Fwd: [Cryptography] stego mechanism used in real life (presumably), then outed
---------- Forwarded message ---------- From: iang <iang@iang.org> Date: Thu, Jun 8, 2017 at 3:10 AM Subject: Re: [Cryptography] stego mechanism used in real life (presumably), then outed To: cryptography@metzdowd.com On 07/06/2017 12:21, Jerry Leichter wrote:
There's an interesting and significant sidelight to the previous discussion of watermarking, and the message a couple of days ago from "M373" concerning the Seaglass project at U of Washington, which is developing means for detecting IMSI catchers at city-wide scale. In both cases - and there are others - we have legitimate research devoted entirely to discovering, publicly explaining, and perhaps effectively neutralizing, mechanisms that LE has put in place. As far as I can tell, this has little historical precedent. Criminals/revolutionaries/freedom fighters - it all depends on you viewpoint in particular situations - have long conducted exactly this kind of research. But it's been clandestine, done in support of their own activities, and passed around as secret tradecraft. (Of course, state actors have also long targeted each other this way.)
We've crossed a threshold when entitled members of society feel the need to work to subvert their own society's enforcement mechanisms. (No, university faculty members and EFF researchers and such - while hardly among the big movers in shakers - cannot reasonably be considered the downtrodden in any Western society.)
I agree with the observation of the shift, but I take issue with the notion of "society's own enforcement mechanisms". As far as I can see, it isn't society that is putting in wholesale enforcement mechanisms, it's a small subset that are working outside the bounds of society. In long-standing principle, societies have more or less accepted the need for spying on *foreign* enemies but drawn the line at spying on own citizens. This is well tested in history. For local spying you need an investigation, a warrant, a court, a process. The barrier is high. Things like yellow dots, the equity ratio of 10:1 offence to defence at NSA, also the 19 agencies secret sharing and deception to courts, show that the historical defences of civil society are being subverted. And, it is more or less worse in other countries. It used to be the notion in pre-1990s times that the agencies spying on own people was reserved for the evil enemy - the Stazi, McCarthy, KGB, Hoover. But now it seems to be trotted out with regularity that if the terrorists are achieving, of course we'll undermine society to fix that. C.f., May's recent comments about willingness to reduce fundamental rights of 60 million in exchange for 6. So I would prefer to say, what we are seeing is a shift towards society protecting itself against the attacks of agencies that are now out of control of the democratic population. That's just me. I'm not society. But neither am I content when entitled members of society in agencies think society is right and it's ok to go local because we're the good guys. General society didn't need end to end encryption until this shift happened. 40 bit CA-mediated crypto did the job for credit cards nicely enough. Nice to have, but there was no serious privacy threat on the tubes. Now there is a big shift happening - those that are listening are using the information. It's not there yet, but if the trend for open intel sharing continues, society will need end to end encryption just to survive. iang _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography
On Thu, Jun 08, 2017 at 03:14:02PM -0400, grarpamp wrote:
---------- Forwarded message ---------- From: iang <iang@iang.org> Date: Thu, Jun 8, 2017 at 3:10 AM Subject: Re: [Cryptography] stego mechanism used in real life (presumably), then outed To: cryptography@metzdowd.com
On 07/06/2017 12:21, Jerry Leichter wrote:
There's an interesting and significant sidelight to the previous discussion of watermarking, and the message a couple of days ago from "M373" concerning the Seaglass project at U of Washington, which is developing means for detecting IMSI catchers at city-wide scale. In both cases - and there are others - we have legitimate research devoted entirely to discovering, publicly explaining, and perhaps effectively neutralizing, mechanisms that LE has put in place. As far as I can tell, this has little historical precedent. Criminals/revolutionaries/freedom fighters - it all depends on you viewpoint in particular situations - have long conducted exactly this kind of research. But it's been clandestine, done in support of their own activities, and passed around as secret tradecraft. (Of course, state actors have also long targeted each other this way.)
We've crossed a threshold when entitled members of society feel the need to work to subvert their own society's enforcement mechanisms. (No, university faculty members and EFF researchers and such - while hardly among the big movers in shakers - cannot reasonably be considered the downtrodden in any Western society.)
