a lot less embarassing if they're heard by some FBI agent who listens in all day--that guy is going to be as hard to shock as a priest or a doctor, and he'll presumably never show up at work and start a rumor about you.  High tech criminals trolling for blackmail material might be interested in your affair with your best friend's wife, but not if you don't have any substantial assets lying around waiting to be sold off for hush money.  Probably most people haven't thought through this at great depth, but I think most people who think of the FBI listening in on their calls aren't all that concerned about the consequences to themselves, and I think they're correct.

This isn't an endoresment for cordless/cell/VOIP phones without crypto, just a comment about why it's hard to get people to pay extra for adding crypto to those phones.

>Adam

--John

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list