Re: The CIA mentions us

Ted Lemon <> Mon, 13 March 2017 15:02 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 515281294AD for <>; Mon, 13 Mar 2017 08:02:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id kILacCdqWJzO for <>; Mon, 13 Mar 2017 08:02:00 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:400d:c0d::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 91B2B129418 for <>; Mon, 13 Mar 2017 08:02:00 -0700 (PDT)
Received: by with SMTP id i34so33553321qtc.0 for <>; Mon, 13 Mar 2017 08:02:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=9PM07QpsxILhAce5y1sgHSyzPf7H0EGzCEIVWELZxy0=; b=NE0ZgXMF+Q8QFNwbuHq0OsgUsMVkFfeYKQkJWIhUMRovHLdM10iGpFzekLxXKrXimI NjvHRFFVMma4K0wTrq6OXr/BEBLLK1UMGUYVA+fGLCCurAm4/Lc09Xr1/UcQetRyc/a0 /yr7RxSy1I7wR3YEZ2l3PwAeCemk4IN7Q+84d5g+8D32JVdBc3d+UeAQFK9+3KRyLR2A 6sUJW8RcoJMoJcXp0czbBdtFnTq2hrLs4MSurn1OaQdJ6mX0MB7FXW3B+gpCLMAgeTI+ 5RIQ3Bx8bCB1jVMyXM1aSgra83wYCNFU8TWvdAbU4hTTQnhZmOJhOvHnzEe6oBohBvQ6 LLMA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=9PM07QpsxILhAce5y1sgHSyzPf7H0EGzCEIVWELZxy0=; b=rHMLvdeEhXWsTkkHNvjdn5NGxeLlXa21sy19Jys5/dpXAmnmDFUEZfwnjcu7g6vOsf zRZv1gr1eZ09S/6VDXIyz2+aoiC35dduG0UKw9XeLb/46bfsLeYN/9wyS6LzwWFLuwdP CzpR+1aSEjy6j3pn45IfGgsQRyR8QvMohSCFshjUOQiM49/0/9Zyt6k0bjEvIY+kIVHV VlhZTkVlUDRDXsthKm9A7r9aXlJUd7tA5JEYuyh1mo5Hm0GaWQg2+6vVTgC04gfZobpC t9I6T3vga53oRDJ+cgOOuUYFzSJ62rlwexdMzfHIxwxhoMja7yKsHI3SjOlrfjVr2xFA 30DQ==
X-Gm-Message-State: AMke39kuITPC9R/dyCF7mjS3LvrBRb91L/gw9xuXWqffKm05ekUeA56nO4AjMT+xgASsqQ==
X-Received: by with SMTP id v1mr35419364qtb.166.1489417319276; Mon, 13 Mar 2017 08:01:59 -0700 (PDT)
Received: from [] ( []) by with ESMTPSA id j4sm12331361qkc.40.2017. (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 13 Mar 2017 08:01:58 -0700 (PDT)
From: Ted Lemon <>
Message-Id: <>
Content-Type: multipart/alternative; boundary="Apple-Mail=_FDE8B84A-470E-471D-A247-E4B7464CEF07"
Mime-Version: 1.0 (Mac OS X Mail 10.2 \(3259\))
Subject: Re: The CIA mentions us
Date: Mon, 13 Mar 2017 11:01:57 -0400
In-Reply-To: <>
To: Stephen Farrell <>
References: <> <> <> <> <> <> <> <> <> <> <> <>
X-Mailer: Apple Mail (2.3259)
Archived-At: <>
Cc: Bob Hinden <>, IETF <>
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 13 Mar 2017 15:02:02 -0000

On Mar 10, 2017, at 9:02 PM, Stephen Farrell <> wrote:
> I don't think your optimistic conclusion here follows, for two
> reasons. Firstly, we've seen that the adversary here is not
> driven by economic concerns and will attack not just a weakest
> link, but all possible targets they can afford given their very
> very large budgets. [...]

> And while I do think that the actions that many people in the
> Internet community and in the IETF have taken have probably
> made pervasive monitoring harder and/or more costly, I do not
> think that's really that relevant to this particular leak. In
> this case, I think the much more interesting thing is that
> this is yet another demonstration that attack code that is
> intended to be used for attacks (as opposed to demonstration)
> is in the end hugely counter-productive. (And immoral too IMO,
> but I'd not claim that we all need to agree with that last;-)

True   OTOH, there's a good editorial in the NY Times recently that speaks to the points you've raised: <>

I think the main thing is that yes, of course, a state actor with unlimited resources can hack every hackable device indiscriminately.   But widespread encryption means that they have to do that.   And doing that is _much_ harder than intercepting passively, and more importantly, it's more detectable.   I am surprised that you find my response optimistic.   I feel pretty cynical about the situation.   I just believe that we have done some things that have improved matters, and that's worth mentioning.