Slashdot Mirror

← Back to Stories (view on slashdot.org)

Ask Slashdot: Can Bruce Schneier Be Trusted?

Posted by timothy on from the shifty-eyes-and-a-beard dept.

An anonymous reader writes "Security guru Bruce Schneier is, among other things, a world renowned cryptography expert, author of several popular books, and a second-order internet meme. He is also an outspoken critic of the NSA, in particular the massive NSA surveillance programs disclosed over the summer by Edward Snowden. Schneier has been involved in reviewing the leaked documents and has put in effort to determine which cryptosystems should still be considered safe. I'm a big fan of Bruce Schneier, but just to play devil's advocate, let's say, hypothetically, that Schneier is actually in cahoots with the NSA. Who better to reinstate public trust in weakened cryptosystems? As an exercise in security that Schneier himself may find interesting, what methods are available for proving (or at least affirming) that we can trust Bruce Schneier?"

31 of 330 comments (clear)

  1. Trust no one by Bodhammer · · Score: 5, Insightful

    Seriously... Especially the Govt. (and clowns - clowns scare me...)

    --
    "I say we take off, nuke the site from orbit. It's the only way to be sure."
    1. Re:Trust no one by khasim · · Score: 5, Insightful

      You have to trust someone, somewhere along the line.

      Even the compiler can be compromised. Ken Thompson showed that.

      Where I think "anonymous coward" is wrong is that he's implying the Bruce Schneier would NEED to be compromised by the NSA. He wouldn't.

      There are two aspects to "crypto".
      1. The math.
      2. The implementation.

      Bruce can validate that the math seems to be correct (or he can be compromised into saying that it seems to be correct) but it is the implementation that gets used.

      So even if Bruce actually believed that the math was correct, the NSA could compromise the people/organisation/company that turned that math into a product that you would use.

      And it is much easier to claim that a flawed implementation was an innocent mistake than to compromise EVERYONE who can understand the math behind it.

    2. Re:Trust no one by Moryath · · Score: 5, Interesting

      And now, folks, it's time for "Who do you trust!" Hubba, hubba, hubba! Money, money, money! Who do you trust? Me? I'm giving away free money. And where is the Batman? HE'S AT HOME WASHING HIS TIGHTS!

      So do you trust the Joker, or the Batman?

    3. Re:Trust no one by godrik · · Score: 5, Informative

      "Even the compiler can be compromised. Ken Thompson showed that."

      Well, double compiling techniques can be used to certify a compiler. (Though it actually assume that you have access to an other safe compiler, which is a little bit complicated, but doable)

      http://arxiv.org/abs/1004.5534

    4. Re:Trust no one by ShanghaiBill · · Score: 4, Insightful

      the NSA could compromise the people/organisation/company that turned that math into a product that you would use.

      An obvious solution to this would be two (or more) independent implementations. The implementations wouldn't even need to be done by trustworthy entities, just entities unlikely to cooperate. If the NSA does one implementation, China does another, Russia does a third, and they all produce identical output, then that would be good enough for me.

    5. Re:Trust no one by Anonymous Coward · · Score: 5, Funny

      Well, if you know your comic-book history, you'd know that Batman had a homosexual relationship with Robin and was shown in the comics in bed with him.

      If there's anything one learns from applying for a security clearance or worldwide politics in general, it's that nobody trusts homosexuals. I trust the Joker. Not only is he not a homosexual, and therefore trustworthy, but a proven innovator with plenty of experience thinking outside the box. I trust the Joker. Not Batman, as Robin has too much filthy blackmail on him.

      -- Ethanol-fueled

      I trust Cat Woman, and if she is homosexual that would be so hot.

    6. Re:Trust no one by Idarubicin · · Score: 5, Insightful

      Applying the mantra of open source to the underlying mathematics: Learn the mathematics of cryptography yourself to find the bugs within the mathematics. Don't place your trust in any person other than yourself.

      Which is why I always x-ray the concrete and perform a full metallurgical analysis on the structural steel before I drive across one of those government-built bridges. Sure, I had to do a four-year engineering degree, but it was worth it.

      Seriously, "trust no one, and validate everything from first principles" breaks down very quickly if you try to apply it to any but the narrowest portion of your life. Figuring out workable and robust ways to evaluate trustworthiness of other parties is a damn useful (and equally damn difficult) problem.

