[Cryptography] tamper-evident crypto?
coderman
coderman at gmail.com
Sun Sep 8 15:17:44 PDT 2013
....
> Well, I'm sure /somebody/ on this list is clever enough to
> arrange countersurveillance and counterintrusion measures...
this is both much more complicated for a technically savvy adversary,
and a horrible idea.
your legal council might call it a "lunatic plan", ...
would you be fooled by the approach you describe?
most/all? attacks to date using truly 0day exploits have been
inter-nation-state espionage and "cyberwar".
non-exclusive 0day platforms for surveillance are fairly visible.
(e.g. domestic activist suppresion, etc.)
even the onion hack used weeks old fodder to catch the low hanging fruit.
> One of the rules in science, business, military planning,
> et cetera is to consider /all/ the plausible hypotheses.
> Once you consider the possibility that your data security
> is broken, the obvious next step is to design an experiment
> to /measure/ how much breakage there is.
if you decide to play this game, the "red teaming"
can also provide useful estimate on the cost to penetrate. e.g.
is the time and money hardening providing RoI?
i hear you convince a sufficiently resourced attacker,
you're of sufficient value and legitimacy,
and fend off the gamut of known attacks,
you see escalation to some very inventive levels...
personally i'd bet on the powerball
;P
...
last but not least,
as an ethical discussion,
on a less serious tangent,
what would you do with a high value captured payload?
you have a tactical value to consider,
you have a monetary value to consider,
you have a reputation/P.R. value to consider,
you have a full disclosure value to consider,
within your reasoning for greatest benefit.
More information about the cypherpunks
mailing list