News: "U.S. May Help Chinese Evade Net Censorship"
David Honig
honig at sprynet.com
Fri Aug 31 09:26:54 PDT 2001
At 02:41 PM 8/30/01 -0400, Faustine wrote:
>And by the way, if you're going to question
>SafeWeb for cooperating with CIA, you might as well criticize ZeroKnowledge
>for selling a boatload of the Freedom beta to the NSA in 1999 as well. What
>did they think they wanted it for, farting around on Usenet? I bet they had
>that sucker reverse-engineered and compromised in two minutes flat.
Were you intending to insult ZK authors[1]?
The spooks would have studied the tool and its design, and set up a test
net to study the traffic. Depending on their resources and the
interesting-ness of the ZK-using 'targets
in the field' they would have thought about what can be recovered from
observations and interventions. As they do with everything, from code to
routers.
Maybe they would, in 2 minutes, look at it and say, "oh, well, they
used the Foobar library's implementation of RSA, and we know how to exploit
a bug in that version, and can leverage that to break their scheme,
so all their zero knowledge is ours". Or "lookee here, they didn't check
a buffer overflow and we can 0wn their nodes" But exploration takes
time, especially for a system designed from start to resist. Unless you
think they're magic.
[1] I'm not one, nor do I know any
More information about the cypherpunks-legacy
mailing list