12 Matching Annotations
  1. Dec 2016
  2. Feb 2016
  3. Dec 2015
    1. Representatives of the White House seemed to listen attentively, but shared little about their thoughts. They maintained that President Obama’s position has not changed in the last few months. While they seemed well aware of our concerns about the technical infeasibility of inserting backdoors, they didn’t necessarily share them. That worried us a great deal.
    1. this week’s announcement by Google that a machine made by a Canadian company, D-Wave Systems, which is marketed as “the world’s first commercial quantum computer”, had shown spectacular speed gains over conventional computers. “For a specific, carefully crafted proof-of-concept problem,” Google’s Hartmut Neven reported, “we achieved a 100-million-fold speed-up.”
  4. Nov 2015
    1. In this rush to blame a field that is largely unknowable to the public and therefore at once alluring and terrifying, little attention has been paid to facts: The Paris terrorists did not use encryption, but coordinated over SMS, one of the easiest to monitor methods of digital communication. They were still not caught, indicating a failure in human intelligence and not in a capacity for digital surveillance.
    2. The call for backdoors is nothing new. During my career in the private sector, I’ve seen requests to backdoor encryption software so as to please potential investors, and have seen people in the field who appeared to stand for secure software balk under the excuse of “if that’s what the customer wants,” even if it results in irreparable security weaknesses. I’ve had well-intentioned intelligence officers ask me informally, out of honest curiosity, why it is that I would refuse to insert backdoors. The issue is that cryptography depends on a set of mathematical relationships that cannot be subverted selectively. They either hold completely or not at all. It’s not something that we’re not smart enough to do; it’s something that’s mathematically impossible to do. I cannot backdoor software specifically to spy on jihadists without this backdoor applying to every single member of society relying on my software.
    3. When you make a credit card payment or log into Facebook, you’re using the same fundamental encryption that, in another continent, an activist could be using to organize a protest against a failed regime.<br> ...<br> If a terrorist is suspected of using a Toyota as a car bomb, it’s not reasonable to expect Toyota to start screening who it sells cars to, or to stop selling cars altogether.<br> ...<br> The brouhaha that has ensued from the press has been extreme. ... A Wired article, like many alongside it, finds an Arabic PDF guide on encryption and immediately attributes it as an “ISIS encryption training manual” even though it was written years ago by Gaza activists with no affiliation to any jihadist group.

  5. Oct 2015
    1. Nearly all ap­pli­ca­tions of prob­a­bil­ity to cryp­tog­ra­phy de­pend on the fac­tor prin­ci­ple (or Bayes’ The­o­rem).

      This is easily the most interesting sentence in the paper: Turing used Bayesian analysis for code-breaking during WWII.

  6. Apr 2015
    1. This post discusses the relative merits and dangers of different compositions of message authentication and encryption.

  7. Jan 2015
    1. But if you turn data into a money-printing machine for citizens, whereby we all become entrepreneurs, that will extend the financialization of everyday life to the most extreme level, driving people to obsess about monetizing their thoughts, emotions, facts, ideas—because they know that, if these can only be articulated, perhaps they will find a buyer on the open market. This would produce a human landscape worse even than the current neoliberal subjectivity. I think there are only three options. We can keep these things as they are, with Google and Facebook centralizing everything and collecting all the data, on the grounds that they have the best algorithms and generate the best predictions, and so on. We can change the status of data to let citizens own and sell them. Or citizens can own their own data but not sell them, to enable a more communal planning of their lives. That’s the option I prefer.

      Very well thought out. Obviously must know about read write web, TSL certificate issues etc. But what does neoliberal subjectivity mean? An interesting phrase.