I agree with the observation of the shift, but I take issue with the notion of "society's own enforcement mechanisms". As far as I can see, it isn't society that is putting in wholesale enforcement mechanisms, it's a small subset that are working outside the bounds of society.
And for a very long time it was not "most of society" that enforced the "laws" with public floggings, incarceration and the like. iang's point is nothing but a massive splitting of the tiniest hair: - the small subset is paid by money stolen by tacit consent - the majority tacitly consent by their non-action, over and over - this minority exist in a pyramid where the smallest handful actually make the decisions and presumably take the "responsibility for any guilt" away from the minority but numerous employees doing the dirty roll-outs - the enforcement/ spying/ etc mechanisms being rolled out/ created are absolutely working "within the mechanisms that society has consented to" (i.e. Government) What "iang" is perhaps trying to come to grips with here is the concept of tacit consent. YES, "the minority of society" working at and controlling the various TLAs implementing this despotism, is working within the bounds of the tacit consent of the majority. And now that "some of the entitled class" are beginning to actively, publicly, work against these mechanisms, the tacitness of "the collective tacit consent" is becoming a little less tacit, and a little more "actively opposed". This is of course a very good thing, let's hope this wave has some real legs.
In long-standing principle, societies have more or less accepted the need for spying on *foreign* enemies but drawn the line at spying on own citizens. This is well tested in history. For local spying you need an investigation, a warrant, a court, a process. The barrier is high.
*was* high
Things like yellow dots, the equity ratio of 10:1 offence to defence at NSA, also the 19 agencies secret sharing and deception to courts, show that the historical defences of civil society are being subverted.
And tacitly consented to by the majority, for decades. In long-standing principle, societies have more or less tacitly accepted the dictates of "rulers" in any form - government, dictators etc.
And, it is more or less worse in other countries. It used to be the notion in pre-1990s times that the agencies spying on own people was reserved for the evil enemy - the Stazi, McCarthy, KGB, Hoover. But now it seems to be trotted out with regularity that if the terrorists are achieving, of course we'll undermine society to fix that. C.f., May's recent comments about willingness to reduce fundamental rights of 60 million in exchange for 6.
And mostly, the majority nearly always go along with this.
So I would prefer to say, what we are seeing is a shift towards society protecting itself against the attacks of agencies that are now out of control of the democratic population.
"now"? As in "only just now it begins to be out of control, and hey wow, just now also the university breeds are taking a righteous stand as they should, and so society is working fabulously, darling, just fabulously, since humans are just so swell, ain't we having a fine and dandy existence y'all!" Oh yeah. Exactly. Society working exactly as it should, nothing to do here folks, move along.
That's just me. I'm not society. But neither am I content when entitled members of society in agencies think society is right and it's ok to go local because we're the good guys.
Jolly well said ole chap! By the blazers, them agencies as dog gone gone and stepped just a little over that line of decency and rspect now. They need a whuppin I tell ya, a royal whuppin.
General society didn't need end to end encryption
Indeed, all those dirty plebes and prolls that make up "general society" are well and truly shafted by the "normal" agencies and organs of the erect government like the police "just following orders, sir!" for 1000 years, the courts "the statute law is almighty and the states may legislate on any and all matters since they're sovereign so OFF TO JAIL FOR YOU!"
until this shift happened.
We can only agree - this is the only truly bad decent we've seen in society in, I dunno, 700 years since Magna Carta?
40 bit CA-mediated crypto did the job for credit cards nicely enough. Nice to have, but there was no serious privacy threat on the tubes.
Of course, of course, how silly of me. The neighbour selling a bit of weed, the dissident opposing his local police corruption, those dirty, dirty citizens wanting their rights? My god, just as well weve got a government I tell you, JUST AS WELL!
Now there is a big shift happening - those that are listening are using the information. It's not there yet, but if the trend for open intel sharing continues, society will need end to end encryption just to survive.
You're right, we don't need that end to end encryption yet - not at all. The panopticon is not complete yet, so we're deluding ourselves - perhaps when per-human mandatory microchipping comes in? Perhaps not then (quite yet) since that's also allowed per Revelation "the mark of the best on the forehead or the back of the hand" rfid microchipping decree. Behave, plebes!
participants (2)
-
grarpamp
-
Zenaan Harkness