[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: The "Future" Fallacy

Duncan Frissell quotes Bill Gates:
>"Soon any child old enough to use a computer will be able to transmit coded
>messages that no government on earth will find easy to decipher."

[email protected] responds:
>Billg is an optimist.
>What's wrong with this picture, Duncan?

Then Tim May says: 
> I found nothing wrong or incorrect with the quote Duncan attributed to Bill
> Gates (I haven't read Gates' book).
> I couldn't understand Duncan's koan, shrugged, and moved on.

I don't know what blancw was getting at, but I'll take up his side of the
argument.  Can good security really be automated so well that people will
have it without thinking about it? 

I create accounts at an ISP, and 90% of the people who walk in the door
pick terrible passpwords, even after listening to a little speech about
what makes a good one.  I'd be willing to bet that more than half the
people using PGP have passphrases that would fall quickly to a dictionary

The child in billg's example might have a giant key sitting on the hard
drive, but it's either going to be sitting there in the clear or protected
by a passphrase.  Will the child pick a good passphrase?

One of the most important arguments we can make against government control
of crypto is that the claims of impenetrability are being oversold on both
sides of the debate.  If the NSA wanted my PGP key badly, they'd have it
and I wouldn't know it.  I can think of lots of ways they could get it,
and I'm not nearly as clever as they are.

Good algorithms and protocols aren't enough:  you need good human
discipline.  The best software in the world won't help me if my passphrase
is "alex1" -- and that's what 25% of the people named Alex will set it to,
providing that you impose the restriction that passphrases must have a
non-alphabetic character.

There's an enormous difference between the amount of care that people in
the intelligence business and casual crypto users take with keys.  Are the
spooks wasting time and energy?  I don't think so -- that's what it 
takes to minimize your risks.  Do I do it?  No.  If someone swapped my 
pgp binary, I'd never know it.

Crypto won't protect us absolutely from surveillance, but it will do a 
very good job of protecting us from automated surveillance.  Right now, 
phones are wiretapped for next to nothing.  If I have a friend who sells 
drugs and I speak with him on the phone frequently, I can get on the 
list.  If they hear something on my phone that keeps them interested, 
another friend of mine can get put on the list as well.  It spreads like 
a viral infection.

That's the sort of thing crypto will put a stop to.  If they want my key, 
they'll be able to grab it.  But it won't be practical for them to grab 
the keys of the ten people I correspond with most just because they 
coreespond with me.