      --
      ~Idarubicin
    7. Re:Trust no one by swillden · · Score: 5, Insightful

      Applying the mantra of open source to the underlying mathematics: Learn the mathematics of cryptography yourself to find the bugs within the mathematics. Don't place your trust in any person other than yourself. Especially don't worship some brand-name as a god who, as diviner-intercessor, is your sole information-provider on the subject.

      Care to point me to the "mathematics" of AES? How about SHA-2? For that matter, will studying the mathematics of RSA make it clear why a chosen ciphertext attack renders RSA with PKCS#1 v1.5 padding vulnerable, and how using Optimal Asymmetric Encryption Padding instead addresses the issue?

      Seriously, the above is laughable advice. Oh, by all means learn crypto if you're interested, it's a fascinating subject -- one which you can easily devote your entire lifetime to, though you'll have to pick a sub-specialty if you really want deep understanding of the sort that will let you meaningfully evaluate the security of some real-world elements.

      The reality is that you must rely on someone else. Even serious academic cryptography researchers make no claims to be able to fully understand anything outside their narrow area of focus, and they're also quick to point out that even when the theory is great, implementations may contain subtle defects which are extremely hard to find. The "open source" mantra is indeed exactly what we need, but your average developer -- bright though he or she may be -- simply doesn't have the background needed to contribute very effectively, and it doesn't make sense for everyone to invest the time needed to acquire that much background.

      Instead, what we need is what we have: An open security research community. It could be bigger, of course, and I'd encourage anyone who has an interest in this stuff to get involved. And I'd also encourage everyone else to become more informed. But expecting to be able to make a significant contribution to improving security with just a little math is misguided.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
    8. Re:Trust no one by PopeRatzo · · Score: 5, Insightful

      If you were the NSA, wouldn't you plant stories in places like Slashdot suggesting that you can't trust the people who are fighting to protect you from the NSA?

      Which Slashdot editor is so nearsighted that they couldn't see this obvious FUD?

      --
      You are welcome on my lawn.
    9. Re:Trust no one by killfixx · · Score: 4, Insightful

      Hrmmm... You have a great point... More computers won't make the job easier... Smarter computers will...

      Look at Watson... Specifically designed to measure the value of information in both directions and use these values real time as it sorts through massive amounts of data...

      Areas where humans were thought to be the only solution, here comes Watson...

      Law, medical diagnostics, computer software troubleshooting, etc...

      These are all areas where Watson will soon dominate...

      We can only hope the Utah data center will NOT have IBM as one of the contractors...

      --
      "Helping to keep you two steps ahead of the Thought Police!"
    10. Re:Trust no one by swillden · · Score: 4, Informative

      But expecting to be able to make a significant contribution to improving security with just a little math is misguided.

      That's a huge jump, and a red flag for a shitty argument. As you wrote it, yes it is misguided. You don't have to make a significant contribution, just understand what's already out there. And it's way more than "a little math".

      For that matter, will studying the mathematics of RSA make it clear why a chosen ciphertext attack renders RSA with PKCS#1 v1.5 padding vulnerable, and how using Optimal Asymmetric Encryption Padding instead addresses the issue?

      Yes. That was simple, wasn't it?

      Actually, no. Simply understanding the mathematics will not make it clear. Understanding the math, then having it pointed out, or reading Bleichenbacher's paper, will make it clear. But merely learning the math will not... else it wouldn't have taken decades for someone to discover that problem.

      The MD5 collision was an algorithm based on math.

      No, it wasn't/isn't. MD5, like all modern hash functions, are based on repeated mixing. It can be modeled mathematically, but it's not "based" on math in any meaningful sense.

      But the basic statistical analyses which show whether something may be vulnerable, is all math.

      Yes, statistics is math. Do the stats for me and tell me if SHA-256 is vulnerable, would you?

      The math for AES can be found on the wikipedia.

      The algorithm can. Block ciphers aren't really based in any meaningful sense on mathematics either. Mathematical tools are used to model them and look for weaknesses... but there's also a healthy dose of good "intuition" that goes into cipher design.

      The current choices for Dual ECC were proven suspect by math.

      Partly. The concern derives as much from observation of process as from the math.

      The advice is not laughable in context- trust no one. And, it's not impossible to learn this stuff, you can either choose to or choose not to.

