Ask Slashdot: Can Bruce Schneier Be Trusted?

← Back to Stories (view on slashdot.org)

Ask Slashdot: Can Bruce Schneier Be Trusted?

Posted by timothy on Tuesday October 22, 2013 @03:34AM from the shifty-eyes-and-a-beard dept.

An anonymous reader writes "Security guru Bruce Schneier is, among other things, a world renowned cryptography expert, author of several popular books, and a second-order internet meme. He is also an outspoken critic of the NSA, in particular the massive NSA surveillance programs disclosed over the summer by Edward Snowden. Schneier has been involved in reviewing the leaked documents and has put in effort to determine which cryptosystems should still be considered safe. I'm a big fan of Bruce Schneier, but just to play devil's advocate, let's say, hypothetically, that Schneier is actually in cahoots with the NSA. Who better to reinstate public trust in weakened cryptosystems? As an exercise in security that Schneier himself may find interesting, what methods are available for proving (or at least affirming) that we can trust Bruce Schneier?"

21 of 330 comments (clear)

Min score:

Reason:

Sort:

Trust no one by Bodhammer · 2013-10-22 03:36 · Score: 5, Insightful

Seriously... Especially the Govt. (and clowns - clowns scare me...)

--
"I say we take off, nuke the site from orbit. It's the only way to be sure."
1. Re:Trust no one by khasim · 2013-10-22 03:54 · Score: 5, Insightful
  
  You have to trust someone, somewhere along the line.
  Even the compiler can be compromised. Ken Thompson showed that.
  Where I think "anonymous coward" is wrong is that he's implying the Bruce Schneier would NEED to be compromised by the NSA. He wouldn't.
  There are two aspects to "crypto".
  1. The math.
  2. The implementation.
  Bruce can validate that the math seems to be correct (or he can be compromised into saying that it seems to be correct) but it is the implementation that gets used.
  So even if Bruce actually believed that the math was correct, the NSA could compromise the people/organisation/company that turned that math into a product that you would use.
  And it is much easier to claim that a flawed implementation was an innocent mistake than to compromise EVERYONE who can understand the math behind it.
2. Re:Trust no one by Moryath · 2013-10-22 03:58 · Score: 5, Interesting
  
  And now, folks, it's time for "Who do you trust!" Hubba, hubba, hubba! Money, money, money! Who do you trust? Me? I'm giving away free money. And where is the Batman? HE'S AT HOME WASHING HIS TIGHTS!
  So do you trust the Joker, or the Batman?
3. Re:Trust no one by godrik · 2013-10-22 04:16 · Score: 5, Informative
  
  "Even the compiler can be compromised. Ken Thompson showed that."
  Well, double compiling techniques can be used to certify a compiler. (Though it actually assume that you have access to an other safe compiler, which is a little bit complicated, but doable)
  http://arxiv.org/abs/1004.5534
4. Re:Trust no one by Anonymous Coward · 2013-10-22 04:23 · Score: 5, Funny
  
  Well, if you know your comic-book history, you'd know that Batman had a homosexual relationship with Robin and was shown in the comics in bed with him.
  If there's anything one learns from applying for a security clearance or worldwide politics in general, it's that nobody trusts homosexuals. I trust the Joker. Not only is he not a homosexual, and therefore trustworthy, but a proven innovator with plenty of experience thinking outside the box. I trust the Joker. Not Batman, as Robin has too much filthy blackmail on him.
  -- Ethanol-fueled
  I trust Cat Woman, and if she is homosexual that would be so hot.
5. Re:Trust no one by Idarubicin · 2013-10-22 04:49 · Score: 5, Insightful
  
  Applying the mantra of open source to the underlying mathematics: Learn the mathematics of cryptography yourself to find the bugs within the mathematics. Don't place your trust in any person other than yourself.
  
  Which is why I always x-ray the concrete and perform a full metallurgical analysis on the structural steel before I drive across one of those government-built bridges. Sure, I had to do a four-year engineering degree, but it was worth it.
  Seriously, "trust no one, and validate everything from first principles" breaks down very quickly if you try to apply it to any but the narrowest portion of your life. Figuring out workable and robust ways to evaluate trustworthiness of other parties is a damn useful (and equally damn difficult) problem.
  
  --
  ~Idarubicin
6. Re:Trust no one by swillden · 2013-10-22 05:01 · Score: 5, Insightful
  
  Applying the mantra of open source to the underlying mathematics: Learn the mathematics of cryptography yourself to find the bugs within the mathematics. Don't place your trust in any person other than yourself. Especially don't worship some brand-name as a god who, as diviner-intercessor, is your sole information-provider on the subject.
  Care to point me to the "mathematics" of AES? How about SHA-2? For that matter, will studying the mathematics of RSA make it clear why a chosen ciphertext attack renders RSA with PKCS#1 v1.5 padding vulnerable, and how using Optimal Asymmetric Encryption Padding instead addresses the issue?
  Seriously, the above is laughable advice. Oh, by all means learn crypto if you're interested, it's a fascinating subject -- one which you can easily devote your entire lifetime to, though you'll have to pick a sub-specialty if you really want deep understanding of the sort that will let you meaningfully evaluate the security of some real-world elements.
  The reality is that you must rely on someone else. Even serious academic cryptography researchers make no claims to be able to fully understand anything outside their narrow area of focus, and they're also quick to point out that even when the theory is great, implementations may contain subtle defects which are extremely hard to find. The "open source" mantra is indeed exactly what we need, but your average developer -- bright though he or she may be -- simply doesn't have the background needed to contribute very effectively, and it doesn't make sense for everyone to invest the time needed to acquire that much background.
  Instead, what we need is what we have: An open security research community. It could be bigger, of course, and I'd encourage anyone who has an interest in this stuff to get involved. And I'd also encourage everyone else to become more informed. But expecting to be able to make a significant contribution to improving security with just a little math is misguided.
  
