[Cryptography] What ever happened to end-to-end email encryption?

Phillip Hallam-Baker phill at hallambaker.com
Thu Aug 26 11:57:50 EDT 2021


On Thu, Aug 26, 2021 at 10:47 AM Bill Cox <waywardgeek at gmail.com> wrote:

> On Thu, Aug 26, 2021 at 7:09 AM Phillip Hallam-Baker <
> phill at hallambaker.com> wrote:
>
>> On Thu, Aug 26, 2021 at 9:38 AM Bill Cox <waywardgeek at gmail.com> wrote:
>>
>>> In reality, when a big email provider starts working on e2e email
>>> encryption, someone in government has a friendly conversation with some
>>> lobbyist or high level manager, and it is made clear that congress will
>>> step in with regulations to overturn e2e email if widely enabled.
>>>
>>> There may be a middle ground <https://arxiv.org/abs/1906.07841> in the
>>> future.  I know the hysterical folks on this list would hate it, but it
>>> would be better than what we have now.
>>>
>>
>> I have told six former CIA/NSA directors what I am up to. None has told
>> me to stop.
>>
>> The people from the Cabinet Office (GCHQ) are unhappy with my plans but
>> they haven't tried to tell me to stop either.
>>
>>
>> The lack of email security is ultimately the reason Putin was able to
>> install his kompromized rapist in the WhiteHouse for four years. The lack
>> of email security has directly led to 500,000 more Americans dying in the
>> pandemic.
>>
>> There are powerful forces making end-to-end hard but the intel agencies
>> are not a factor.
>>
>
> I'm sure you know I am a fan of your MMM work.  However, I happen to know
> that the government reps do in fact hold informal discussions with large
> email providers to get them to back away from e2e email encryption.
>

The NSA/CIA etc. tend to have a broad view of security. The push for lawful
intercept tends to come from the FBI which has a rather myopic view.

Fortunately, the FBI has learned that their actions against Phil Z. only
made PGP more popular.



> I agree with all of your points.  Better email security would be good for
> our national security and user privacy at the same time.  This is why I
> think there is room for compromise.
>

I am more than willing to discuss ways to eradicate criminal-currencies.
After that, they would have to make substantial organizational changes
before I could work with them. Separating the law enforcement and
counterintelligence arms, removing the name of the Jim Crow bigot who
abused his office from their HQ, ...

Ultimately, Trump owed his election to the slaver constitution and Jim
Comey putting his corrupt thumb on the scale. Comey, Hoover, Freeh, three
of the most openly corrupt officials in US public office, all with their
heavy thumbs on the scale for the Republican party.



> If there is going to be any compromise, it will take someone like you to
> help make it happen.  You should consider being at the table when they
> decide what the privacy policy should be.
>

I intend to own the table.

My position in the field has always been rather complicated by the fact
that my cousin survived two assassination attempts by a terrorist group so
I have been very aware of the stakes. And I also know that many US
politicians actively collaborated with those same terrorist groups to court
popularity. The sight of Rudy Giuliani attending an IRA fundraiser days
after 9/11 and trying not to be photographed with Gerry Adams is
instructive.

I know rather a lot about how those groups tried to use encryption, rather
more than I am supposed to. So I do actually understand rather more about
the reasons why certain parties think they need to maintain intercept
capability. But I also know that the ULTRA decrypts continued long after
WWII and were the key technology that enabled the CIA to enact coups
installing convenient dictators from Iran to Chile. And the result was
chronic instability.

Until neocon diwit Richard Perle told Achmed Chalabai about it, the US was
breaking the Iranian diplomatic ciphers. What good did that do us? Iran
successfully fooled the neocons into invading Iraq and sorting out their
main security threat and only obstacle to their pan-Shi'ia state. I was
warned Chalabai was an Iranian spy back in the 90s, he was GWB's pick for
Iraqi President.


Russia made many mistakes in 2016, first and foremost being the dog had no
idea what to do when it caught up with the car. Winning the Brexit
referendum did not cause the EU to collapse, it had the exact opposite
effect. The EU is now well on the way to becoming a United States of Europe
and it is a matter of when, not if the UK is re-integrated. Trump was a
supreme humiliation for the US but means that the entire US establishment
from Max Boot to AOC is lined up behind the Democratic party for the next
20-30 years.

The only long term gain for Putin from 2016 is that it is likely that the
war faction is going to be out of power in the US and UK for a generation
or more. And that is not a gain when the real lesson of 2016 is understood:
The only true power in the 21st century is soft power.

I like to point out to advocates of 'cyber-warfare' that when the US lives
in the biggest, baddest glass house on the planet, it is a remarkably bad
idea to start throwing stones. In 2016, Putin showed that Russia, a feeble
and decrepit economy with a second rate military is still able to mount a
soft power attack.

But when it comes to soft power, the US has absolutely unmatched powers. It
is a hyper-power. The Soviet Union was brought down by rock and roll, blue
jeans and western TV.


The Taliban just beat the US military after a 20 year war.  We were never
going to win by stopping jihadis discussing the best way to oil an AK47.

Now we are on to the soft power conflict: It isn't the US military the
Taliban leaders fear, it is Starlink broadcasting TikTok videos teaching
their teenage daughters about makeup.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20210826/d478bba5/attachment.htm>


More information about the cryptography mailing list