[16763] in cryptography@c2.net mail archive
Re: Simson Garfinkel analyses Skype - Open Society Institute
daemon@ATHENA.MIT.EDU (John Kelsey)
Mon Jan 31 22:56:09 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Mon, 31 Jan 2005 10:31:09 -0500 (GMT-05:00)
From: John Kelsey <kelsey.j@ix.netcom.com>
Reply-To: John Kelsey <kelsey.j@ix.netcom.com>
To: Adam Shostack <adam@homeport.org>
Cc: Mark Allen Earnest <mxe20@psu.edu>, cryptography@metzdowd.com
>From: Adam Shostack <adam@homeport.org>
>Sent: Jan 30, 2005 1:09 PM
>Subject: Re: Simson Garfinkel analyses Skype - Open Society Institute
> That's a very interesting point. There are clearly times when it's
>the case. I suspect, with no data to back me up, that a form of
>hyperbolic discounting occurs here: The family member who is clearly
>present ends up dominating consideration, and the less
>likely/understood eavesdropping threat disappears. (As does the 'yell
>for attention, pick up another extension attack,' but that's another
>story.)
I think there are two parts to this. First of all, this may be a case of s=
imply not understanding the implications of the loss of privacy to sophisti=
cated eavesdroppers. I tend to think this is the case with a lot of privac=
y issues (like grocery store bonus cards), but not here. Second, this may =
be a correct evaluation of the relative risks. Until the set of eavesdropp=
ers who listen in on digital cellphone traffic becomes pretty large, most p=
eople aren't very interesting targets for eavesdropping, at least not in te=
rms of making any profit from it. Most people don't have a lot of money or=
power to reward blackmailers, aren't in a position to leak confidential, h=
igh-value data, aren't likely to end up in some powerful elective or appoin=
ted office, and aren't discussing information that would let an eavesdroppe=
r make a profit from it directly. On the other hand, keeping secrets from =
your parents about who you're dating and what you're doing with them is rea=
lly common among teenagers. Embarassing personal revelations that you woul=
d be humiliated to disclose to your coworkers or roommates are a lot less e=
mbarassing if they're heard by some FBI agent who listens in all day--that =
guy is going to be as hard to shock as a priest or a doctor, and he'll pres=
umably never show up at work and start a rumor about you. High tech crimin=
als trolling for blackmail material might be interested in your affair with=
your best friend's wife, but not if you don't have any substantial assets =
lying around waiting to be sold off for hush money. Probably most people h=
aven't thought through this at great depth, but I think most people who thi=
nk of the FBI listening in on their calls aren't all that concerned about t=
he consequences to themselves, and I think they're correct.
This isn't an endoresment for cordless/cell/VOIP phones without crypto, jus=
t a comment about why it's hard to get people to pay extra for adding crypt=
o to those phones.
>Adam
--John
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
