15 April 2014
Home-made Communications and Security
Subject: Home-made communications and security technology
From: John Preston <gizmoguy1[at]gmail.com>
To: cpunks <cypherpunks[at]cpunks.org>
Date: Mon, 14 Apr 2014 17:49:27 +0100
Given the enormous complexity of modern technology (100+ KLOC software projects,
1+ billion transistor CPUs, etc.) I view security failures to be an
inevitability: the attack surface is rich for exploitation by enemies, and
bugs and errors constantly emerge due to both man and machine.
That said, I do not think it unwise to consider it a prerequisite for the
most paranoid-level technologies that they be easily understandable and
scrutinisable by individual people. Hence, I have an interest in pen-and-paper
ciphers, simple wireless communications systems for Morse, voice, and data,
and simple computers.
Is this something other people think is a sensible or important line of inquiry?
Do these technologies and the people using them exist? Are there movements
advocating this approach? Thank you.
Date: Tue, 15 Apr 2014 01:08:03 -0300
From: Jose Damico <damico[at]dcon.com.br>
Subject: Re: Home-made communications and security technology
I think, that one important and simple tool that will remain useful for the
next decades is Analog Audio Encryption.
Radio & Analog communications are simple to implement and very useful
for good and for bad, but I think that what will keep this technology live
for situations, like wars, conflicts, protests etc, will be the use of Audio
Encryption over Radio & Analog communications.
Due to the rapid increase in breaches of natsec, comsec, infosec, compusec
and privacy -- digital and analog -- along with the corresponding increase
in governmental, commercial and professional services to warn, discover,
log, report, counter, exploit and profit from security breaches, there should
be greater attention to home-made protection which now gets short shrift
from the security-alarm-ringing industry.
Public ignorance about and trust in the security industry in all its permuations
from natsec to privacy is exploited by the industry as much as by security
Self-protection by individuals has a long history of resisting organized
protection by authorities, officials, professionals, industry and "public
interest" organizations who most often work together to delude the public
and exploit its trust.
A common practice of the security industry is to instigate attacks which
require its response, like firefighters setting fires to assure fighters
are needed, like spies fostering threats to justify the need for spies. Crises
are used to concentrate power and control and to boost expenditures. Cyber
crises are now top of the alarm list, argued comparable to terrorism.
Cryptography leads the movement of excessive alarmism about comsec and privacy.
Once an arcane gang of secrecy protection it is now a public organized scourge
of accusations, threats, sirens and preenings -- a campaign of attacks and
counterattacks coupled to governmental, commercial and institutional exploitation
of public ignorance of the technology.
A saluatory feature of cryptography, as well as the security industry, is
ingrained paranoia about undiscovered and deliberate weaknesses in protection.
The magic formula is to offer protection sufficient to allure but not so
much that indifference prevails over seduction. "You get the protection you
pay for" is the marketing motto. Then, when failure occurs, "there is no
absolute protection, you misunderstood, your error caused it." Hire us, buy
our improved and upgraded product. A distinguished example among many others
is Bruce Schneier's Cryptogram monthly newletter:
An odd fellows dispute has developed between national security and civil
liberties, with both pretending opposition but acting in rewarding concert.
Civil liberties officers have been appointed to spy agencies, such as the
NSA, and security experts appointed to civil liberties organizations, such
as the ACLU. The two types appear together on panels, in the news and on
social media, usually congenially, cracking jokes about one another, or
performing separately before adherents to vilify and rant against each other's
industry, enjoying the security alarm limelight and in many cases, handsome
fees and salaries. Ex-CIA and NSA director Michael Hayden and speakers-bureau
gaggle of ex-officials often star, along with speakers-bureau of stars from
the security-privacy loyal opposition of whistleblowers, ex-spies, comsec
wizards and fee-for-info-freedom lawyers.
Skepticism of security threats promulgated by the security-alarm complex
is prudent, in the face of burgeoning cyber alarms ostensibly requiring
application of vast resources by government, industry and organizations for
Cryptome welcomes proposals for home-made security or pointers to them. Anonymous
or attributed. cryptome[at]earthlink.net