[cryptography] cognitive dissonance in threat modelling?

ianG iang at iang.org
Sat Dec 14 08:57:51 EST 2013


On 12/12/13 17:08 PM, coderman wrote:

> - AFFIRMATIVE!
>
>
> i will admit that i am continually impressed by NSA/SCS achievements.
> they're extremely competent!


Hmmm...  I personally expect nothing less than competence.  Look at it 
from any angle:

History.  Their practice of intervention dates from WWII, and they have 
tapped the history of centuries of intervention by their allied powers. 
  See the Sabotage Manual, or Cryptonomicon.

Mission.  Look at the logo on http://www.asd.gov.au/ 'Reveal their 
secrets - protect our own.'  It doesn't get much clearer -- it's their job.

Budget.  Exploded since 9/11 ...

Paranoia.  Every net cafe hides a steganographer, every x-boxer is at 
terrorist at heart.

Opportunity.  Homefield advantage.  Cover of secrets.

By whatever metric we measure these things, they all come up trumps: 
NSA + priends is going to so extremely competent that we are likely 
outclassed.

In the history of warfare, I can't think of a time when there was such a 
huge asymmetrical advantage to the leading player amongst equals.  We're 
talking an order or two of magnitude of supremacy across the entire 
digital battlefield.  Not just who was first to field a tank or a jet 
fighter or a longer pike.


iang

ps;
> Intel Ivy Bridge <- only this is right length in justified context shown

> software for SDN and network-function virtualization (NFV), moves that
> could bring Intel into closer competition with the likes of networking
> giant Cisco Systems and chip maker Broadcom.
>   - http://www.eweek.com/networking/intel-makes-push-into-competitive-sdn-space/


This is the one thing that makes me non-totally confident in the Intel 
choice.  Cisco, Juniper, Broadcom are very big players and are more 
clearly indicated by the other text.

Having said that, the way in to a sector attack such as is now NSA's 
mission is often by picking the weaker player and perverting them. 
Then, leapfrog (with extortion & bribery) through other players.

Also disturbing is that if the it is Intel, this would mark an 
intervention into the competitive marketplace of industrial policy 
proportions:  it would be promoting Intel over the competitors, which 
would basically undo decades of work to open markets to competition.

Knowing what the NSA are up to is on the verge of becoming a global 
competitive priority.  From an economics / world trade pov, this is seismic.


More information about the cryptography mailing list