Forensics On Trial
John Young
jya at pipeline.com
Sun Feb 20 13:10:12 PST 2011
This reminds of the carnard that crypto weakness is in the
implementation or user ineptness not the algorithm, the math
nor the cryptographers.
Probably old stuff to the sharp tacks here, a 2007 paper describes
how to retrieve keys from volatile memory not via brute force cracking
or key logger or back doors or rubber hole or stupidly vain cryptographers.
PGP Disk and TrueCrypto are used as examples of how to do it.
http://cryptome.org/0003/RAMisKey.pdf
This might suggest explain why those associated long-associated with
PGP have moved on to less risky endeavors and why TrueCrypt is
so beloved by snoops.
The paper was written by a student which again demonstrates
that those with less of a stake in the most trustworthy security
are seldom the most trustworthy and must be protected by secrecy.
Now, for dead-broke deep thinking futurists:
Which is the world's greatest spying machine, the Internet or cellphones
or the two combined?
What is the crucial aspect of each system which renders it susceptible to
covert
compromise?
Which is most promoted as a way to assure freedom from compromise?
Name the most prominent promoters for each.
Name the most unknown skeptic for each.
Name three shame-faced apologists who admit they had not examined
the consequences of what they once believed with certainty.
Winners will receive a huge amount of untaxable cash amply hoarded
offshore by Robert Hettinga, secured by powerful financial crypto.
More information about the cypherpunks-legacy
mailing list