NSA crippling of crypto makes Congress vulnerable to attack
Tim May
tcmay at got.net
Tue Jan 15 17:27:25 PST 2002
On Tuesday, January 15, 2002, at 11:31 AM, Eric Murray wrote:
> Probably not. I haven't seen the spec so I'm not 100% sure, but
> this is the info I dug up after 10 minutes of googling.
>
>
> http://www.counterpane.com/crypto-gram-9904.html
>
> "And the Mobitex protocol used by ARDIS and RAM mobile for wireless
> email
> is another example of something that is complex for error correction and
> robustness but has essentially no security. And software for monitoring
> this circulates around the net as well. ARDIS does use XORing with a
> 32 bit constant of the day to provide some fig leaf of security, but
> obviously determining the constant is trivial..."
>
>
> Sad, isn't it?
Something that's sad is that the National Security Agency has abdicated
its role in helping to secure communications critical to these United
States. To wit, its COMSEC role. Part of the charter of the NSA is to
provide COMSEC for critical communications, including ensuring strong
ciphers. Because it has spent much of the past decade trying to slow
down strong encryption and introduce back doors into commercial
products, the very consumer products that are now being bought in droves
by Congressmen and other employees typically have extremely weak crypto
in them.
Blueberries and similar devices are now being given to Congressmen and
other government employees and officials as a means of communicating
with them in times of national emergency.
Laptops with kiddie-grade disk security ("Datawhack uses a proprietary
virtual one time pad which uses a secret algorithm to encrypt your
disk") are the norm.
Cellphones are easily interceptable.
And this is, not surprisingly, what those inside the Beltway (and
outside, actually, as the effective radius has pushed way out into the
sprawl of Virginia and Maryland former horse country regions) are buying
at their local Circuit City and Best Buy stores. Thank the NSA and folks
like Dorothy Denning for stunting the implementation of good crypto in
consumer products.
Good to know that Al Quaida knows the ARDIS hacks and will have them
ready to go when they strike next: Blueberry Emergency Alert to Rep.
Barney Frank: "Rep. Frank, report soonest to this [isolated] location in
the woods [where our agents can kill you]. signed, Agent Farr [Abdullah
Al Ragheda]."
--Tim May, Occupied America
"They that give up essential liberty to obtain a little temporary safety
deserve neither liberty nor safety." -- Benjamin Franklin, 1759.
More information about the cypherpunks-legacy
mailing list