cryptographic games–China vs US- removing the UK’s game rules


image

http://www.cnet.com/news/china-lashes-out-at-google-apple-for-allegedly-stealing-state-secrets/

China would be well advised to consider the relevance of the “playing ball” phrasing.

Any good politician talks through both sides of her mouth – letting two audiences hear what they wish, from the same words. Google play ball, with words.

To Google, as any American firm, this “is” a game (to be won and lost, and competed over). It has to kept as a “game” since there IS no simple political solution. Being upbeat Americans, they get to choose between a mindless, senseless and failure-inducing world … or a game ( in which perhaps politics keeps the ball at least rolling).

Of course, google know that the standards groups are rigged. They know that the IESG might as well be made up of US officials, beholden to the american dogma. Of course they know that policies, practices and standards are are set to meet the commodity market (not the state-secrets market). And that this means that the security works ONLY in the areas its supposed to work (and not in areas “ out of scope”).

According to the American game, that both Google and Microsoft play well, the game rules are set so as to keep anything of much importance in the “out of scope” space – where normal spying techniques work.

Where China vs US seems to be enabling a solid China win is in the area of vendors, e.g. Google, who look increasingly shrill – as they attempt to deny the nature of the game – and their own political doublespeak. Yes there is NO backdoor to my electronic house locks (and no agreement with the local police to allow covert entry, with special lock codes); but two decent sledgehammers blows to the *casing* of any common, wooden house door make it “unnecessary to pick the lock”. The lock resists penetration by Harvard crypto scientists for 2h! (says the google security marketing). It’s just “not google’s problem” that the casing resists for 20s, only, to apes wielding  stone-age clubs.

And so it is with Google and Microsoft Crypto.

Both firms know precisely how to sledgehammer areas of their product other than crypto, making the crypto ineffective. And of course, they spend large amounts of money, in marketing UK-style deceive-and-deflect security standards , ensuring that “those areas” are “out of scope” in the “mind” of the public.

Advertisements

About home_pw@msn.com

Computer Programmer who often does network administration with focus on security servers. Very strong in Microsoft Azure cloud!
This entry was posted in rant. Bookmark the permalink.