At 12:09 AM 3/17/2014, Troy Benjegerdes wrote:
If everything (including the network path my data takes) is encrypted, then I have no real ability to know if it's being tapped, redirected, or misdirected.
A point not well emphasized by cryptographers, in public at least, and advocates of encryption as the essential requirement for comsec. "Unbeakable crypto" may not be used as much as it once was but there are a host of newly-minted versions of snake oilish assurances dominating the booming comsec market, thanks to Snowden's magnificent gift, estimated to eventually reach the trillion dollar level in two decades, to the gov-com-edu-org comsec panic industry. Operators of systems, and the necessarily breachable security they offer, remain the achilles heels of comsec. Lavabit is only one of the instances in which sysadmins are compromised. Ubiquitous deployment of crypto throughout telecom and cyber systems is vulnerable to sysadmins who insist on full access to everything to "de-bug" and run their systems, especially those SAs easily manipulated by front offices and their ever so cooperative legal and financial advisors. Not many SAs wil do what Snowden did in the "public interest" which just happens to be a great fortune maker for media and comsec hustlers. End to end encryption is currently a hot recommendation of choice for comsec but skips over what happens behind, below, around and inside "end to end" code, hardware, implementation, and most of all the traffic flow of the precious capsules emitting transceiver vapor trails, EM clutter, arfully cloaked gaps, doors, handshakes, implants, bugs (and "de-bugs"), ways in and out, checks, double checks, safety plugs, sigs, nyms, language hints, and manifold uniquenesses witting and unwitting of fallible hunks of meat. It is, or should be, primary for cryptographers to publicly admit cryptosystems inevitably fail, as some do despite being overridden by sales and CEOs and investors, being bribed and NDA'd into complicity, or in worst cases threatened with prosecution for revealing in natsec systems built-in faults or more deviously, pretending there are none while glossing deep deception with shallow claims that there are always a few which can be repaired, nothing is perfect, you get what you pay for, etc, etc, the formulaic exculpation inherent in the word "security." No question this is expecting cryptographers to be more honest than the rest of the greedy "professional" class so avid to profess public interest while gobbling the public's hard earned with gleeful transgression slathered in "industry standards" and global treaties to assure governments and corporations remain piggish and dispensaries of rewards for the professional classes which find oligarchal enticements "irresistable" as Greenwald slobbered in agreeing to work closely with gov-com to withhold secrets under guise of ventriloquizing Snowden's "causing no harm to national security." "Causing no harm to national security" is verily medieval in its creed-promotional organized religion fervor. Cryptographers have long been missionaries for this duplicitous "trust us" faith, so it figures they will evangelize among journalists to adopt encryption to upgrade the low value of the fear and trembling scripture, and, as always, the compensation for scribes of arcane holy writ of bare panic and crypto balm.