[Cryptography] propaganda on "hurdles for law enforcement"

grarpamp grarpamp at gmail.com
Fri Jul 25 22:01:56 PDT 2014


> I don't see any technical/cryptological way to defeat the
> proposed US law;  it looks like a political problem that
> needs to be dealt with by political means.

Proliferation is a political means. Keep on proliferating,
proliferate widely, proliferate fast, get all your friends and
business on it, get the public on it, remove the capability
for legacy plaintext, and embed and entrench crypto
deeper than the Marianas.

Also, call/visit/write your MP/congresscritter and
give them your concerns about backdoors and
your freedom/rights, your life being meta'd, recorded,
analyzed and stored forever for no good reason
(for which an interest in crypto and speech isn't one).

Proliferate and speak!


On Fri, Jul 25, 2014 at 5:24 PM, John Denker <jsd at av8n.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Today's Gomorrah Post has a long article in the "National Security"
> section:
>
>   Ellen Nakashima
>   "Proliferation of new online communications services
>    poses hurdles for law enforcement"
>   http://www.washingtonpost.com/world/national-security/proliferation-of-new-online-communications-services-poses-hurdles-for-law-enforcement/2014/07/25/645b13aa-0d21-11e4-b8e5-d0de80767fc2_story.html
>
> I see no particular reason to believe a single word of what
> it says.  Virtually all of the evidence supporting the main
> conclusion is "according FBI officials and others" ... which
> puts it in the same category as the "stories" Judy Miller
> wrote for the New Ys Times in the runup to the Irag war.
>   http://www.nytimes.com/2002/09/08/international/middleeast/08IRAQ.html?ex=1121140800&en=76eddceb628af81e&ei=5070
>
> Positive reasons for disbelieving the main thrust of that
> story is that if the authorities want to search somebody's
> bedroom, they can still do it;  they just (sometimes!) can't
> do it quite so cheaply.  That can't do it without getting
> up from their comfy armchairs.
>
> The article contradicts Bill Frantz's assumption that all
> present-day crypto is ineffective.  I tend to disbelieve
> both extremes.  I reckon any lock can be picked or drilled
> out /if somebody wants to badly enough/ ... but this does
> not mean that all locks are completely useless.
>
>
> There is a companion article that lets the cat out of the
> bag:
>
>   Ellen Nakashima
>   "The government wants to wiretap online communications
>   — or in some cases hack them"
>   http://www.washingtonpost.com/blogs/the-switch/wp/2014/07/25/the-government-wants-to-wiretap-social-media-or-even-hack-it/
>
> Both articles appear to be part of a PR campaign to lay
> the groundwork for a new CALEA-on-steroids law that would
> reportedly require every ISP and every app developer to
> provide hooks to enable armchair/pushbutton wiretapping.
>
> Before you say that such a law is impossible, especially
> in the context of open-source software, let me point out
> that most people on earth /already/ live under regimes
> where use (or even possession) of an unregistered encryption
> device is a serious crime.
>
> I don't see any technical/cryptological way to defeat the
> proposed US law;  it looks like a political problem that
> needs to be dealt with by political means.
>
> Tangentially related: On 07/24/2014 09:13 PM, Peter Gutmann
> wrote:
>> [....] should be preserved somewhere as the standard response to the
>> Rumpelstiltskin Defence ("you can't prove I'm using crypto/know the
>> keys so you'll have to let me go"). This [imprisonment] perfectly
>> sums up what will happen to anyone who wants to try the
>> Rumpelstiltskin Defence in court.
>
> I am certainly not an international lawyer, but we can all read
> the plain language of the law.  Under the otherwise-Draconian
