Quote:
|
Quote:
|
Quote:
|
Quote:
I don't vote. I don't give anyone my SSN unless they absolutely need it. They will have to call it Global Climate Change in order to keep extracting money from the fools that believe in such nonsense. |
I don't regard the US National Security Agency as "the enemy." What concerns me is any government agency, especially a very sensitive agency like this one, operating without aggressive and effective oversight. No one under any circumstances is permitted to "lie to Congress," and it is also unacceptable for any Member to "lack the proper security clearances" (oh, how convenient ...) to know exactly where money is being spent and why.
Face it: if we have #CLASSIFIED# million ordinary-IT-Joes with "top secret crypto" clearances, we can afford to have 650 more. The problem, especially, is the phalanx of "military contractors" who swallow #CLASSIFIED# dollars a #CLASSIFIED# on programs ostensibly so "secret" that, if you so much as breathe the name of a program in the newspapers, they'll jail you for 120 years. "If the cat's away ..." Esteemed Generals including Butler and (President) Eisenhower specifically warned that "war is a racket," and that things were being done that (a) not only had no bona-fide military purpose, but that (b) would siphon-off the very lifeblood of the nation in the pursuit of irrelevancy ... corrupting every legislator with its Midas touch. This is precisely what has happened, and, IMHO as well as Eisenhower's, it represents an altogether new type of threat: "the enemy Within." As I have said, human nature. --- And, by the way, it is senseless to vilify someone with arguments like "if you had nothing to hide, you wouldn't worry." Knowledge is power, and it's also extremely lucrative. I have no doubt that contractors to the NSA have found a way to siphon the data that (they are siphoning, so that) NSA is getting, to sell that data for commercial purposes ... again, all without scrutiny or meaningful safeguards. I assert this, once again, simply because I know that human nature is such that, if a vulnerability exists (especially a profitable one ...), it will be exploited. Especially if that vulnerability is secret, both to the public and to the Congress (and, who knows, maybe even being done under-the-nose-of NSA?). |
Quote:
|
Quote:
|
Not sure if anyone though about this but could NSA be lying about breaking encryption to discourage us from using it. After all, they broke the law on surveillance of USA citizens. Second, they're human, and humans lie.
|
Quote:
|
Quote:
|
Quote:
|
|
Silent Circle Moving Away From NIST Cipher Suites After NSA Revelations
http://yro.slashdot.org/story/13/10/...sa-revelations I'm not the only one who has stopped trusting NSA and NIST standards like SHA and AES. They say they will be moving to Twofish (my choice) and Skein. I have looked at Skein, but I don't feel that it is the best choice ATM. Although it was developed by Bruce Schneider, it already has a good number of collisions: http://eprint.iacr.org/2010/538 Like the article says, it does not yet threaten full round Skein. I feel the numbers are getting close tho, so I'll stick to twofish. As for a hash function, that's a harder decision. I have gone with: http://en.wikipedia.org/wiki/BLAKE2 |
Generally, I consider that the NSA is "the good guys" ... but that NSA contractors have been having a field-day without proper legislative oversight. It concerns me most-profoundly that people have knowingly lied-to Members of Congress, and that some Members (having security clearances) have lied to and/or withheld information from their Colleagues. The Constitution expressly states that the Congress may "meet in Secret," and that certain parts of the Congressional Record can be Secret. But it never suggests that the representation from one State may withhold anything from those of any other.
There's a Good Reason for that! We not only do not have adequate oversight within Congress, but we also do not have adequate oversight of Congress. We are spending tens if not hundreds of Billions of dollars every day ... even as we "sequester" social programs, claiming that we "can't afford" them. And, guys and gals, being human-beings ourselves, we know what human-beings will do if no one is guarding the pot-of-gold. FDR sort-of said it well when he said: "I agree with you. Now, make me do it." I expect the NSA to possess the capability to "crack" civilian-grade cipher systems. (Indeed, if they do not, then "what the hell am I paying trillions of dollars for?!?!") But I also expect NSA to participate (and it does ...) in helping to make those cipher systems very strong, because the definition of "national security" covers more than just foreign governments and military ops. It clearly also covers the cipher systems that protect the vast, "civilian," infrastructure. That infrastructure will be betrayed if there exists a vast system to "un-encipher everything and archive everything somewhere in un-enciphered form." That would be a bigger pot-of-gold: "Knowledge Is Power." And there are a'plenty of "Top Men" (epilogue of Raiders of the Lost Ark ... youtube it...) who would find a way to get their paws on it. Industrial espionage on a grand scale. It will happen . . . And there really is "an expectation of privacy," and there really is a valid need for prohibition against "unreasonable search." Just because you can do it, and just because there are Billions/Trillions of Dollars sitting un-guarded on the table, does not make it "okay." Indeed, NSA could be undermining its Mission by doing so. "The Due Process of Law" does not make the system weaker; does not "get in the way." It makes it stronger. It is yet another form of: "The Need To Know." |
I think this is a very good article:
Security After the Death of Trust http://programming.oreilly.com/2013/...ath-trust.html |
All times are GMT -5. The time now is 06:14 PM. |