[Cryptography] French election attacked.

Henry Baker hbaker1 at pipeline.com
Sun May 7 01:19:14 EDT 2017

At 08:55 PM 5/5/2017, Phillip Hallam-Baker wrote:
>Might we hope that this is a huge deal for cryptography?  France has traditionally been the Western country with the most restrictive laws on the use of cryptography.
>Perhaps now that the political class will realize that it is in the crosshairs of an attack by an enemy power (and yes, it is obviously another Russian attack).  And if they realize they are the main group requiring cryptography, they will stop trying to prohibit it.
>When I worked on crypto as part of the Web team at CERN, I was once searched three times on one trip to see my parents.  Once by UK customs going in, once going out and again by French customs entering.  One of the main reasons the Web does not have the security infrastructure we wanted was the constant harassment in the 1990s.
>We must defeat the attempts by Comey to get similar controls introduced in the US.  Ever wonder why Comey hated Hilary Clinton so much that he broke DoJ policy and sent his infamous letter?  Ever wonder why Louis Freeh got involved in Ken Starr's plot to perjury trap Bill Clinton?  I believe the crypto issue played a large part in both decisions.
>The FBI Directorship has long been a malignant office that has engaged in criminal activities for despicable ends.  It is time to eliminate it.  It is time to make strong end-to-end encryption the ubiquitous in Internet emails.  The threat is Comey.  The threat is Putin.  They are both enemies of democracy and the free world.  They must both be defeated.

All true, but most of this is a red (!) herring sideshow to divert our attention from the total incompetence of the DNC (and now, obviously, the French political parties).

Govts always try to use "deterrence", because it is the cheapest tool in their toolbox.  If you're the biggest, baddest bully, you beat up on people early & often, so they won't attempt to get together and beat back.  But if/when deterrence fails, these bullies often don't have a backup plan, and -- in democratic countries, at least -- the govts don't have the Nazi option of simply hanging/shooting every 10th person ("decimation") until the population kills the perpetrators themselves.

If a politician succumbs to a phishing attack, it is the same as if they had left their non-password-protected laptop on the plane/train/bus, but now they want to destroy all of *our* privacy and security, so we'll feel their pain?

More information about the cryptography mailing list