      I've spent a big part of the last 20+ years learning it (among other things; I'm not a researcher and crypto is only part of my job), and I work with a bunch of other people who've devoted their whole lives to it. And you know what? If you ask them if anything is good, they'll immediately start looking for research papers to find out... because there is no realistic option but to trust the work that others have done, and which has been peer reviewed and vetted.

      Don't trust the researchers - verify it yourself. That's not original research, it's just common sense (for the paranoid).

      That's not what the researchers do. But you're smarter and more paranoid than they are. Gotcha.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
  2. Just double the encryption by bhlowe · · Score: 5, Funny

    I use two cyphers, just in case. In my case, I found ROT13 and XOR excellent for speed and obfuscation.

  3. witch by stormpunk · · Score: 5, Funny

    Obviously we burn him at the stake. If he burns he was innocent.

    1. Re:witch by Dracos · · Score: 4, Funny

      I am absolutely certain that Bruce Schneier weighs the same as a duck.

  4. Easy by TubeSteak · · Score: 5, Insightful

    and has put in effort to determine which cryptosystems should still be considered safe.

    Have someone(s) double check his work.
    We should be doing that anyway, even for someone who is 100% trusted.

    --
    [Fuck Beta]
    o0t!
  5. I will never trust ... by Skapare · · Score: 4, Funny

    ... Anonymous Coward. There are some very suspicious posts he makes. And besides, he seems to never sleep.

    --
    now we need to go OSS in diesel cars
  6. Trust him to do what? by Hypotensive · · Score: 5, Insightful

    If you're talking about absolute trust, i.e. "I trust him" = "I trust him to do anything", you should probably have your head examined.

    Phrase your questions better and you will get more useful answers.

  7. Here you are an answer, which you might not like by trifish · · Score: 5, Insightful

    Problem: Paranoia
    Solution: None

  8. seriously? because SCIENCE! by new+death+barbie · · Score: 5, Insightful

    Bruce Schnier may be the front-line spokesperson for the security community, but that should be completely separate from his body of work in cryptography. At the bottom line, he's doing mathematics, and mathematical proofs can be reproduced and confirmed -- or debated and disproven -- by anyone else in any country with sufficient background to understand them.

    He is not some guru spouting unprovable wisdom from a mountaintop, he is a member of a scientific community, and if he is able to earn and keep the respect of that community, then that's a pretty good indication that he knows what he's talking about.

    --

    It's supposed to be completely automatic, but actually you have to press this button.

  9. Logically retarded by Ralph+Spoilsport · · Score: 5, Interesting
    An assumption of bad faith is self defeating. How can we trust YOU???

    Has Schneier given us bad advice? So far, so good it seems.

    Has Schneier been a vocal critic of the NSA? Yes.

    Has Schneier been on this file for a really long time? Yes.

    Do you have any evidence that he's in cahoots with the cryptofascists? No.

    So, all you have is a speculation to tear down the reputation of one of the good guys, a thought experiment, based on no evidence, but one that has real world consequences of spreading fear, uncertainty and doubt regarding someone who is fighting the good fight.

    Therefore, I would humbly suggest that I could and do logically conclude that YOU are a tool of the NSA, not Schneier, and furthermore, I have more evidence than you do: Your suggestion to consider Schneier as less than reliable based on zero evidence.

    --
    Shoes for Industry. Shoes for the Dead.
  10. Trust no one by Dunbal · · Score: 4, Insightful

    Seriously. The mere act of trusting someone will eventually lead to that person betraying said trust. Trusting someone puts them in a position of power, and power corrupts. You can't trust anyone.

    --
    Seven puppies were harmed during the making of this post.
  11. ...and it's come to this, hasn't it? by StandardCell · · Score: 4, Insightful

    I guess people's paranoia with the NSA revelations have been difficult to swallow. Now everyone is slowly becoming suspicious of everyone else.

    Anything is possible I suppose. To me, it was no surprise really. I do have to say that, having worked with individuals in the security community, the primary focus really is the safety of our way of life at the hands of those who would subvert it.

    The problem comes when those of less character use the government apparatus for control, political or other purposes. It's the same reason police and military need to be kept separate - one enforces the rule of law, and one protects against enemies. When those lines are blurred, history has demonstrated repeatedly that individual rights suffer. The degree to which this happens is the degree of the moral compass of those at the helm of this extremely powerful surveillance apparatus.