> UK RIP law, the Rumpelstiltskin defense is explicitly allowed:
>   http://www.legislation.gov.uk/ukpga/2000/23/section/53
>
> Also note that if such a defense is not possible, you are already
> a criminal, because of the encrypted "message" below, which you
> have already received.
>  a) You don't know the decryption key, although nobody can prove
>   that you don't.
>  b) You cannot obtain the key from me or anyone else, because
>   I destroyed the public key /before/ encrypting the message,
>   although nobody can prove that I did.
>  c) Furthermore I can tell you that the plaintext consisted of
>   512 bytes of high-grade randomness that wasn't seen or recorded,
>   although nobody can prove that either.
>
> I encourage you to forward my "message" to all your legislators,
> along with lots of similar messages.
>
> To say the same thing in more constructive terms: This serves
> as an example of /cover traffic/.  It allows you to say with
> complete sincerity that at least "some" of the data you hold
> is undecryptable.
>
>    Adversaries will have to consider the hypothesis that I'm
>    engaging in some bizarre yet effective steganography, hiding
>    a tree in the front row of the forest.  Nobody can prove /or/
>    disprove this hypothesis.
>
>
> - -----BEGIN PGP MESSAGE-----
> Version: GnuPG v1
>
> hQIMA9jh5gIisxa+AQ//T8x3vgxCVqq6cCNln4TW5r8H6JeHqD1txxEy+jOiybvb
> mvdcut6uQQqu/eFkV06rK+1K5LoUWemqTpAgz/E7MKtNsvYv4gardebFLRDxgn3v
> WW01mc6XKqH+xpDoqabDN+Mc2jeQGhDD+fBBCMCePx/ca8iJ1gjVL93A3L+2AVan
> PJFsRsoCx8X/DoUpIQOqCm0XOJrS+anVTrSOdVSo4t/V4QF7yx+51yi4ro26eAz0
> 5vCm+afMQSMIvZcpK54LI+oWUITQGP8ZhD2+B5HsIUh9nmcZjRr5fK+edGe6tS3W
> aam0pQHWrkmyyjfKxNVfxK/aujrboHVybF9sP0tN8wUhFh7Tdj8F1e5EtPppXB/p
> DoC7O3SQ30HHCCeNSLMErMzsniw+fHmL6zoE/UnkAsQZ1HJvg/9OD/dxJP/BaMwr
> RUwG73wKPBp9m5ROs0tRopBNFcRXtM6hg/1i9ZE8IcbZcsgfcGwUdeo4qbYvhtyR
> XU1FfQRyIhW7KRXQeWFSmMS1AWYMl0fX6n02qTbTSmUY7bujdEpOH3Dz8ndSKsjK
> q0IWmXXcCpc9OGbiwSRhNgbxQBVu2tZ4ntk8vC+deM9itR7CMo94p95gvZQ9H7dU
> fTKHb28jel8Y7CL7MYfcXpeO/vZIsj9H5GnJc+pSOuY8ueR/rTauJZux2DlIrwbS
> 6QGqzHz6PaJ4NqoeyL7IiMJDNM4panzYqa4/Shfk3fiTol4FDLCdXMtT3V6eiPOn
> GKGjjpbZ/3FP9cJrepM5wuHaesWnyoDO96FYTmqNqgw31r3Cg5sn1JrL6hcguN1x
> CHc7mu5yTrft98pjk5olWaCyvqco0OqK3aID+IAKVJgfJV/2FWZE8KMpw+NvJosn
> g6UwwN4PMUpq+CGgPRyRx12RzyP8iFxp8J8D0nS8H+BMSOA/+E2Mny54zjFrDUsH
> amzFM9QlwCIrBQJ50V+OwTDzCnQVXlsbIV9kH6YaZDKo7vFIuyi7myr6mYttbh5o
> m6xgSNQMSLDabyvKQ9l1GX9pQGzR0KPQRR/yn/frQDLydz5qhVEWTwprwxwGSBa/
> lVjLWTsYqqwl1SErI/FfTqJuWGSZUWqy2kUOzTmi5DA+tOvbspaghO5Aqxim/emG
> Sz0DoRcR74zgUNLAAzUN4aZIBxfsO9HSqIXq9I6fK4cT6VBMYKjaJh23Hf2qOiuA
> Z2g5nl+oT5CDzTlzzIMHZmCTkEjtNDAK+lb6SBCp8ScHcjafcm/cO9gNMV4+EBks
> PgEm1eutCEpOpGIOHjcsFV1ryZonB8U0VmbpsxqsDE1Y0l1u6bEUKTMeJoHfEeTe
> Q4wdo5LxbKt4LGQACopwX4NNdfupdPNT2SyiGCu7Vh+0P78+IEewbpRetW1KpNg3
> MXWd7sWh2tnA9cRzPwYhvUtUsj0L/GXLOKO9bMH8qfivOnsp5lbRnr6KAKoqzn2L
> 3g==
> =OuR2
> - -----END PGP MESSAGE-----
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iQIVAwUBU9LLD/O9SFghczXtAQJedA//UoclobLIQI4cKNu2V/bNIxUxEGb71pXr
> QCQJJJQgMbK0kAE9pf6uFldur3m3kDOtPeQEx8AUZ4pS7YEPkE8mDrPxeohYi4i0
> S1yp82EX3JEchZrMDgEveP4C8zqgLg38ie0idL72nPQo2o1D5BpfRFElVA72Z8A1
> 0A9ehua+B9f1g+QKo4wMzPqbfRsHIdOIRELkrniJfRfuIxLY6F4MuiIR5F1YLhJR
> TlVjsVUqEFduulO8yBF4A/4QZ1x6QzL47bUYigJwft3YNwbKNshrL8YPhMSgbdjB
> BQSoPf93h2RasxKczWalawmTbZaev4kIvBy3EV2S11oy85SqRkAHb/G4f0dq1xI3
> Nc5WTWk+L0Im4Zh0+lqXrBucVvstDsrwEvDRztbrkNaey7p4HKWq+0JQ8zGKxZeq
> D4eQD/N89uZLnXV+Q0Gut1w0BHSn7jmYm7TiDiXwk9DBy49i88MYaHocjGtWmLUP
> tTSdunXAtOVfRPTJyL47mgbxgsDAyAHFN3CfhmN+PcjaUvrPTvlJ7g6ObdCiAGcr
> CEiqKU0QoZTQS9bCkXOeV5LhIvbeh/2P5Ft+4acAAG38oE4/VKJZ+ly49Du4HF6v
> LEQFDFJ03WbYRysPIX3J1Krgkza0/wm8Oy0Og27RVfSpVrOV+hPzmgCMURRYz0yS
> 21uL+NP/O+o=
> =spOA
> -----END PGP SIGNATURE-----
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography




More information about the cypherpunks mailing list