[146461] in cryptography@c2.net mail archive
Re: [Cryptography] Separating concerns
daemon@ATHENA.MIT.EDU (ianG)
Thu Aug 29 15:20:22 2013
X-Original-To: cryptography@metzdowd.com
Date: Thu, 29 Aug 2013 11:27:59 +0300
From: ianG <iang@iang.org>
To: cryptography@metzdowd.com
In-Reply-To: <0E773A86-09F6-4BAC-B3B6-243BCE3184AF@gmail.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
Hi Phill,
On 28/08/13 21:31 PM, Phill wrote:
> And for a company it is almost certain that 'secure against intercept by any government other than the US' is an acceptable solution.
I think that was acceptable in general up until recently. But, I
believe the threat scenario has changed, and for the worse.
The firewall between national intelligence and all-of-government has
been breached. It is way beyond leaks, it is now a documented firehose
with pipelines so well laid that the downstream departments have
promulgated their deception plans.
And, they told us so. In the comments made by the NSA, they have very
clearly stated that if there is evidence of a crime, they will keep the
data. The statement they made is a seismic shift; the NSA is now a
domestic & criminal intelligence agency. I suspect the penny has not
dropped on this shift as yet, but they have said it is so.
In threat & risk terms, it is now reasonable to consider that the USA
government will provide national intelligence to back up a criminal
investigation against a large company. And, it is not unreasonable to
assume that they will launch a criminal investigation in order to force
some other result, nor is it unreasonable for a competitor to USA
commercial interests to be facing a USA supplier backed by leaks.
E.g., Airbus or Huawei or Samsung ... Or any company that is engaged in
a lawsuit against the US government. Or any wall street bank being
investigated by the DoJ for mortgage fraud, or any international bank
with ops in the USA. Or any company in Iran, Iraq, Syria, Afghanistan,
Pakistan, India, Palestine, .... or gambling companies in the
Caribbean, Gibraltar, Australia, Britain. Or any arms deal or energy deal.
(Yes, that makes the task harder.)
iang
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