    I'm not sure how many true boy scouts are really left running the show up there, but I do know this: the more paranoid we get, the more we lose. All of this need not come to pass in this way. One of the most important things I learned in my time in this world was "trust, but verify" and it rings true today. You can still trust the message that Bruce Schneier has. We have to, for otherwise we will be consumed by our own paranoia. But to verify is probably the most important point. That's where openness and information sharing in the spirit of open source is paramount and what will lead us to the proper conclusion on this matter.

  12. Why? by oldhack · · Score: 5, Funny

    Agree/disagree with what he writes/says, but why do you have to trust him? Is he dating your daughter?

    --
    Fuck systemd. Fuck Redhat. Fuck Soylent, too. Wait, scratch the last one.
  13. Re:SubjectsInCommentsAreStupid by Experiment+626 · · Score: 4, Funny

    Let the whitch hunt begin!

    Whitch hunt would that be?

  14. Can Bruce Schneier Be Trusted? by Jeremiah+Cornelius · · Score: 4, Funny

    Why not? I have his SHA256 hash, right here, on this USB stick.

    But wait! Am I sure I spelled "Schneierer" correctly?!?

    --
    "Flyin' in just a sweet place,
    Never been known to fail..."
    1. Re:Can Bruce Schneier Be Trusted? by gmanterry · · Score: 5, Insightful

      This could become a circus. If the NSA can get you to not trust Bruce, Then you couldn't trust any encryption system. If you trust none then you are just where the NSA want's you. Sometime we are going to have to pick someone we trust. Until proven otherwise, I trust Bruce.

      --
      Since when is "public safety" the root password to the Constitution?
  15. Diverse Double-Compiling (trust but verify) by dwheeler · · Score: 5, Insightful

    Thanks for pointing out my Diverse Double-Compiling (DDC) paper!

    My page on Fully Countering Trusting Trust through Diverse Double-Compiling (DDC) has more details, including detailed material so you can duplicate the experiments and re-verify the proofs. Note that you do not have to take my word for it.

    You have to trust some things. But you can work to independently verify those things, to determine if they're trustworthy. I don't always agree with Bruce Schneier, but after watching what's he's done for years, I've determined that he's quite trustworthy. This is the same way we decide if we should trust anyone or any thing. In short: "trust, but verify".

    --
    - David A. Wheeler (see my Secure Programming HOWTO)
    1. Re:Diverse Double-Compiling (trust but verify) by dwheeler · · Score: 5, Informative

      I've gotten a lot of hits, and that's a good thing. As I noted in another post, I got hit by reddit earlier this year. In general people are becoming more interested in protecting and verifying build environments, as this post about Tor demonstrates.

      So please take a look at my Fully Countering Trusting Trust through Diverse Double-Compiling (DDC) page!

      --
      - David A. Wheeler (see my Secure Programming HOWTO)
  16. Re: Learn math by Anonymous Coward · · Score: 5, Informative

    Schneier isn't even a credentialed cryptographer.

    You know he's designed several ciphers, right? Blowfish, Twofish, perhaps you've heard of them? Twofish was an AES finalist. If that doesn't give him credentials, what does?

  17. Linux backdoor of 2003 & Underhanded C Contest by Valdrax · · Score: 4, Interesting

    To make the claim that linux has been never been intentionally weakened in security, you need to know that every single security vulnerability in Linux (to take one example) was due to carelessness, not intended action.

    Certainly - some classes of backdoor are trivially obvious 'if(sourceip==NSA)' - but others can be subtle logic errors.

    You mean like this attempt in 2003?

    Personally, I'm not longer all that impressed by the IOCCC. Don't get me wrong, some of the code submitted there shows utterly insane levels of skill. However, the above is an excellent example of a good submission for the Underhanded C Contest, which is an excellent teaching tool for discovering exploits as well as for learning about subtle bugs that may drive you utterly mad trying to find.

    --
    If it's for-profit but free, you're not the customer -- you're the product (e.g., the Slashdot Beta's "audience").
  18. Bruce Schneier by david_a_eaves · · Score: 5, Interesting

    I am sitting next (or at least across) from Bruce right now. He is definitely interested (and humoured) in this conversation. As he notes, he's written a book on it. I'd say that a conversation about Bruce's trustworthiness is definitely worthwhile. One should have it about everybody. Of course, it means we should also have it about the people who are most interested in trying to attack Bruce's trustworthiness.