Re: [Cryptography] Sadly predictable: Terrorism used as excuse to attack encryption
On Tue, Nov 17, 2015 at 12:41 PM, Miroslav Kratochvil <exa.exa@gmail.com> wrote:
I agree with you that there should not be restrictions on encryption. Still, the problem is elsewhere -- we simply should not encrypt _that_ much. (also applies to your car analogy, btw).
To explain: Common people with reasonable operating systems/browsers are now using bulk encryption on every single HTTP request they make, on every single disk block they have, making SPF handshake with each person they IM, etc.. Observe that only a really tiny amount of the data is actually confidental (login tokens, business data, ...). Think about what bulk encryption means for the consumption of computing power (RSA ain't free, I'd actually expect more than gigawatts). Think about what it means for law-enforcement agencies -- they can't even simply prove that given single user is _not_ a suspect to narrow their search. No wonder that a politician who was assigned the task to keep the society secure&thriving would actually hate any kind of encryption. And that is a problem, because the simplest thing he can do is a ban.
I'd prefer something less drastic before the ban comes, like forcing the user/software selectively choose (by some smart API or a correctly designed UI) what to encrypt, leaving the rest (most) of data "ecologic" and "law-enforcement friendly".
-mk
PS. In no way I suggest simply "turning SSL off", but there could be a way that just authenticates the data without doing encryption. Method for easily marking the "secret bits" of the stream would be cool as well.
PS2. In no way I suggest surrendering all our information to orwellian big brother, but well, think of the good cops.
I'd wager that overall code and feature bloat is the far larger consumer of electricity, especially since crypto in hardware. Also note how if your personal electricity use has dropped but your bill same or went up, doesn't matter what you use, they tax you for what they want. PKI like RSA has always been more costly than stream like AES, so some auth and special marked stream overhead isn't likely to save anything, because it's bloat. Nothing says you can't log your own proof of innocence Exhibitionists like you could even ship the footage in your house daily to your good cops for their innocent entertainment. Why not task yourself to keep yourself secure and thriving. And have a good laugh about ISIS with the good cops should they mistakenly knock once in a while about your crypto.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Is this a troll? :D On 17 November 2015 22:42:10 GMT+00:00, grarpamp <grarpamp@gmail.com> wrote:
I agree with you that there should not be restrictions on encryption. Still, the problem is elsewhere -- we simply should not encrypt _that_ much. (also applies to your car analogy, btw).
To explain: Common people with reasonable operating systems/browsers are now using bulk encryption on every single HTTP request they make, on every single disk block they have, making SPF handshake with each person they IM, etc.. Observe that only a really tiny amount of the data is actually confidental (login tokens, business data, ...). Think about what bulk encryption means for the consumption of computing power (RSA ain't free, I'd actually expect more than gigawatts). Think about what it means for law-enforcement agencies -- they can't even simply prove that given single user is _not_ a suspect to narrow
On Tue, Nov 17, 2015 at 12:41 PM, Miroslav Kratochvil <exa.exa@gmail.com> wrote: their
search. No wonder that a politician who was assigned the task to keep the society secure&thriving would actually hate any kind of encryption. And that is a problem, because the simplest thing he can do is a ban.
I'd prefer something less drastic before the ban comes, like forcing the user/software selectively choose (by some smart API or a correctly designed UI) what to encrypt, leaving the rest (most) of data "ecologic" and "law-enforcement friendly".
-mk
PS. In no way I suggest simply "turning SSL off", but there could be a way that just authenticates the data without doing encryption. Method for easily marking the "secret bits" of the stream would be cool as well.
PS2. In no way I suggest surrendering all our information to orwellian big brother, but well, think of the good cops.
I'd wager that overall code and feature bloat is the far larger consumer of electricity, especially since crypto in hardware. Also note how if your personal electricity use has dropped but your bill same or went up, doesn't matter what you use, they tax you for what they want. PKI like RSA has always been more costly than stream like AES, so some auth and special marked stream overhead isn't likely to save anything, because it's bloat. Nothing says you can't log your own proof of innocence Exhibitionists like you could even ship the footage in your house daily to your good cops for their innocent entertainment. Why not task yourself to keep yourself secure and thriving. And have a good laugh about ISIS with the good cops should they mistakenly knock once in a while about your crypto.
- -- Sent from my Android device with K-9 Mail. Please excuse my brevity. -----BEGIN PGP SIGNATURE----- Version: APG v1.1.1 iQI7BAEBCgAlBQJWS7CAHhxvc2h3bSA8b3Nod21Ab3Blbm1haWxib3gub3JnPgAK CRAqeAcYSpG1iEFyEADL7bvenkWTHrIBPSS1URfOnhMUf8cX6DNGXQyeypGNAHMc eC9A1LOxh3AyFJG2jRDuBNWLyEb4fEpBOHPQn4PpHwEiXW+Hf+cCQ3yOx/6ZRVLn ed/r51jzNOFMnR/cDO5VKg+WkuwAA+QZ+U7z+f33mSOI/zdK9cYu69EupAA86pMc qQxipWDttq7RRPxB3HxJAc1cJNQV49Aa+Hfp8ULrnvdfhLwipJQDseSOt5Zk7TqO iwvWprOCDxLk0d2jYdGJ43Zbbf+eTwMthAJOa3SJjkS9vVW6h6Hbk/kKybzopZa3 mylfTidOjb35NL5XsUDzSftX1YDK64EjUugh5G10oGLaSposAGUb8Kr1UL0Q4Kcp xv+ICqufAnSCKbtRRjCJqAd+V+W+ubcv6NnLgx5o6MtPtKFps+3keq++CkfsRc0F NAU1XiwXMwiqmdmHvdSJaxwNG0pmI9hsRdXA0+/JGdML1QhvADd2KVF5EwLfmHZt JkHgkNAyktecyznlr4wjxOh5CEkCep6PLsZq206Jr0KhxXMCRMQBof2b1hAn/cYc DKz2cVhvlmFk81EsIBmgCYxH+Pqly3L8TC73piwDhS/J0LVj8vwXkyL0T05kdVpk 5Kt+uumCik4/mNcIwRPyYH2+JH8DYr4ApRpOq5OHgyfEjfUkxbxBsg5rOh4tlw== =xSHd -----END PGP SIGNATURE-----
participants (2)
-
grarpamp -
oshwm