On Thursday, August 30, 2001, at 02:11 PM, Faustine wrote:
True, of course they do. "Technology is morally neutral," sure, whatever. Yay capitalism. I still think handing over your security product beta on a silver platter in exchange for a nice fat government contract is a stupid, stupid idea.
And since software is infinitely replicable, all the NSA would have to do if ZKS refused to sell to them is to get a copy anywhere else: from an employee who orders it sent to his home address, from a contractor, off the shelf at Fry's or Circuit City (someday, maybe not today), and so on. Much more importantly, modern crypto relies to avoiding "security through obscurity." As outlined by Kirchoff in the 19th century, the security of a cipher ultimately depends only on the _key_, not the algorithm used to process the key. (Phrased in more modern terms, figuring out the algorithm is an "easy" problem, presumably solvable in polynomial time, while discovering the key is either provably impossible (except by guessing) or in the case of RSA is believed to be "hard" (not yet proven, and textbooks will tell you all kinds of stuff about what "hard" means). Now Freedom is not a cipher, but a system. And no doubt supplying an attacker with the program would help him to design an attack. Supplying him with the source code and detailed specs would help him even more. But, as with Kirchoff's point, the attacker is going to get the design eventually. But not the keys. In any case, NSA probably had it from their buddies in Canada, who either got it by arrangement with ZKS or snarfed it in one of several ways. The security of Freedom should not depend on even having access to the source code, else ZKS would be lying when they claim that even they cannot trace a message back to the sender. (Something which some may doubt...)
Either way, the prospects for "dissident-grade untraceability" are fairly bleak.
You pontificate as if you know something about our field, when you clearly know very little. Get some education if you plan to pontificate like this. A mixnet of the N extant remailers offers pretty damned good untraceability. Needs some work on getting remailers more robust, but the underlying nested encryption looks to be a formidable challenge for Shin Bet to crack. --Tim May