[Cryptography] Justice Dept. Revives Push to Mandate a Way to Unlock Phones
jamesd at echeque.com
jamesd at echeque.com
Thu Mar 29 16:36:44 EDT 2018
On 3/28/2018 5:26 AM, Ray Dillinger wrote:
> The only move that beats an opponent motivated to kill you for your
> secrets is the motivation to die to keep them.
That you have secrets worth killing for is hard to detect at the best of
times, and you can make it a good deal harder.
But in any case, not going to kill you for your secrets. The government
is far more interested in detecting which people have secrets, than in
forcibly extracting those secrets.
Similarly with their efforts to suppress Christianity, they are not so
much throwing Christians to the lions, as making Christianity
inconvenient and low status - if you want to continue being a Roman
Catholic, and not celebrate adultery, gay sex, and transsexual
prostitution, if you don't want to have female headship preached at your
wedding, have to find a Latin Mass Church and attend that, which is
perfectly legal, and will not even get you fired, but which most people
will not do.
It is not that they demand your secrets on pain of being thrown to the
lions. They demand your secrets on pain of minor inconvenience.
Whatsapp two party encryption is secure and easy to use, but they have
as default automatic backup in the clear to Google servers, where google
AI will go through your data looking for interesting things. Lately
automatic backup in the clear to Google has been added to all sorts of
things, for example Viber, while other forms of backup have been made
more difficult.
Whatsapp group chat is also insecure, in that the servers can invisibly
add themselves or the NSA to the group chat.
Signal group chat is secure, and does not get backed up by default.
(Losing potentially inconvenient data is a feature, not a bug), but
there are approximately one thousand times as many Whatsapp users as
signal users.
Whatsapp one on one chat is secure, but that is mainly because the
security agencies get the metadata, being more interested in who you are
chatting with, than what you are chatting about.
They are not going to kill you for your secrets, just make keeping
secrets somewhat inconvenient, just as they are not going to throw
Christians to the lions, just make practicing actual Christianity
somewhat inconvenient.
By making secrecy mildly inconvenient, people practicing actual secrecy
stick out, the government collects the metadata on people practicing
actual secrecy and then they pay attention to those people. But
torturing those people into revealing their secrets would reveal the
tracking, would reveal what the government is paying attention to, so
they don't do that and are unlikely to do that.
More information about the cryptography
mailing list