mgraffam@mhv.net[SMTP:mgraffam@mhv.net] wrote:
[this is heavily snipped to save bandwidth]
I am aware of the allegations, yes. I would not be surprised if they [the NSA] use this tactic. If I were in their position, and my job were to at least try to read every message sent by
every foreign government
I think you have missed the point. It's not that they are reading messages sent by foreign governments. They are reading - at least potentially - all the messages sent by their own citizens. Effectively all Internet messages that pass through North America are monitored. All international phone calls are monitored and I would guess that internal US ones are as well, although there is not puch published on that. Some US citizens (I am not one) seem to have a touching faith in the idea that the CIA and NSA will not spy on US citizens because it isn't in the powers given to them. If they are that scrupulous then they would just have to get the data from their friends in GCHQ who have no such constitutional limitation and are certainly in a position to monitor most international phone calls and Net traffic originating in the USA. Like they said on the BBC a few weeks ago the "worst kept secret" in Whitehall is that NSA and GCHQ together have been tapping *all* the electronic communications passing through the UK and have been sharing the data with each other since the war. (with GCHQ being rumoured to give far more to NSA than the other way round) And if they behave like that in the UK why not in the US?
I suspect I would try very hard to limit the amount of strong crypto that these governments have.
But they haven't managed to do that. And it isn't really what they want to do. They want to limit the strong crypto available to *you* because they want to read *your* mail. (Why would they want to do that - see this mailing list /passim/ for the last 5 years or so - it's so full of ideas and rants on the subject that some of them have to be right if only at random :-) Like I said my government - the UK - has a deal with your government - the US - that allows your government to tap my phone calls and read my email. And it works the other way round as well. If you phone anyone outside the US or send any other kind of electronic messages outside the US or that pass through or near a GCHQ station then my government will listen to you with the connivance and encouragement of your government. Far from keeping your communications secret your government is actually paying foreigners to tap them. Look at a map of undersea cables some time - then compare it with a map of British and Commonwealth military bases - like Gibraltar, Malta, Diego Garcia, Ascencion Island, Cyprus, St. Helena, the Falklands - your lot have a similar setup in the Pacific, and the Ozzies and Kiwis look after the south-west Pacific and southern ocean. Over half the Internet traffic in the world passes through Falls Church, Virginia. Why are there so many US diplomats and British military in Kenya? And what *do* they do at Menwith Hill and Goonhilly Down? Now I'm wasting bandwidth - becaus of course everyone who reads Cypherpunks knows all this stuff already.
This may mean limiting the amount of crypto that the citizens of the U.S. have. So be it then. The NSA does not have the job of ensuring unbreakable kick-ass privacy and crypto to the public.
Their job is to read the Other Guy's messages, and to make sure the Other Guy can't read Uncle Sam's messages. We speculate that they do both reasonably well.
And *you* *are* the Other Guy. Wake up and smell the static.
Selling me a champion racehorse for $1 is a damn good deal, and it is worth the money.. but I don't have much use for a horse.
I'll buy her off you for 1 dollars and 50 Belgian Francs - now you've made a profit :-) Ken Brown (usual disclaimers apply)