cryptome gushing.




Cryptome has fallen in love with the semblance of unconformity – some great engineers and writers simply failing to do what they know how to do: spill the beans.

Ross Anderson knows how to communicate; and teach, even. He is just a natural. He can get an advanced class up to examination grade and get them all to pass – probably with flying colors. Unfortunately, the material they learn is second class stuff. It SKIRTS how systems are compromised. Until Anderson teaches HOW the typical (and technically and intellectually unimpressive) GCHQ-er undermines ALL the techniques he teaches, he is failing to be a true non-conformist. Such failure put him in the usual bag: the academic who whines about a system he doesn’t really want to study; since what he wants to study is not HOW to defeat the compromise arts but the theoretical basis of systems that *would* be naturally resistant (in an ideal world). He wants to eliminate the problem at source, rather than apply a fix. Meantime, none of his current knowhow from the “theoretical art” of fixing stuff actually works with practical system. Having indoctrinated the brightest and the best, the net result is JUST to facilitate the deployment of MORE systems that are just as penetrated by 50 years old techniques – that he knows full well, but doesn’t discuss (strange that, no) – as before – all of which provides a nice fertile study ground.

IVE ALREADY said that Peter Guttman’s draft book is a masterly work of ranting about internet PKI, with some good anecdotes learned in the course of us all finding out what an Internet-scale PKI even is.

Concerning Kahn, I have not read the work in question – but have read other essays. At least it all focuses on the main topic: cryptographic penetration.

Snowden is also somewhat disingenuous – in propagandizing that crypto work – IF implemented properly. If you are on a commodity PC, crypto CANNOT be implemented “properly”. If you are using the crypt on a bank-issued smartcard (or from the same vendor that manufactures for those banks), your hosed from the outset. He knows that; but somehow, just like Anderson, he just cannot get around to delivering the main point to the public. It’s too much fun whining – and being a(nother) part of the billion dollar boondoggle. Or, you’re a CIA implant whose mission it to disclose that new reality (of american surveillance on its own folk) and to argue the case “via spy hysteria” – that its still the best of a bad lot (compared to the Chinese and Russian equivalents).


About home_pw

Computer Programmer who often does network administration with focus on security servers. Sometimes plays at slot machine programming.
This entry was posted in rant. Bookmark the permalink.