Re: [perpass] Egal wie man diskutiert

Phillip Hallam-Baker <> Sun, 08 December 2013 17:33 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 2E5851AE020 for <>; Sun, 8 Dec 2013 09:33:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: 1.701
X-Spam-Level: *
X-Spam-Status: No, score=1.701 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id sUHZj9KIlSOm for <>; Sun, 8 Dec 2013 09:33:07 -0800 (PST)
Received: from ( [IPv6:2a00:1450:400c:c00::229]) by (Postfix) with ESMTP id 0AFBA1AE01F for <>; Sun, 8 Dec 2013 09:33:06 -0800 (PST)
Received: by with SMTP id y10so2556091wgg.0 for <>; Sun, 08 Dec 2013 09:33:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=6/SIr7ZBuJlXwkiPtyCc147Sjcy3MrX7rTiw9UxvgHc=; b=w5vgxmzMxx0fmrN+8KyytzNfv9EmePmc/+ttvbHUIVZnLMnlMzuL8GkUQCo0Uf9X3p YcoPEUSHrtXv6Td1oMHFRX475bJCDkbFQeJUN6VSQ5Ooopuxp4rrBG0pLFME7ZRnVr7S gOvgUV8cY7IKyCrg9YuVFJ17dl6jRDFQNT9mLQfVog3UWkuSFDuGhBx4AlK5xjlbj49a WIefFh3i6FLw+JXlFwstsMlUx3+7rnn2Rd7A5Ahd3OYn3/9NBIb4uur7dc3ft0WAJnZk ZKuz55dM+qoy56/BOvjarJFLDe6gPWzbW1QpJcLcVHGANF/NogRN3N4FC1QVa/NuSjXt LhVw==
MIME-Version: 1.0
X-Received: by with SMTP id b13mr12230708wjx.32.1386523981917; Sun, 08 Dec 2013 09:33:01 -0800 (PST)
Received: by with HTTP; Sun, 8 Dec 2013 09:33:01 -0800 (PST)
In-Reply-To: <>
References: <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <> <>
Date: Sun, 8 Dec 2013 12:33:01 -0500
Message-ID: <>
From: Phillip Hallam-Baker <>
To: Hannes Tschofenig <>
Content-Type: multipart/alternative; boundary=047d7bfcfc826a358904ed094538
Cc: SM <>, perpass <>, Bruce Perens <>, Pranesh Prakash <>, Andreas Kuckartz <>
Subject: Re: [perpass] Egal wie man diskutiert
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 08 Dec 2013 17:33:09 -0000

On Sat, Dec 7, 2013 at 1:16 PM, Hannes Tschofenig <
> wrote:

> The good thing is that Jörg Ziercke is not the only person to decide.
> To quote Bruce Schneier:
> "
> The FBI believes it can have it both ways: that it can open systems to
> its eavesdropping, but keep them secure from anyone else’s
> eavesdropping. That’s just not possible. It’s impossible to build a
> communications system that allows the FBI surreptitious access but
> doesn’t allow similar access by others. When it comes to security, we
> have two options:
> - We can build our systems to be as secure as possible from
> eavesdropping, or
> - we can deliberately weaken their security.
> We have to choose one or the other.


I have met the senior management of the NSA. My take is that they are
generals fighting the last war. All they understand is attack or threat of
attack as the best form of defense.

Threat of attack does not work against terrorism but it can work against
state sponsors, at least to some degree. Ghadaffi funded many of the
European terrorist organizations, he supplied the IRA with the Semtex
explosive used in the attack on my family. Ghadaffi stopped supplying the
external groups after Reagan's bombing attack on Tripoli but he also downed
two civilian airplanes in retaliation killing hundreds of people.

At this point the traditional terrorist strategy is conspicuously bankrupt.
The terrorists can't gather in sufficient force to be a significant threat
unless they have a state sponsor or a failed state they can operate from.

The new terrorist concern is that there will be a group of hackers with the
sufficient skills and motivation to attack civil critical infrastructure.
Water, electric, etc. And some of the proposals for how to deal with that
threat are worse than the threat. Bombing Iran at the first sign of attack
(which would give Netanyahu an easy way of achieving his objective).
Declaring martial law at the first sign of a critical infrastructure attack.

The last should worry anyone who remembers the Peter Aspinal/James
Goldsmith attempt to organize a coup in the UK. It was a harebrained scheme
but they approached the head of MI5 (who immediately reported the plot to
the PM and the Queen). The US has no shortage of politicians mouthing
treason and they have a whole news infrastructure telling them how right
they are.

So yes, I do worry about terrorism. But I also worry about the people in
charge of this surveillance infrastructure being the threat. I certainly do
not think we can trust people who spend their time telling each other fairy
stories about the President being illegitimate because he is not a US