On 17/08/2015 17:21, Dave Crocker wrote:
On 8/15/2015 1:21 AM, Stewart Bryant wrote:
Let's not boil the ocean here. Many criminals use COTS solutions.
Disabling their technology in a way that is still provides satisfactory
for privacy for ordinary citizens would be a useful engineering goal
that pragmatically addresses both their need for privacy and the
need for law enforcement.
On 8/17/2015 8:30 AM, Stewart Bryant wrote:
fortunately the majority ofcriminals are not so smart, and
fundamentally that is the edge that makes law enforcement possible.
Stewart,
So the goal you are espousing is to globally embed a mechanism for
compromising privacy, in order to catch stupid criminals, knowing that
it will be useless against serious and intelligent criminals?
... serious and intelligent criminals that never make a mistake. Fortunately
a relatively rare group.
... and when you say global, one not would put in place
a single global repository for any single element of the system.
What is needed is to raise the bar to the point where it is difficult
but not impossible for duly authorized access (subject to scrutiny),
but close to the ideal for unauthorized access.
Your premise that the result would "provide[] satisfactory privacy for
ordinary citizens" is, so far, counterfactual, given the many and
continuing revelations that document state-based compromises.
I am not advocating a system where a state can read stuff at will
which is where we were (are?), but I am concerned that swinging the
pendulum to the point where reading data for what most would
consider legitimate purpose is prevented.
Based on experience to date, at best what you propose is an open and
very difficult research topic, at the intersection of computer science,
engineering, operations, politics and sociology.
Yes, it is a hard problem, but that does not make it the less worthwhile.
The issue here is not a question of a component bit of key distribution
design, but rather of system-level, long-term efficacy in protecting
privacy in the face of sustained compromise efforts by well-funded,
dedicated and highly intelligent adversaries.
There are many parts of the Internet that need to be protected from
such a concerted attack, and with much greater payoff than reading
the traffic of individuals.
- Stewart