[Details on the AT&T/NSA wiretapping]
Damian Gerow
dgerow at afflictions.org
Tue Apr 11 19:30:39 PDT 2006
Thus spake Tyler Durden (camera_lumina at hotmail.com) [11/04/06 22:03]:
: That being the case, then using ANY crypto for popular apps is better than
: (and not equal to) nothing.
Half-assed crypto is not necessarily better than no crypto.
Let's say that the crypto in Skype turns out to be a load of bunk (hey, it
could happen). How many people won't find out? How many will continue to
believe it's okay? How many people will be bitten? And, perhaps most
importantly, how many people won't care?
Easily broken crypto, that is not advertised as such, is arguably worse than
no crypto: people do things under the illusion they're safe, when they
aren't. Take WEP as an example of this: 'twould have been better to just
not have it at all, and have people focus on using 'proper' technologies
(IPSec, OpenVPN, etc.) than to include it and give people a false sense of
security.
: arguments that "they can break anything so why bother" are
: counterproductive at best and suspicious at worst.
And even if they /could/ break anything, it still takes time, right? Throw
enough data their way, and they're suddenly unable to break everything.
More information about the cypherpunks-legacy
mailing list