On Tue, 28 Sep 2010, Tyler Durden wrote:
Seems to me a lot could be done inside those P2P networks. In fact, anything needing very significant security could be hard-encrypted and then injected and subsequently encrypted again with less secure methods with the rest of the P2P traffic...this has the advantage of hiding the strength of encryption and avoiding special notice from the outset.
In other words, "we" may not have won but the filesharers were driven there by their own inevitable logic.
Or am I overly optimisitc here?
Well, the cats out of the bag as far as the math goes. If you want to communicate "securely" you can. The problem is you have to go all the way over to full black ops mode to do it if key escrow (or whatever) is finally (re)instated. No more of this "well my shell connection is over SSL and I access my dev wiki with HTTPS blah blah ..." - it's all or nothing now. And further, there's the whole "structuring" issue. To be honest, the "structuring" movement in the prosecutorial world is scarier than key escrow ... the idea that your "transactions" can incriminate you not based on their actual content, but on your thoughts or motives at the time (highly subjective, of course) is very troublesome. So don't worry about the math - we all know you can securely send it - it's the structuring (or equivalent) charge after the fact that should be worrisome.
PS: Variola has been representin' on the issue on the BoingBoing boards.
URL to these threads on the BB boards ? Thanks.