Re: [perpass] perens-perpass-appropriate-response-01

Jacob Appelbaum <jacob@appelbaum.net> Wed, 04 December 2013 23:51 UTC

Return-Path: <jacob@appelbaum.net>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 957D51ADFBD for <perpass@ietfa.amsl.com>; Wed, 4 Dec 2013 15:51:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.6
X-Spam-Level:
X-Spam-Status: No, score=-0.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FSL_HELO_BARE_IP_2=2, RCVD_IN_DNSWL_LOW=-0.7] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4oExC5bKjAkD for <perpass@ietfa.amsl.com>; Wed, 4 Dec 2013 15:51:29 -0800 (PST)
Received: from mail-ea0-f172.google.com (mail-ea0-f172.google.com [209.85.215.172]) by ietfa.amsl.com (Postfix) with ESMTP id 9A87C1ADF7F for <perpass@ietf.org>; Wed, 4 Dec 2013 15:51:29 -0800 (PST)
Received: by mail-ea0-f172.google.com with SMTP id q10so10970577ead.31 for <perpass@ietf.org>; Wed, 04 Dec 2013 15:51:26 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:mime-version:to:cc:subject :references:in-reply-to:openpgp:content-type :content-transfer-encoding; bh=7rhWJCKGbsFj2J9hkUabtp3ckwKMQ1vlUAdNt6nQnto=; b=eCzQqsJOvfYFbIrQoObNnXdFrbUS2DrnpF1U8rEAIio1ZESsCEAAUEd1w5jWb/eVoy /uTUQqb1G7g7Kk3mt15sDQAe82X68P7SH7QqrhW2uyhty92jNlpgnmfpyEHF1yg5IsEf HUcjnBZOjK7bIJz0FT/9fAI1Ph4/HAF5XNknWWp41z4mvhL/GWxX4aGYM47btvBJd1Pz c+Dl/Wi0iiA58uS/XQ3N/2FU9F0Hzz5/xA9thXLQkGNPEzK/4/AXDp+gmpUhkx/XuAIB ekmUgbGvSZzbN2ZRV3ZD+8WGoLqdR+H3UZYslYDPYjK1O++OvjRb4CbGMzlMQGI+mh5+ 3+bQ==
X-Gm-Message-State: ALoCoQmtZpvmLtdQ+uCvn1qnWCvu/Dcg8/CdCxz6LtLCjDKRB0ViMcQLHvQF90G5FxSUa+m0a4+r
X-Received: by 10.15.44.4 with SMTP id y4mr9559200eev.71.1386201085931; Wed, 04 Dec 2013 15:51:25 -0800 (PST)
Received: from 127.0.0.1 (spftor4e1.privacyfoundation.ch. [77.109.138.42]) by mx.google.com with ESMTPSA id a45sm99581274eem.6.2013.12.04.15.51.23 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 04 Dec 2013 15:51:25 -0800 (PST)
Message-ID: <529FBEF9.7030205@appelbaum.net>
Date: Wed, 04 Dec 2013 23:47:05 +0000
From: Jacob Appelbaum <jacob@appelbaum.net>
MIME-Version: 1.0
To: Bruce Perens <bruce@perens.com>
References: <E2DA1477-C86E-441E-A33D-D47A0D67AFF3@iab.org> <EF9BD1E4-6EF3-4035-AC4E-1A2D3CADE615@mnot.net> <529E8494.7000806@perens.com> <20131204111309.GB11727@nic.fr> <529F61D8.6030105@perens.com> <20131204171207.GC19914@thunk.org> <529F63C0.3040804@perens.com> <529F88AC.3090904@appelbaum.net> <529F90A0.8000706@perens.com> <529F9205.30906@appelbaum.net> <529F98C0.9090808@perens.com> <529F9F14.8050805@appelbaum.net> <529FB61A.7090604@perens.com>
In-Reply-To: <529FB61A.7090604@perens.com>
OpenPGP: id=4193A197
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Cc: Stephane Bortzmeyer <bortzmeyer@nic.fr>, perpass@ietf.org, Theodore Ts'o <tytso@mit.edu>
Subject: Re: [perpass] perens-perpass-appropriate-response-01
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Dec 2013 23:51:31 -0000

Bruce Perens:
> On 12/04/2013 01:31 PM, Jacob Appelbaum wrote:
>> Could you please cite a single case where the illegal NSA spying programs have 
>> done that?
> I don't know of any that you don't know of. I also don't believe they can ever 
> tell us the full story, whether it's good or bad, because it would reveal 
> operations and in some cases personnel.

So basically, you were just blowing smoke? OK!

>> I walked into Iraq in 2005 (as a journalist) and talked to people who had 
>> their entire family murdered by our war machine.
> I never supported the Iraq war and it happened because so many were fooled by 
> the Bush Administration. I strongly doubt that the Bush Administration did this 
> because they had bad SIGINT.

It happened because of similar arguments to those that you're making
here, actually.

>> We need to secure the DNS against tampering (DNSSEC)
> Um. This has been in process for 14 years without success? And now you want 
> _more_ encrypted protocols?

Good luck with a Man-On-The-Side attack on .se. domains that are
properly configured. While DNSSEC has a lot of problems, it is an
example of how to change the game, even if it is slow going. We've
learned a lot too.

>> Currently, we lack both political and technical solutions to mass surveillance.
> If there is any evidence that NSA is the slightest bit concerned about this, 
> I've not seen it. I would guess that their technical capability is up to the task.
> 

Huh? Did you totally miss my point, or what?

> Political solutions have a chance of being effective.
> 

What political solution do you envision exactly? I'm really curious to
hear how you're going to defend your computer or from attackers with
nation state capabilities (or less) with a political solution. It has so
far failed for all of the nations subverted by the NSA surveillance.

Ask Chancellor Merkel how that process worked out for her cell phone, eh?


http://www.spiegel.de/international/world/merkel-calls-obama-over-suspicions-us-tapped-her-mobile-phone-a-929642.html

Guess what she did after she tried the political solution? I believe she
acquired some better hardware with meaningful crypto!

All the best,
Jacob