[cryptome] Re: 2nd closure - provider of encrypted emails

  • From: John Young <jya@xxxxxxxxxxxx>
  • To: cryptome@xxxxxxxxxxxxx
  • Date: Sun, 18 Aug 2013 08:02:00 -0400

Jon Callas writes recently that crypto is not the weakness,
it is by-passed to attack vulnerabilities of transmission.



Crypto is a red flag inviting attack, aided by anonymizing
and other concealing methodologies.

The only trustworthy email is that which never leaves your
box which must be disconnected from everything else in
a Faraday, in a bunker, un-powered, out of your reach. Never
used, no CPU, no chips, no cards, no wiring, just the tin
shell covered in bakelite. A demagnetized rock will do.

Humans leak far more than machines. Solipsists and hermits
and braggarts the leakiest.

One thing is for sure after the history of computers of trying,
infallible digital security is impossible, only gradations of
cybernetic illusion. As with security in general.

Attackers always win until they crow about prowess as
strong security for a marketing effort. Then they are
taken down by the weakest link.

Ponder the invention of the word security. It isn't what
it is alleged to be, it means credible illusion, a brand.

PKC is a brand which wizened cryptographers tinker
with but distrust beyond marketing. Read Callas and
Zimmermann closely, not their publicity.

Other related posts: