[cryptography] [Cryptography] Mail Lists In the Post-Snowden Era

Adam Back adam at cypherspace.org
Mon Oct 21 10:49:27 EDT 2013


On Sun, Oct 20, 2013 at 06:55:52PM -0400, Peter Todd wrote:
>Note that you can use broadcast encryption to efficiently encrypt the
>messages to multiple recipients. (a deployed example is in the AACS
>video encryption) Or more simply keep people's PGP keys on file and have
>the mail server encrypt each email.
>

(Oh yeah, I top-posted by habit, better copy some text above to preclude an
excuse for censorship, there done!)

In the context of crypto lists I prefer open, unmoderated/uncensored.

For example the paranoid might note that its desirable for the forces of
darkness to control the medium by which the open community communicates,
delete the odd message with plausible deniability, use moderation as a
platform to squelch traffic with a little hidden bias, who's going to know. 
Viz this crypto list went dark for a year or so (ostensibly because -
actually we're not sure - anyway no traffic flowed; and finally the list was
reopened - temporarily, when randombit opened up as an unmoderated list, and
threatened to take over as a continuously flowing open medium.) Then again
another long hiatus on this list followed by only reopening when the world
was exploding with Snowden revelations and recriminations.

Paranoid or not?  If Snowden's episode showed one thing its that people were
too niave, and not paranoid enough.  Its easy pickings to step up for admin
positions in organizations, because momentum and laziness dictates that
others will not, and then some regime of sabotage, discussion shaping,
control can ensue.  Anyone who's done any standardization work, will have
found defense research people holding unlikely chair positions - medical
health care message security - UK defense research agency.  Really?  Why? 
Probably to make avoid use of forward-secrecy or such like soft-sabotage. 
People should re-read the declassified old sabotage manual and dwell on what
could be done with $250m/year against open discussion forum, protocols, open
source software, chairman/organizational positions etc.  Because, its
probaly be actively done right now.  Accident that android is using crap
ciphersuites - or plausibly deniable sabotage.

Adam

(copied to the unmoderated list)


More information about the cryptography mailing list