Law in the Internet Society

View   r6  >  r5  ...
ResponseToSoMuchForSavages 6 - 05 Nov 2009 - Main.BrianS
Line: 1 to 1
META TOPICPARENT name="WebPreferences"
These are some questions that came to mind after reading "So Much for Savages".
Line: 66 to 66
 Do you have any $50-$100 handset phones that use RSA or twofish or ECC based on open source and interoperability? I don't think you do. What people do or do not believe is the province of marketing. Show me a product. This February, when Obama was elected, Glenn Beck et al. made Wal-Marts in every rectangle state in the country sell out of guns and safes, and those things are not cheap.

-- HarryLayman - 04 Nov 2009



I was hoping someone with more technical knowledge than I possess would answer your question, but if an answer has been presented then I'm overlooking it. If there is a clear answer that someone is aware of, I'm interested in hearing it (or being pointed at a link).

Here is the best answer I have so far, Seth. The readings described that encryption of the sorts we're discussing (e.g. public key) can, when used properly, be virtually unbreakable. Or at a minimum expensive to break. So the listener-in's problem is not just that he/she/it cannot crack the whole internet, but that he/she/it cannot crack even individual exchanges when narrowed down to, e.g., you and your wife. So that's part one of my answer: encrypting would be helpful to privacy first and foremost because it can provide some security for individuals.

The second part of the answer I suggest is that the government wants to, presumably, listen in to several suspects in a given case, each one of which involves a costly PK-breaking problem. And the government has many cases containing suspects. So by encrypting the whole net, the overwhelming resource cost of breaking one PK is amplified by the number of PKs they would, practically, need to crack to run the surveillance system. Encrypting the internet would simply cause the significant difficulty of cracking one PK to increase relative to the number of PKs needed to be cracked.

Finally, a related point re: "wouldn't the government still be able to 'listen in' on a conversation between any individual that was for whatever reason suspicious?"

The government, absent other information on you and your wife's communications, has no way to know your conversation is suspicious because it can't read it to flag keywords, etc., until it has broken the encryption. So an additional potential value of PK encryption across a network is that it undermines, in part, screening for what is suspicious. Since the listener has to break all the used encryption to monitor all the messages encrypted, use of encryption significantly decreases the ability to, e.g., screen based on text.

All of this is, of course, unless the oblique attacks Elided mentions have already compromised the computers involved (or other communication device) directly. Herein we may have a problem in the future, because as laptops converge with cell phones (for example, netbooks/iPhones/Black Berries), there is again a risk of trusted computing taking further hold of our communicative devices.

I hope this answer is helpful. I would welcome others' thoughts on the answer if this is not it.

-- BrianS - 05 Nov 2009


Revision 6r6 - 05 Nov 2009 - 06:36:22 - BrianS
Revision 5r5 - 04 Nov 2009 - 17:50:52 - HarryLayman
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM