[cryptome] Re: [Cryptography] $750k Fine for exporting crypto

  • From: John Young <jya@xxxxxxxxxxxx>
  • To: cryptography@xxxxxxxxxxxxx,cryptome@xxxxxxxxxxxxx, cryptography@xxxxxxxxxxxx,cypherpunks@xxxxxxxxxx
  • Date: Sat, 08 Nov 2014 14:41:36 -0500

The global internal rot of digital technology dependence appears doing
quite well by inducing ever greater investment and reliance upon
it. Will over-reliance upon secret cryptography be its Achilles heel?
Let us hope so.

Conumdrum is that wholesale monitoring is the result of ubiquitous
digital technology, networks and programs thickly hidden by secret
cryptography, thinly protected, if at all, by never quite effective public
cryptography, ineffective by law by design, by implementation and
by endless excuses to do better next time.

The correlation between the rise of the Internet to advance global
surveillance and public cryptography to persuade the populace there
is hope the surveillance can be countered, is occasionally noted
but not by cryptography fetishists who promote the notion it is possible
to have a global platform of diverse levels for multiple open and
secret uses but still protect at least a few of the levels with encryption.

This despite the legacy of cryptography as a deceptive technology
through and through and foremost, in particular by misleading about
its strengths and weaknesses, its treachery and double-dealing, its
cheating and betraying, its false promises and "confessed" failures.

No doubt all forms of security share these characteristics, eventual
failure is the fundamental outcome of a security system subject to
ceaseless attack. Every fortress fails, every weapon is surpassed,
every peace treaty is transgressed, every ideology collapses, every
nation is overturned; in all cases by excessive conviction that failure
will not happen, and when it does, it occurs by the least expected
means. After a few attempts to repair the majestic defense and
prolong a regime, it finally implodes most often due to internal
rot of those unable to give up comfortable convictions that munitions
are invulnerable, that supreme command and control is protected
against tampering, that oaths and rewards of fealty to the homeland
are insurpassable. Except for the planted cheats of anonymizers
and encryption.

What we are seeing today is unprecedented in American history: Wholesale monitoring of entire populations, "just in case" the information might be "needed" later. Saying "beware, someone evil like Nixon could use this stuff" *misses the point*: It's bad *even if never abused*. Its mere *existence* is abuse, no matter who controls it. If the system were under the control of a saintly administration consisting of nothing but good actors, and there were a magic button that would be pressed just before they handed over the reigns to someone not so saintly that magically erased all the stored information and destroyed the information-gathering systems ... it would *still* be wrong.

Other related posts: