The wisdom of the ill informed

Nicolas Williams Nicolas.Williams at sun.com
Mon Jun 30 15:08:05 EDT 2008 

On Mon, Jun 30, 2008 at 11:47:54AM -0700, Allen wrote:
> Nicolas Williams wrote:
> >On Mon, Jun 30, 2008 at 07:16:17AM -0700, Allen wrote:
> >>Given this, the real question is, /"Quis custodiet ipsos custodes?"/ 
> >
> >Putting aside the fact that cryptographers aren't custodians of
> >anything, it's all about social institutions.
> 
> Well, I wouldn't say they aren't custodians. Perhaps not in the 
> sense that the word is commonly used, but most certainly in the 
> sense custodians of the wisdom used to make the choices. This is 
> exemplified by Bruce Schneier, an "acknowledged expert,"  changing 
> his mind about the way to do security from "encrypt everything" to 
> "monitor everything." Yes, I have simplified his stance, but just to 
> make the point that even experts learn and change over time.

What does that have to do with anything?  Expert != knowledge cast in
stone.

> >There are well-attended conferences, papers published online and in many
> >journals, etcetera.  So it's not so difficult for people who don't know
> >anything about security and crypto to eventually figure out who does, in
> >the process also learning who else knows who the experts are.
> 
> Actually I think it is just about as difficult to tell who is a 
> trustworthy expert in the field of cryptography as it is in any 
> field of science or medicine. Just look at the junk science and 
> medical studies. One retrospective study of 90+ clinical trials 
> found that over 600 potentially important reaction to the drugs 
> occurred but only 39 were reported in the papers. I suspect if we 
> did the same sort of retrospective study for cryptography we would 
> find some similar issues, just, perhaps, not as large because there 
> is not as much money to be made with junk cryptography as junk 
> pharmaceuticals.

The above does not really refute what I wrote.  It takes effort to
figure out who's an expert.  But I believe that the situation w.r.t.
crypto is similar to that in science (cold fusion frauds were identified
rather quickly, were they not?) and better than in medicine (precisely
because there is not much commercial incentive to fraud here; there is
incentive for intelligence organizations to interfere, I suppose, but
here the risk of getting caught is high and the potential cost of
getting caught high as well).

> I'm curious, how does software get sold for so long that is clearly 
> weak or broken? Detected, yes, but still sold like Windows LANMAN 
> backward compatibility.

I thought we were talking about cryptographers, not marketing
departments, market dynamics, ...  If you want to include the latter in
"custodes" then there is a clear custody hierarchy: the community of
experts in the field is above individual implementors.  Thus we have
reports of snake oil on this list, on various blogs, etc...

So we're back to "quis custodiet ipsos custodes?"  Excluding marketing
here is the right thing to do (see above).  Which brings us back to my
answer.

> >When it comes to expertise in crypto, Quis custodiet ipsos custodes
> >seems like a relatively simple problem.  I'm sure it's much, much more
> >difficult a problem for, say, police departments, financial
> >organizations, intelligence organizations, etc...
> 
> Well, Nico, this is where I diverge from your view. It is the 
> "police departments, financial organizations, intelligence 
> organizations, etc..." who deploy the cryptography. Why should they 

In my experience market realities have much more to do with what gets
deployed than the current state of the art does; never mind who the
experts are.  "We'd love to deploy technology X, but in our
heterogeneous network only one quarter of the vendors support X, and
only if we upgrade <large number> systems, which requires QA testing,
which..." -- surely you've run into that sort of situation, amongst
others.  Legacy, broken code dwarfs snake oil in terms of deployment;
legacy != snake oil -- we're allowed to learn, as you yourself point
out.

Nico
-- 

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list