EFF: The NSA Is Making Us All Less Safe

Post #381,825 by Ashton 10/8/13 9:44:30 PM Reply	EFF: The NSA Is Making Us All Less Safe https://supporters.e...ew?reset=1&id=480 The NSA Is Making Us All Less Safe We all live in an increasingly networked world. One of the preconditions of that world has to be basic computer securityÂfreedom to use strong technologies that are fully trustworthy. ThatÂs why the recent reporting on the NSAÂs systematic effort to weaken and sabotage commercially available encryption used by individuals and businesses around the world is so important. By weakening encryption, the NSA allows others to more easily break it. By installing backdoors and other vulnerabilities in systems, the NSA exposes them to other malicious hackersÂwhether they are foreign governments or criminals. Lowering Your Standards: DRM and the Future of the W3C We're deeply disappointed with the W3C announcement that its Director, Tim Berners-Lee, had determined that the "playback of protected content" was in scope for the W3C HTML Working Group's new charter, overriding EFF's formal objection against its inclusion. If the controversial "Encrypted Media Extensions" proposal goes through to become part of a W3C recommendation, you can expect to hear DRM vendors, DRM-locked content providers like Netflix, and browser makers like Microsoft, Opera, and Google stating that they can now offer W3C standards compliant "content protection" for Web video. Transparent Is The New Black Cloud storage provider Dropbox has done the right thing by joining Google, Microsoft, Yahoo, Facebook, and LinkedIn in their consolidated suit before the Foreign Intelligence Surveillance Court, demanding permission to publishÂfor the first timeÂcomplete statistics about the US government's national security requests. The government's tradition of secrecy surrounding data requests is no answer to the question before the court. What possible justification can there be to prevent companies from reporting the mere number of national security requests they receive? EFF Updates In the Silk Road Case, Don't Blame the Technology [. . .] Of course, none of this is new to the IGM. But this latest summary seems the Worst-yet. Is anyone following this suit aimed before the FISC? Any angles on the Brave New video "content protectors"? Is the US/NSA really going to manage Total Control of all encryption Possibilities--for our comfort and convenience --without some Huge and Hugely-visible squawks from ... quite more IT orgs than poor-lone EFF? I mean.. W.T.F. do we PICKET? (Never mind the self-immolation bit ... yet.)
Post #381,828 by folkert 10/8/13 10:05:23 PM Reply	I get those e-mails from the EFF. Plus I get the early pre-releases as a test group. I don't know how I got on that group... But anyway. -- greg@gregfolkert.net "No snowflake in an avalanche ever feels responsible." --Stanislaw Jerzy Lec
Post #381,834 by static 10/9/13 6:24:52 AM Reply	Who guards the guards. I am a little out of touch with current encryption technology but back in the day, I explored how DES worked. The S-boxes are something I've never seen since in an encryption algorithm and it didn't take long to find out that there is _no_ information about how they work! In practice they are a giant lookup table, a binary blob, if you will, buried inside the algorithm. Cryptographers never managed to find a compromise based around the S-boxes, AFAIK. But it's hard to prove a negative. We just don't know if the NSA had a way in that no-one else ever stumbled across. Fast forward to today. The mathematics of encryption is now several levels beyond what I can intuitively pick up. It is a seriously bizarre field. I'm sure there are a lot of pure mathematicians gently bemused that this has actual real-world value. It means that programmers implementing them need the help of a very small group of people to provide and explain some of the magic numbers. Some of those people work for the NSA. I bet some of those very smart people are regretting that now. Guilty by association and all that. Wade. Just Add Story http://justaddstory.wordpress.com/
Post #381,838 by mmoffitt 10/9/13 8:14:39 AM Reply	Some of them do regret it. http://www.slate.com...ld_speak_out.html
Post #381,846 by a6l6e6x 10/9/13 9:15:18 AM Reply	Re: In practice they are a giant lookup table The look up table is not all that huge. I made DES hum on one of IBM's pieces of equipment, the 4700 bank branch controller. The look up table, which I implemented in assembly language gave it close to 7x performance boost compared to prior version. To be fair the processor was some 30% faster. Look up IBM Research's Lucifer project to see more on S-boxes. No connection to to 666! :) Alex
Post #381,848 by folkert 10/9/13 9:27:12 AM Reply	Worked with both... an S17A and S70. Forklift upgrade from the S17A to the S70. Both 32 Processor in one cabinet and 64GB of memory in two cabinets and a few cabinets of disk... a tape robot and cabinets of its media. Sheeit man. S70 took over an hour to start up, after a power transfer switch exploded and took all power out of the data center. The S70 had to do "checks"... Anyway... that thing just cranked. -- greg@gregfolkert.net "No snowflake in an avalanche ever feels responsible." --Stanislaw Jerzy Lec
Post #381,922 by static 10/9/13 10:12:38 PM Reply	No, it's not huge. But it's not small either. Not for the time. But I stand corrected about the prominence and providence of S-boxes. I must have been looking at leading edge encryption right at the point that researchers were abandoning the idea. :-) However, my point stands that the design characteristics of DES's S-boxes only started appearing long after DES was on the decline. I also note that DES was designed to be implemented in hardware. Software implementations really need a few CPU features that are not common for any sort of speed. Wade. Just Add Story http://justaddstory.wordpress.com/
Post #382,036 by a6l6e6x 10/11/13 6:44:59 PM Reply	Re: need a few CPU features that are not common Quite true. As is/was, the machine instructions are in a long sequence to get things done. And these are looped as well. Message encryption took milliseconds. Alex

Welcome to IWETHEY!