NSA crippling of crypto makes Congress vulnerable to attack

[Tim May]

On Tuesday, January 15, 2002, at 11:31 AM, Eric Murray wrote:
> Probably not.  I haven't seen the spec so I'm not 100% sure, but
> this is the info I dug up after 10 minutes of googling.
>
>
> http://www.counterpane.com/crypto-gram-9904.html
>
> "And the Mobitex protocol used by ARDIS and RAM mobile for wireless 
> email
> is another example of something that is complex for error correction and
> robustness but has essentially no security. And software for monitoring
> this circulates around the net as well. ARDIS does use XORing with a
> 32 bit constant of the day to provide some fig leaf of security, but
> obviously determining the constant is trivial..."
>
>
> Sad, isn't it?

Something that's sad is that the National Security Agency has abdicated 
its role in helping to secure communications critical to these United 
States. To wit, its COMSEC role. Part of the charter of the NSA is to 
provide COMSEC for critical communications, including ensuring strong 
ciphers. Because it has spent much of the past decade trying to slow 
down strong encryption and introduce back doors into commercial 
products, the very consumer products that are now being bought in droves 
by Congressmen and other employees typically have extremely weak crypto 
in them.

Blueberries and similar devices are now being given to Congressmen and 
other government employees and officials as a means of communicating 
with them in times of national emergency.

Laptops with kiddie-grade disk security ("Datawhack uses a proprietary 
virtual one time pad which uses a secret algorithm to encrypt your 
disk") are the norm.

Cellphones are easily interceptable.

And this is, not surprisingly, what those inside the Beltway (and 
outside, actually, as the effective radius has pushed way out into the 
sprawl of Virginia and Maryland former horse country regions) are buying 
at their local Circuit City and Best Buy stores. Thank the NSA and folks 
like Dorothy Denning for stunting the implementation of good crypto in 
consumer products.

Good to know that Al Quaida knows the ARDIS hacks and will have them 
ready to go when they strike next: Blueberry Emergency Alert to Rep. 
Barney Frank: "Rep. Frank, report soonest to this [isolated] location in 
the woods [where our agents can kill you]. signed, Agent Farr [Abdullah 
Al Ragheda]."

--Tim May, Occupied America
"They that give up essential liberty to obtain a little temporary safety 
deserve neither liberty nor safety." -- Benjamin Franklin, 1759.