[Cryptography] More Bad Govt Shit To Fight (Burner Verizon FBI)

ianG iang at iang.org
Mon Mar 28 08:24:14 EDT 2016


On 27/03/2016 09:32 am, grarpamp wrote:
> On 3/26/16, Ray Dillinger <bear at sonic.net> wrote:
>>
>>
>> On 03/26/2016 07:24 AM, Henry Baker wrote:
>>> It'll be interesting to see how this bill is received.
>>>
>>> IMHO the vast majority of these phones -- at least here in California --
>>> are used by undocumented residents, who have no papers, no driver's
>>> licenses, no bank accounts, and operate 100% on cash.
>>>
>>
>> I'm also in California but the main use I see is at halfway
>> houses and womens' shelters.  There are a lot of scared battered
>> women out there who can't disentangle exes from their financial
>> crap fast enough to establish independent phone service without
>> them, and a lot of shelters that go through them like tissues.
>>
>> It's a pretty big deal for them because there are *LOTS* of violent
>> loons who are trying to find those places, and everyone who winds
>> up there is completely inexperienced in the art of Not Being Seen.
>> Lots of chances for one person's mistake to become everybody's
>> problem, and phones are like the "ablative surface" that can be
>> gotten rid of for mutual protection when someone makes a mistake.
>>
>> I see their IT manager at Urban Ore, buying a basket full of
>> old used phones, almost every time I'm over there.
>
>
> You would be surprised how many *men* have to deal
> with crazy battering women and need to seek refuge
> in shelters and safe supportive halfway houses for men.


Another thing that surprised me was the number of bogus claims made by 
women through the courts in adverse divorce/separation cases.  The 
lawyer who told me about this was nonplussed, it's lucrative work.

ObCrypto - how do you protect your secrets from such a threat?  It is 
threats like this that make SnapChat's disappearing pictures a good 
thing.  The solution is something like that you have to (a) integrate 
other human aspects into the security model and (b) accept the strength 
of the solution is around 8 bits not 128 bits.


> Either way, all such people who are innocent enjoy the
> right for the government and commerce not to impede upon
> their right to privacy, including shielding their innocent selves
> from warrantless govt and commercial tracking and datakeeping.
> Stop giving away your rights and taking those of other innocents.
> For it is not the criminal they are after, but control over you.

I'm in part responding to this because this is real security - 
protecting people who have clear harms.  Not like the normal 
cryptographic theoretic stuff we use ex-military threat models to 
protect credit card transactions.

I did some security review recently for an org that does something like 
the above-mentioned stuff, on a massive scale.  One of the threats was 
that the victims' activity could be tracked through billing records 
which were often available to people in household and people at work, 
who were the attackers.  Given the nature of the abuse involved, it's a 
"hell-yeah!" threat rating.

The challenge is to be able to communicate using some device that others 
have access to without leaving a trail.  E.g., SMS over a standard dumb 
phone without leaving phone numbers in the billing records.

There's probably a million people in USA alone who desperately need this 
protection in one way or another, without counting the teenagers who are 
just sharing mucky kid stuff away from their over-protective parents.

And that's exactly the protection that the feds want to take away.



iang


More information about the cryptography mailing list