Re: What more is there? [infil/exfil]
On 01/20/2014 07:56 PM, grarpamp wrote:> On Mon, Jan 20, 2014 at 2:57 PM, Anonymous Remailer (austria)
<mixmaster@remailer.privacy.at> wrote:
I too wish the leaks would come at a faster pace. But I don't think
The pace is ok, it keeps up the pressure. The real question is, is what remains? More of this same stuff we all knew was happening anyways? Or is there more deeper stuff we only questioned but shrugged off due to the hardness/fantasy of it all?
- decryption of aes? cracked rsa?
Unlikely, unless it's buried deep within files that Snowden took. Remember, during his very first few interviews, he encouraged us to continue to use encryption and made the statement "encryption works". He also trusted RSA enough to use it to encrypt communications with Greenwald and Poitris (sp?).
- automatic and global translation to stored text of all voice calls?
Very real possibility. Commercial tech is almost there. Assuming government is 3-5 years ahead, they might well have that. But I really don't see that as much of a threat. It just saves analysts time.
- gratuitous unwarranted passing of crimetips to LEA?
Likely already being done. In fact, there seems to be some evidence that this has happened in several instances.
- fundamental metadata knowledge of all persons/associations?
Probably possible but not really feasible. Too difficult to filter even using selectors. But I'm sure they're close. Still, there are ways to communicate without generating useful metadata so it might not matter.
- political puppetstringing?
I'd say this is nearly guaranteed. In fact, I suspect this is why Congress has been so slow to do anything about it. The NSA has them by the balls. If you were running a large, illegal, operation, wouldn't you first gather as much dirt on the people who could shut it down as possible?
I suggest the answer lies in budget analysis... the possibilities within a well spent budget. Or a seriously conscientious leaker at the top who is yet to come... since so far Snowden seems limited to confirming lower level obviousness.
Good point. You know what I'd like to see? I'd like to see code. I'd like someone to drop the code to one of these massive systems online for us to analyze. But I suppose documents and program details would be just as useful.
He also trusted RSA enough to use it to encrypt communications with Greenwald and Poitris (sp?).
Not only that, after Schneier took a look at the files he alluded that discrete-log crypto was a safer bet right now. So it looks like RSA remains ironclad in terms of age and security. Also, if AES were backdoored, I think we'd see waaay more panicked allusions to state-secret-smashing revelations. Besides, as has been argued many times; if you own the random number generator, you own the RSA/AES ciphers anyway, and that's what the NSA did. So yea, if you were using RSA-RSA, you're fucked because one of the CSPRNGs was backdoored. But the RSA algorithm, going by Snowden's usage and Schneier's interpretation of the documents, is still OK if properly implemented.
Very real possibility. Commercial tech is almost there. Assuming government is 3-5 years ahead, they might well have that. But I really don't see that as much of a threat. It just saves analysts time.
Also permits more efficient storage for a backlog of dirt if they ever decide they don't like you. So, it is a bit of a game-changer. The NSA will never store raw audio of you being a total asshole if you're not a target, even though it would be great material for discrediting you someday if you get out of line. But they could easily store plaintext transcripts. On 21/01/14 15:38, Anonymous Remailer (austria) wrote:
On 01/20/2014 07:56 PM, grarpamp wrote:> On Mon, Jan 20, 2014 at 2:57 PM, Anonymous Remailer (austria)
<mixmaster@remailer.privacy.at> wrote:
I too wish the leaks would come at a faster pace. But I don't think
The pace is ok, it keeps up the pressure. The real question is, is what remains? More of this same stuff we all knew was happening anyways? Or is there more deeper stuff we only questioned but shrugged off due to the hardness/fantasy of it all?
- decryption of aes? cracked rsa?
Unlikely, unless it's buried deep within files that Snowden took. Remember, during his very first few interviews, he encouraged us to continue to use encryption and made the statement "encryption works". He also trusted RSA enough to use it to encrypt communications with Greenwald and Poitris (sp?).
- automatic and global translation to stored text of all voice calls?
Very real possibility. Commercial tech is almost there. Assuming government is 3-5 years ahead, they might well have that. But I really don't see that as much of a threat. It just saves analysts time.
