risking his life to tell you about NSA surveillance [ot]

Search
Go

Discussion Topic

Return to Forum List
This thread has been locked
Messages 1464 - 1468 of total 1468 in this topic << First  |  < Previous  |  Show All  |  Next >  |  Last >>
kunlun_shan

Mountain climber
SF, CA
Dec 5, 2017 - 07:30am PT
https://cryptome.org/A-Discussion-With-Cryptome.pdf
Ken M

Mountain climber
Los Angeles, Ca
Dec 5, 2017 - 11:40am PT
On this, I agree with Reilly.

Why should the plots not be disclosed?

Because then still-unknown-plotters will know what things have been tried, and failed, and be searched for. We haven't had anyone try to smuggle explosives in their shoes after the fires, have we?

There is a tendency for relatively simple plotters to try the same things, thinking that they are being very original. They are not. Once those things are identified, they are generally easy to spot.

Relatively brilliant plotters are another matter, although they can fall into the same trap.

It is better that what is foiled is not disclosed.
NutAgain!

Trad climber
South Pasadena, CA
Dec 5, 2017 - 12:26pm PT
The problem with "security through obscurity" is that you assume the folks you are trying to hide it from don't have access to the info. Like, oh say, the vulnerabilities that NSA teams were working on for hacking its targets.

Information is power, but it is too difficult to control the flow of it when humans are involved.

So, it is a very brittle model. Inexperienced software developers often try to develop proprietary security mechanisms that they think are brilliant... and the typical failure mode is that it gets little review from smarter and more experienced people, and as such there are grievous errors embedded in the solution that smarter people exploit. Far better to have more eyeballs involved, and rely on the motivation of personal desire for fame/recognition/career-promotion that causes white-hat security people to call out the errors.

Either make it secure for real by the standards of a big collection of smart experienced people, and out in the open for all to vet, or just bury an abscess that the truly bad guys know how to find and exploit. It is hubris to assume that the folks on your side are smarter than the folks on the other side.

If you just want to go for an 80/20 approach to solving the problem (i.e. make 20% effort to get 80% of the security coverage), then sure use obscurity and block the idiot criminals, but don't expect to stop the good ones too.
Ballo

Trad climber
Jan 11, 2018 - 11:24am PT
Second developer of WikiLeaks inspired submission system "SecureDrop", security expert James Dolan, aged 36, has tragically died. He is said to have committed suicide. The first, Aaron Swartz, is said to have taken his own life at age 26, after being persecuted by US prosecutors.
https://twitter.com/wikileaks/status/950866357347905537
kunlun_shan

Mountain climber
SF, CA
Jun 8, 2018 - 11:28pm PT
Donald Trump’s Surveillance of New York Times Reporter is a True Declaration of War Against The Press

https://theintercept.com/2018/06/08/donald-trump-new-york-times-reporter-leak-investigation/
Messages 1464 - 1468 of total 1468 in this topic << First  |  < Previous  |  Show All  |  Next >  |  Last >>
Return to Forum List
 
Our Guidebooks
spacerCheck 'em out!
SuperTopo Guidebooks

guidebook icon
Try a free sample topo!

 
SuperTopo on the Web

Recent Route Beta