[Cryptography] Trump wants to collaborate with the Russians to secure U.S. elections

Mon Jul 10 11:35:29 EDT 2017

On Sun, Jul 9, 2017 at 10:30 PM, Ron Garret <ron at flownet.com> wrote:

>
> On Jul 9, 2017, at 6:27 PM, erik <erik at erikgranger.name> wrote:
>
> > Call me crazy, but I think that it is of utmost importance that the
> > president of the US, whomever that may be, and the leader of Russia,
> > whomever that may be, should be best friends.
> >
> > I think this neo-mcarthyism is a bit dangerous, as people seem to forget
> > that both the United States and Russia have H-bombs. Any petty stuff
> > about elections is kinda not as important as making sure that, no matter
> > what, no escelations exist between the United States and Russia.
> >
> > If a country has H-bombs, diplomacy is of utmost importance. This
> > saber-rattling that I'm seeing over the elections is rather concerning,
> > considering that nothing less than the future of the human race is at
> > stake. Compared to a nuclear winter, rigging elections seem tame.
> >
> > Not that I'm in favor of rigging elections, whether it is Russia doing
> > it or the largest election-rigger in modern times, the United States,
> > but once you have stakes that reach a certain level, one should be more
> > cautious than Americans seem to be.
>
> It would be terrific we could all Just Get Along as Rodney King once put
> it.  And the U.S. is certainly not without sin.  But the sad fact of the
> matter is that at present the U.S. and Russia are still adversaries, and
> have been for over 70 years.  That kind of legacy is not so easily
> overcome.  And you certainly don’t transform a long-standing adversary into
> an ally simply by treating them as a trusted party in the design of your
> defenses.
>

There is actually a lot of interest in establishing norms for government
interventions in cyberspace. But this one crosses a whole series of what
were red lines in prior discussions.

Russia and China have consistently demanded that the US take action to
prevent the use of the Internet for 'terrorism'. By which they mean any and
all speech critical of Putin or the Chinese communist party from any
quarter. Russia and China already police their own citizens to suppress any
speech critical of the other.

The suggestion is disingenuous on many levels, not least the fact that
actual vote tampering is one of the few things that Russia has not been
accused of. There is evidence of a Russian intrusion into some computers
that had a certain connection to the ballot. But that came very late in the
game and might well have been planted with the intention of creating a
false lead.

When the UK peer Lord McAlpine faced very well documented accusations of
funding the libel cases of over 30 pedophiles senior in the Conservative
party and thus the implication that he was likely one himself, McAlpine was
conveniently accused of being a pedophile by a former victim who retracted
the claim almost immediately. McAlpine had previously written a book
advising readers to use just such a strategy.

So I really don't see that there is any good faith intention to make
elections more secure. Rather it is the intention to disrupt the narrative
of the now well established evidence of FSB/GRU hacking of political
parties and operatives and spur allegations of Russian tampering with
actual votes.

As for the proposal, it is stupid. Neither the US nor the Russian
government has any special expertise in the field of election technology
that could be shared with any other party that is not already being shared.
There is some relevant expertise (e.g. NIST etc) but those teams are much
smaller than those working in industry. The large teams that really do have
the expertise needed are at NSA and in the very deepest parts thereof. And
while they can pass messages to the outside world, on occasion, my past
experience of such is that they are not very useful.

Now is not the time for any cyber security treaties. The first step in
forming a treaty is to establish a common understanding of terms and the
range of problems. From there you can go on to establish norms which may be
new norms or new applications of old ones.

Most treaties are actually codification of what is already considered to be
a norm. The Geneva conventions did not introduce novel ideas, they just
eliminated the possibility of exceptions.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170710/9f9b31ed/attachment.html>