[Cryptography] hard to trust all those root CAs
Bill Frantz
frantz at pwpconsult.com
Wed Jul 23 22:39:18 EDT 2014
On 7/23/14 at 2:48 PM, jsd at av8n.com (John Denker) wrote:
>On 07/23/2014 02:30 PM, Bill Frantz wrote:
>>
>>I assume that all my email is as private as messages to this list.
>[....]
>>The one time I actually thought I was having a private conversation was in a cave
>
>
>...
>
>To say the same thing in less sarcastic terms: We had better
>do whatever it takes to make sure that assumption does not
>become true.
I fully agree, which is why I contribute to this list.
But the flaws in our computer systems, protocols, and
procedures, coupled with our failure to use what we have makes
the assumption of complete openness the only safe assumption.
I personally don't worry about NSA too much. Revealing what they
can gather from my electronic world isn't worth the cost
revealing the extent of their spying. As a US person, I worry
much more about foreign intelligence agencies. They are
attempting to undermine US companies which I depend on
economically. Helping these companies keep secrets from them is
in my best interests.
>This affects many different aspects of life. -- Baseball would
>be a very different game if the batter could crack the
>communication between catcher and pitcher,
>and if the pitcher could crack the "bunt" and "steal"
>signs, et cetera.
I think there are examples on record of these signals being intercepted.
>-- Poker would a verrrry different game if all the cards
>were transparent.
I agree, it probably wouldn't be played at all.
>-- I take this personally, because most of my adult life
>has been spent doing R&D. Almost every dollar I ever
>earned was predicated on the idea that my work conferred
>some competitive advantage to the company that I owned
>and/or worked for. It would be hard to have any kind of
>intellectual property, or any kind of competition at all,
>if everything becomes an open book.
Fortunately, information transfer, particularly the results of
R&D, is much more complex than just reading correspondence
between developers. In real world cases, it frequently takes
hours/days/weeks of one-on-one teaching to transfer the ideas.
Trade secrets are in trouble in a completely open world,
although there is still some legal protection if a trade secret
is stolen. Patents, copyrights, and trademarks can continue
unscathed. Those are the four kinds of legal IP I know of.
Cheers - Bill
---------------------------------------------------------------------------
Bill Frantz |"We used to quip that "password" is the most common
408-356-8506 | password. Now it's 'password1.' Who said
users haven't
www.pwpconsult.com | learned anything about security?" -- Bruce Schneier
More information about the cryptography
mailing list