[cryptography] Snowden Induced Mea Culpas

Kyle Maxwell kylem at xwell.org
Sun Aug 25 20:54:16 EDT 2013


I find it likely that the Google engineer quoted had things like the
NSA taps on routers and in telecom facilities in mind, rather than
whether users of various services can expect that their providers will
hand over to the government. In other words, encrypting data in motion
rather than at rest. That's not to say that the latter isn't
important, only that it's a problem TLS and similar technologies
cannot solve or even really address.

On Sun, Aug 25, 2013 at 7:49 PM, Lodewijk andré de la porte
<l at odewijk.nl> wrote:
> Assume all mayor cryptotools are exploited. Sad but true. Any other reason
> people complain OpenSSL is written in tongues (so to speak)? Hiding exploits
> is easier in a mess.
>
> That said the people in the IETS might be ignorant to the fact that TLS is
> likely backdoor'ed. The thing with this problem is that there's many layers.
> Mike Belshe is probably not dual-role, just doing the best he can is enough.
>
> False security is a danger unlike many others. None of us should forget
> that.
>
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography
>



-- 
@kylemaxwell


More information about the cryptography mailing list