|
||
|
15 April 2014 Home-made Communications and Security
Subject: Home-made communications and security technology Given the enormous complexity of modern technology (100+ KLOC software projects, 1+ billion transistor CPUs, etc.) I view security failures to be an inevitability: the attack surface is rich for exploitation by enemies, and bugs and errors constantly emerge due to both man and machine. That said, I do not think it unwise to consider it a prerequisite for the most paranoid-level technologies that they be easily understandable and scrutinisable by individual people. Hence, I have an interest in pen-and-paper ciphers, simple wireless communications systems for Morse, voice, and data, and simple computers. Is this something other people think is a sensible or important line of inquiry? Do these technologies and the people using them exist? Are there movements advocating this approach? Thank you.
Date: Tue, 15 Apr 2014 01:08:03 -0300 I think, that one important and simple tool that will remain useful for the next decades is Analog Audio Encryption. Radio & Analog communications are simple to implement and very useful for good and for bad, but I think that what will keep this technology live for situations, like wars, conflicts, protests etc, will be the use of Audio Encryption over Radio & Analog communications. Best Regards Yap
Cryptome: Due to the rapid increase in breaches of natsec, comsec, infosec, compusec and privacy -- digital and analog -- along with the corresponding increase in governmental, commercial and professional services to warn, discover, log, report, counter, exploit and profit from security breaches, there should be greater attention to home-made protection which now gets short shrift from the security-alarm-ringing industry. Public ignorance about and trust in the security industry in all its permuations from natsec to privacy is exploited by the industry as much as by security attackers. Self-protection by individuals has a long history of resisting organized protection by authorities, officials, professionals, industry and "public interest" organizations who most often work together to delude the public and exploit its trust. A common practice of the security industry is to instigate attacks which require its response, like firefighters setting fires to assure fighters are needed, like spies fostering threats to justify the need for spies. Crises are used to concentrate power and control and to boost expenditures. Cyber crises are now top of the alarm list, argued comparable to terrorism. Cryptography leads the movement of excessive alarmism about comsec and privacy. Once an arcane gang of secrecy protection it is now a public organized scourge of accusations, threats, sirens and preenings -- a campaign of attacks and counterattacks coupled to governmental, commercial and institutional exploitation of public ignorance of the technology. A saluatory feature of cryptography, as well as the security industry, is ingrained paranoia about undiscovered and deliberate weaknesses in protection. The magic formula is to offer protection sufficient to allure but not so much that indifference prevails over seduction. "You get the protection you pay for" is the marketing motto. Then, when failure occurs, "there is no absolute protection, you misunderstood, your error caused it." Hire us, buy our improved and upgraded product. A distinguished example among many others is Bruce Schneier's Cryptogram monthly newletter: http://www.schneier.com/crypto-gram.html An odd fellows dispute has developed between national security and civil liberties, with both pretending opposition but acting in rewarding concert. Civil liberties officers have been appointed to spy agencies, such as the NSA, and security experts appointed to civil liberties organizations, such as the ACLU. The two types appear together on panels, in the news and on social media, usually congenially, cracking jokes about one another, or performing separately before adherents to vilify and rant against each other's industry, enjoying the security alarm limelight and in many cases, handsome fees and salaries. Ex-CIA and NSA director Michael Hayden and speakers-bureau gaggle of ex-officials often star, along with speakers-bureau of stars from the security-privacy loyal opposition of whistleblowers, ex-spies, comsec wizards and fee-for-info-freedom lawyers. Skepticism of security threats promulgated by the security-alarm complex is prudent, in the face of burgeoning cyber alarms ostensibly requiring application of vast resources by government, industry and organizations for public protection. Cryptome welcomes proposals for home-made security or pointers to them. Anonymous or attributed. cryptome[at]earthlink.net
|