- gratuitous unwarranted passing of crimetips to LEA?
Likely already being done. In fact, there seems to be some evidence that this has happened in several instances.
- fundamental metadata knowledge of all persons/associations?
Probably possible but not really feasible. Too difficult to filter even using selectors. But I'm sure they're close. Still, there are ways to communicate without generating useful metadata so it might not matter.
- political puppetstringing?
I'd say this is nearly guaranteed. In fact, I suspect this is why Congress has been so slow to do anything about it. The NSA has them by the balls. If you were running a large, illegal, operation, wouldn't you first gather as much dirt on the people who could shut it down as possible?
I suggest the answer lies in budget analysis... the possibilities within a well spent budget. Or a seriously conscientious leaker at the top who is yet to come... since so far Snowden seems limited to confirming lower level obviousness.
Good point. You know what I'd like to see? I'd like to see code. I'd like someone to drop the code to one of these massive systems online for us to analyze. But I suppose documents and program details would be just as useful.
On Tue, Jan 21, 2014 at 04:38:57PM +0100, Anonymous Remailer (austria) wrote:
On 01/20/2014 07:56 PM, grarpamp wrote:> On Mon, Jan 20, 2014 at 2:57 PM, Anonymous Remailer (austria)
<mixmaster@remailer.privacy.at> wrote:
I too wish the leaks would come at a faster pace. But I don't think
The pace is ok, it keeps up the pressure. The real question is, is what remains? More of this same stuff we all knew was happening anyways? Or is there more deeper stuff we only questioned but shrugged off due to the hardness/fantasy of it all?
- decryption of aes? cracked rsa?
Unlikely, unless it's buried deep within files that Snowden took. Remember, during his very first few interviews, he encouraged us to continue to use encryption and made the statement "encryption works". He also trusted RSA enough to use it to encrypt communications with Greenwald and Poitris (sp?).
- automatic and global translation to stored text of all voice calls?
Very real possibility. Commercial tech is almost there. Assuming government is 3-5 years ahead, they might well have that. But I really don't see that as much of a threat. It just saves analysts time.
- gratuitous unwarranted passing of crimetips to LEA?
Likely already being done. In fact, there seems to be some evidence that this has happened in several instances.
- fundamental metadata knowledge of all persons/associations?
Probably possible but not really feasible. Too difficult to filter even using selectors. But I'm sure they're close. Still, there are ways to communicate without generating useful metadata so it might not matter.
- political puppetstringing?
I'd say this is nearly guaranteed. In fact, I suspect this is why Congress has been so slow to do anything about it. The NSA has them by the balls. If you were running a large, illegal, operation, wouldn't you first gather as much dirt on the people who could shut it down as possible?
Illegal is a judgement call. If you keep people in the dark with enough compartmentalization and inter-department rivally, each individual (may) think they are doing their duty to $DIETY and Country. It takes someone who can see enough of the whole picture willing to have their career 'buy the farm' to either take a stand internally, and risk getting fired, or leak it. I doubt the IRS is in cahoots with the NSA AND the SEC AND the FEC, AND the EPA. Each of these organizations has their own information, motives, and dirt on various politicians and upper-level managers play each other and politicians to expand their fiefdoms and hire more wage serfs. The problem (for them) is every once in awhile the serfs get unruly.
I suggest the answer lies in budget analysis... the possibilities within a well spent budget. Or a seriously conscientious leaker at the top who is yet to come... since so far Snowden seems limited to confirming lower level obviousness.
Good point. You know what I'd like to see? I'd like to see code. I'd like someone to drop the code to one of these massive systems online for us to analyze. But I suppose documents and program details would be just as useful.
My wager is 'the code' will be Microsoft exchange and eXcel spreadsheets. What you want is the documents and the bank records, and I think the only way you'll ever get that is if the GAO starts mandating use of some transparent cryptocoin. The Federal Reserve could easily issue 'dollarcoin' that they directly control the money supply for and will back with federal reserve notes. -- Troy, public transparency fool #7
participants (3)
-
Anonymous Remailer (austria) -
Cathal Garvey -
Troy Benjegerdes