[Cryptography] GHCQ Penetration of Belgacom

John Denker jsd at av8n.com
Thu Dec 18 16:18:44 EST 2014

Hash: SHA1

On 12/18/2014 11:03 AM, Ray Dillinger wrote:

> I would fully support a UN treaty whose signers agree to charge
> at least a 100% tariff on all imports of chips, routers, switches,
> and computers.

That won't solve the problem.  It costs well over a billion
dollars to set up a modern chip fabrication line.  That by
itself is at least 0.25% of the annual GDP of Belgium, or at 
least 1% of the annual GDP of (say) New Zealand.  And chips
aren't the whole story.
  a) Suppose they collect the tariff and put it in the treasury.
   Then the users would just be getting foreign chips at a higher
  b) Suppose they actually spent the money to build their own
   fab line.  That would be a tremendously wasteful drain on
   the economy.

Free-and-fair trade is generally a good thing.  When trade is
disrupted by tariffs -- OR BY LACK OF TRUST -- everybody suffers.


A hypothesis to consider:  Perhaps other economic forces could 
be brought to bear.  The perception (whether entirely true or
not) that Cisco's revenue is suffering from post-Snowden
distrust might be enough to change behavior.  On the other
hand, if you're in Belgium, buying tech from China instead 
of the US doesn't seem like an improvement.  Commercial 
advantage would accrue to the first vendor who could offer 
products with a warranty, certified free of back doors.

I'm not sure exactly how it would work, but one could imagine
independent certification laboratories, perhaps like UL.com
or kaspersky.com.  The labs could test a random sample of the 
company's products.  Certification by labs in two different
countries would make life harder for the nation-state bad
actors.  On the other hand we should keep in mind that there
are huge trans-national enterprises such as Goldman Sachs 
and ExxonMobil that think nothing of subverting multiple
governments at the same time.

Here's another hypothesis to consider:  Maybe the NSA should
pay attention to what Frank Rowlett said:
   "In the long run it is more important to secure one's own 
    communications than to exploit those of the enemy."

That is, imagine what would happen if NSA put more resources
into fixing stuff than into breaking stuff.

Here's a third hypothesis:  At some point the various players 
could get together and decide not to attack each other.  Before
you cue the "impossible" music
remember that treaties /sometimes/ help a little bit.
  ++ The Vienna Convention on Diplomatic Relations sorta works.
  ++ The chemical weapons treaty sorta worked in Syria.
  ++ The nuclear nonproliferation treaty sorta worked in Libya.
  -- Although not so much in Pakistan, North Korea, et cetera.
  -- et cetera.

Version: GnuPG v1


More information about the cryptography mailing list