Re: [perpass] Cops hate encryption but the NSA loves it when you use PGP
Robin Wilton <wilton@isoc.org> Sun, 31 January 2016 12:12 UTC
Return-Path: <wilton@isoc.org>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6294D1A014F for <perpass@ietfa.amsl.com>; Sun, 31 Jan 2016 04:12:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.799
X-Spam-Level:
X-Spam-Status: No, score=0.799 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fRLzu0LRoGNG for <perpass@ietfa.amsl.com>; Sun, 31 Jan 2016 04:12:31 -0800 (PST)
Received: from na01-bl2-obe.outbound.protection.outlook.com (mail-bl2on0060.outbound.protection.outlook.com [65.55.169.60]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2C4E11A014E for <perpass@ietf.org>; Sun, 31 Jan 2016 04:12:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isoc.onmicrosoft.com; s=selector1-isoc-org; h=From:To:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=GevKVQkuiuxtmm4dDQq2Ks+FwRV0L7oRvtEBFviFcyQ=; b=xwolqYLgX2LiLVsCi0t4e3wwOQfJ8hy1FNvNMujyrlcNONsuRn/784lViUjEOi+lE7WYI3pUVXefxLdwB3Oadyn9wNoMAmZYWdi4ssfE4zRFSS6NL3g7CcadSlhNDCpXiFQCgUElWla0VDAUmPk8n3PZJTMPPDpyh9x/0SwHl/0=
Received: from BLUPR06MB1828.namprd06.prod.outlook.com (10.162.225.18) by BLUPR06MB1826.namprd06.prod.outlook.com (10.162.225.16) with Microsoft SMTP Server (TLS) id 15.1.396.15; Sun, 31 Jan 2016 12:12:26 +0000
Received: from BLUPR06MB1828.namprd06.prod.outlook.com ([10.162.225.18]) by BLUPR06MB1828.namprd06.prod.outlook.com ([10.162.225.18]) with mapi id 15.01.0396.017; Sun, 31 Jan 2016 12:12:26 +0000
From: Robin Wilton <wilton@isoc.org>
To: Hugo Connery <hmco@env.dtu.dk>
Thread-Topic: [perpass] Cops hate encryption but the NSA loves it when you use PGP
Thread-Index: AQHRW354AzYxc6SiaEeZ9LBfBbKN9Z8UaPeAgAEhVyk=
Date: Sun, 31 Jan 2016 12:12:26 +0000
Message-ID: <0AF45894-9AAF-4429-AF9F-3207E96D81AB@isoc.org>
References: <56ACE9FF.3080606@dcrocker.net>, <1454180211.2528.9.camel@env.dtu.dk>
In-Reply-To: <1454180211.2528.9.camel@env.dtu.dk>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: env.dtu.dk; dkim=none (message not signed) header.d=none;env.dtu.dk; dmarc=none action=none header.from=isoc.org;
x-originating-ip: [94.174.34.240]
x-microsoft-exchange-diagnostics: 1; BLUPR06MB1826; 5:CFY22SEKhy4/CNEjstK1ugy2Y1cT9pIRKjTXSJ2PX4Uu5IY3IP/6aqv4YmLiV6tssxDWKYEeCbAFqKdH4si9mirrC5byffbHW+QQ69BUUaBik89ngigsjdOlTvw+T377wWkekWg98TcE+3x0ooeHLw==; 24:PdiOlgrqrvKNd2rwMaEI9D4WEiIeYfBJumEfig91K7VijnzImtD+YOUemuhuWAnMdcxFQ6A7JderI+PEeRCMLsgomHgsInUsjTx1fdvojSs=
x-microsoft-antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:BLUPR06MB1826;
x-ms-office365-filtering-correlation-id: 984d5e34-7740-4313-2338-08d32a37c8c2
x-microsoft-antispam-prvs: <BLUPR06MB182668830574A7E74FCBB70CBFDD0@BLUPR06MB1826.namprd06.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:;
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046); SRVR:BLUPR06MB1826; BCL:0; PCL:0; RULEID:; SRVR:BLUPR06MB1826;
x-forefront-prvs: 08381C729B
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(6009001)(377424004)(24454002)(36756003)(3280700002)(54356999)(76176999)(50986999)(66066001)(4326007)(5002640100001)(122556002)(5008740100001)(3470700001)(99286002)(106116001)(40100003)(3660700001)(1096002)(5001960100002)(87936001)(2906002)(3846002)(92566002)(102836003)(1220700001)(2900100001)(15975445007)(110136002)(189998001)(2950100001)(11100500001)(86362001)(77096005)(33656002)(19580395003)(19580405001)(82746002)(586003)(83716003)(6116002); DIR:OUT; SFP:1101; SCL:1; SRVR:BLUPR06MB1826; H:BLUPR06MB1828.namprd06.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:23
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: isoc.org
X-MS-Exchange-CrossTenant-originalarrivaltime: 31 Jan 2016 12:12:26.1449 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 89f84dfb-7285-4810-bc4d-8b9b5794554f
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLUPR06MB1826
Archived-At: <http://mailarchive.ietf.org/arch/msg/perpass/3buXQRLx1dcIZ8XaULz0sx9uwNk>
Cc: "perpass@ietf.org" <perpass@ietf.org>, "dcrocker@bbiw.net" <dcrocker@bbiw.net>
