[Cryptography] Opening Discussion: Speculation on "BULLRUN"

ianG iang at iang.org
Sat Sep 7 03:19:10 EDT 2013

On 7/09/13 01:51 AM, Peter Gutmann wrote:
> ianG <iang at iang.org> writes:
>> And, controlling processes is just what the NSA does.
>> https://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/oss_sabotage.html
> How does '(a) Organizations and Conferences' differ from SOP for these sorts
> of things?

In principle, it doesn't -- which is why SOPs are saboteur's tools of 
preference.  They are used against you, as the lesser experienced people 
can't see the acts behind [1]

The point is one of degree.  SOPs are there to resolve real disputes. 
They can also be used to cause disputes, and to turn any innocent thing 
into a fight.  So do that, and keep doing that!  Pretty soon the org 
becomes a farce.

In contrast, strong leadership (the chair) knows when to put the lid on 
such trivialities and move on.  So, part of the overall strategy is to 
neutralise the strong chair [2].  As John just reported:

   *  NSA employees participted throughout, and occupied leadership roles
      in the committee and among the editors of the documents

Slam dunk.  If the NSA had wanted it, they would have designed it 
themselves.  The only conclusion for their presence that is rational is 
to sabotage it [3].


[0]   SOPs is standard operating procedures.
[1]   This is the flaw in "don't attribute to malice what can be 
explained by incompetence."  Explaining by incompetence does not 
eliminate that malice inspired incompetence.  Remember, we are all 
innoculated against malice, so we prefer to see benign causes.
[2]  this is not to say that committees are ill-intentioned or people 
are bad, but that it only takes a few with malicious intent and 
expertise to bring the whole game to a halt.  Cartels such as IETF WGs 
are fundamentally and inescapably fragile.
[3]  as a sort of summer-flu-shot, I present that document to each new 
board as their SOPs.

More information about the cryptography mailing list