lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAJVRA1RrozSGStUemGpeFqJi=Qg+shR25RaRvQ1JJzitGae8aw@mail.gmail.com>
Date: Thu, 17 Oct 2013 22:36:11 -0700
From: coderman <coderman@...il.com>
To: noloader@...il.com
Cc: cpunks <cypherpunks@...nks.org>,
 Full Disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: Secure whistleblowing feedback / reporting
 systems in the content of compartmented information,
 endpoint security [was: [NSA bitching] [formerly Re: PRISM][]]

On Thu, Oct 17, 2013 at 10:16 PM, Jeffrey Walton <noloader@...il.com> wrote:
> ...
> Even if the right to privacy was recognized, it would only apply to
> government. Corporate would be free to spy on us and then sell it to
> the government.


this, in the traditional sense, is what John calls a "COMSEC cover-up":
 http://cryptome.org/2013/10/nsa-hysteria-coverup.htm

meaning that the continual, most significant, and most likely to be
abused and widely are commercial services and collaborations and
products,
  where the product is your private information of any sort, that you
usually unwittingly but sometimes capriciously yield to un trustworthy
third parties with little constraint on secondary distribution for
money to further removed stranger parties...


note that fully decentralized, end-to-end secured, with properly
managed keying and sessions capable technologies are resistant to
these third-party weaknesses and vulnerabilities.


crypto and comms and computing technology should not be abandoned en
whole like the russians for their manual type writers, but the minimum
required operational safety of any information processing system needs
huge innovation to get from current systems to something effective and
usable...  hey look, it's more of those fun problems to solve again ;)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