Re: The CIA mentions us

joel jaeggli <> Sat, 11 March 2017 03:02 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id D8455126BF7 for <>; Fri, 10 Mar 2017 19:02:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -6.9
X-Spam-Status: No, score=-6.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id ECSWKWxZ3tfe for <>; Fri, 10 Mar 2017 19:02:08 -0800 (PST)
Received: from ( [IPv6:2001:418:1::81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 85519120726 for <>; Fri, 10 Mar 2017 19:02:08 -0800 (PST)
Received: from mb.local ( []) (authenticated bits=0) by (8.15.2/8.15.2) with ESMTPSA id v2B31x36039784 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Sat, 11 Mar 2017 03:02:00 GMT (envelope-from
X-Authentication-Warning: Host [] claimed to be mb.local
Subject: Re: The CIA mentions us
To: Stephen Farrell <>, Bob Hinden <>, Ted Lemon <>
References: <> <> <> <> <> <> <> <> <> <> <> <>
From: joel jaeggli <>
Message-ID: <>
Date: Fri, 10 Mar 2017 19:01:53 -0800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.7.1
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="uDwiv2mWxaBNrOEN9DaH5s0oVwKQsgJ3f"
Archived-At: <>
Cc: IETF <>
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sat, 11 Mar 2017 03:02:10 -0000

On 3/10/17 6:02 PM, Stephen Farrell wrote:
> Hi Ted, Bob,
> On 10/03/17 22:53, Bob Hinden wrote:
>> Ted,
>>> On Mar 10, 2017, at 1:46 PM, Ted Lemon <> wrote:
>>> The one thing I wish you'd mentioned in this blog, but did not, is
>>> a point someone made earlier on this thread: that the fact that the
>>> CIA needs to hack individual devices to bypass end-to-end
>>> encryption means that what we are doing in promoting encryption is
>>> effective and worth doing: rather than everybody's communications
>>> being vulnerable, individuals must now be targeted.
>> I think that’s a good point.
>> To expand what you said, these tools are for targeted attacks, not
>> mass surveillance. 
> I don't think your optimistic conclusion here follows, for two
> reasons. Firstly, we've seen that the adversary here is not
> driven by economic concerns and will attack not just a weakest
> link, but all possible targets they can afford given their very
> very large budgets. That I think means that these kinds of attacker
> will attempt both pervasive and targeted attacks, and the fact
> that they attempt the latter does not mean that the don't try
> both. 

Indiscriminately targeted attacks are clearly a persistent threat.
Attack tools that can leverage automation and large economies of scale
are part of the the basic oeuvre.  If your organization is large and
diffuse, the difference between indiscriminate attacks and targeted ones
may have no practical distinction .

> Secondly, it may be that different kinds of attacker have
> different kinds of targets/goals and that some attackers here
> (such as the claimed source of these materials) are generally
> more interested in individuals and not in populations. So again,
> without further information, the interest in targeted attacks
> does not imply a technical or practical inability to mount
> pervasive monitoring attacks.

low hanging fruit being what they are, if your goal is actually to
undermine the faith that efforts security focused tooling is actually
serving a useful purpose; then you seed leaks of your attack tooling or
someone else's because they're already  and sit back while your
adversaries have to ratchet up their own efforts.

> And while I do think that the actions that many people in the
> Internet community and in the IETF have taken have probably
> made pervasive monitoring harder and/or more costly, I do not
> think that's really that relevant to this particular leak. In
> this case, I think the much more interesting thing is that
> this is yet another demonstration that attack code that is
> intended to be used for attacks (as opposed to demonstration)
> is in the end hugely counter-productive. (And immoral too IMO,
> but I'd not claim that we all need to agree with that last;-)
>> Encryption continues to be a strong protection
>> against mass surveillance.
> I totally agree encryption is a major tool in our armoury.
> But that's kind of orthogonal to issues arising from this
> incident I think.
> Cheers,
> S.
>> Bob