Subject: Re: [perpass] Cops hate encryption but the NSA loves it when you use PGP
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 31 Jan 2016 12:12:36 -0000
It's a good piece by Dave. It won't change my intention of using more crypto, though, for a few reasons: 1 - regardless of archival and possible decryption by spooks, encryption will still help protect some of my data against some other threats*; 2 - the fact that I'm encrypting my traffic doesn't mean there's anything sensitive in it. In fact, it would be rather silly of me to only encrypt the particularly confidential parts; 3 - as Dave and some of the commenters note, the real benefit here comes when encryption becomes pervasive enough that encrypted traffic no longer sticks out like the proverbial sore thumb. *NB - that is still a rather cautious statement of benefit; I have intentionally qualified it in three ways: - encryption only helps protect data, it doesn't guarantee it's safety. For instance, for communications, I want the other party to read what I sent them! They will decrypt it, and at that point any confidentiality of the data has to rely on other factors. - I can't realistically encrypt all my traffic. Some of the apps, devices and services I want to use don't support encryption, and/or don't tell me if they encrypt traffic. Nor can I realistically encrypt my metadata; fixing things so that metadata, social graphs and traffic analysis reveal less information about me is a hard problem, and one I don't really have the resources, tools or rigour to solve. - Encryption (whether for confidentiality or integrity) doesn't help much against threats like malware (Trojans, key-loggers), tracking (pixel beacons, non-browser cookies), denial of service attacks, etc.. But then again, *not* using crypto doesn't keep me any safer against those either. That may all sound very pessimistic, but if Snowden has taught us anything, it is that pessimism is justified at every level in this context - from the hardware up, and at every network node (device, domestic router, commercial/telco router, backbone, data centre, etc etc). Robin Wilton Technical Outreach Director - Identity and Privacy On 30 Jan 2016, at 18:57, "Hugo Connery" <hmco@env.dtu.dk> wrote: > Hi, > > Thanks Dave Crocker for posting this. It is useful to know > who is running the standard anti-crypto arguments, and when. > > "You stand out like a sore thumb and they (archive it forever, > focus on you more, ...)" goes with "only the 4 horsemen of the > infopocalypse use encryption" as one of the standard arguments. > > Regards, Hugo Connery > > On Sat, 2016-01-30 at 08:51 -0800, Dave Crocker wrote: >> Cops hate encryption but the NSA loves it when you use PGP >> It lights you up like a Vegas casino, says compsci boffin >> >> By Iain Thomson >> Jan 27 2016 >> <http://www.theregister.co.uk/2016/01/27/nsa_loves_it_when_you_use_pgp/> >> >> Although the cops and Feds wont stop banging on and on about encryption >> – the spies have a different take on the use of crypto. >> > <snip standard anti-crypto argument> > > _______________________________________________ > perpass mailing list > perpass@ietf.org > https://www.ietf.org/mailman/listinfo/perpass
- Re: [perpass] Cops hate encryption but the NSA lo… Hugo Connery
- [perpass] Cops hate encryption but the NSA loves … Dave Crocker
- Re: [perpass] Cops hate encryption but the NSA lo… Stephen Farrell
- Re: [perpass] Cops hate encryption but the NSA lo… Matthijs R. Koot
- Re: [perpass] Cops hate encryption but the NSA lo… Nicholas Weaver
- Re: [perpass] Cops hate encryption but the NSA lo… Robin Wilton
- Re: [perpass] Cops hate encryption but the NSA lo… Stephen Farrell
- Re: [perpass] Cops hate encryption but the NSA lo… Dave Crocker
- Re: [perpass] Cops hate encryption but the NSA lo… Stephen Farrell
- Re: [perpass] Cops hate encryption but the NSA lo… Paul Kyzivat
- Re: [perpass] Cops hate encryption but the NSA lo… Hugo Maxwell Connery
- Re: [perpass] Cops hate encryption but the NSA lo… Paul Wouters