  --
  Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
7. Re:Trust no one by PopeRatzo · 2013-10-22 06:07 · Score: 5, Insightful
  
  If you were the NSA, wouldn't you plant stories in places like Slashdot suggesting that you can't trust the people who are fighting to protect you from the NSA?
  Which Slashdot editor is so nearsighted that they couldn't see this obvious FUD?
  
  --
  You are welcome on my lawn.
Just double the encryption by bhlowe · 2013-10-22 03:37 · Score: 5, Funny

I use two cyphers, just in case. In my case, I found ROT13 and XOR excellent for speed and obfuscation.
witch by stormpunk · 2013-10-22 03:37 · Score: 5, Funny

Obviously we burn him at the stake. If he burns he was innocent.
Easy by TubeSteak · 2013-10-22 03:37 · Score: 5, Insightful

and has put in effort to determine which cryptosystems should still be considered safe.
Have someone(s) double check his work.
We should be doing that anyway, even for someone who is 100% trusted.

--
[Fuck Beta]
o0t!
Trust him to do what? by Hypotensive · 2013-10-22 03:42 · Score: 5, Insightful

If you're talking about absolute trust, i.e. "I trust him" = "I trust him to do anything", you should probably have your head examined.
Phrase your questions better and you will get more useful answers.
Here you are an answer, which you might not like by trifish · 2013-10-22 03:46 · Score: 5, Insightful

Problem: Paranoia
Solution: None
seriously? because SCIENCE! by new+death+barbie · 2013-10-22 03:47 · Score: 5, Insightful

Bruce Schnier may be the front-line spokesperson for the security community, but that should be completely separate from his body of work in cryptography. At the bottom line, he's doing mathematics, and mathematical proofs can be reproduced and confirmed -- or debated and disproven -- by anyone else in any country with sufficient background to understand them.
He is not some guru spouting unprovable wisdom from a mountaintop, he is a member of a scientific community, and if he is able to earn and keep the respect of that community, then that's a pretty good indication that he knows what he's talking about.

--

It's supposed to be completely automatic, but actually you have to press this button.
Logically retarded by Ralph+Spoilsport · 2013-10-22 03:51 · Score: 5, Interesting

An assumption of bad faith is self defeating. How can we trust YOU???
Has Schneier given us bad advice? So far, so good it seems.
Has Schneier been a vocal critic of the NSA? Yes.
Has Schneier been on this file for a really long time? Yes.
Do you have any evidence that he's in cahoots with the cryptofascists? No.
So, all you have is a speculation to tear down the reputation of one of the good guys, a thought experiment, based on no evidence, but one that has real world consequences of spreading fear, uncertainty and doubt regarding someone who is fighting the good fight.
Therefore, I would humbly suggest that I could and do logically conclude that YOU are a tool of the NSA, not Schneier, and furthermore, I have more evidence than you do: Your suggestion to consider Schneier as less than reliable based on zero evidence.

--
Shoes for Industry. Shoes for the Dead.
Why? by oldhack · 2013-10-22 03:57 · Score: 5, Funny

Agree/disagree with what he writes/says, but why do you have to trust him? Is he dating your daughter?

--
Fuck systemd. Fuck Redhat. Fuck Soylent, too. Wait, scratch the last one.
Diverse Double-Compiling (trust but verify) by dwheeler · 2013-10-22 04:28 · Score: 5, Insightful

Thanks for pointing out my Diverse Double-Compiling (DDC) paper!
My page on Fully Countering Trusting Trust through Diverse Double-Compiling (DDC) has more details, including detailed material so you can duplicate the experiments and re-verify the proofs. Note that you do not have to take my word for it.
You have to trust some things. But you can work to independently verify those things, to determine if they're trustworthy. I don't always agree with Bruce Schneier, but after watching what's he's done for years, I've determined that he's quite trustworthy. This is the same way we decide if we should trust anyone or any thing. In short: "trust, but verify".

--
- David A. Wheeler (see my Secure Programming HOWTO)
1. Re:Diverse Double-Compiling (trust but verify) by dwheeler · 2013-10-22 06:36 · Score: 5, Informative
  
  I've gotten a lot of hits, and that's a good thing. As I noted in another post, I got hit by reddit earlier this year. In general people are becoming more interested in protecting and verifying build environments, as this post about Tor demonstrates.
  So please take a look at my Fully Countering Trusting Trust through Diverse Double-Compiling (DDC) page!
  
  --
  - David A. Wheeler (see my Secure Programming HOWTO)
Re: Learn math by Anonymous Coward · 2013-10-22 04:35 · Score: 5, Informative

Schneier isn't even a credentialed cryptographer.
You know he's designed several ciphers, right? Blowfish, Twofish, perhaps you've heard of them? Twofish was an AES finalist. If that doesn't give him credentials, what does?
Bruce Schneier by david_a_eaves · 2013-10-22 06:37 · Score: 5, Interesting

I am sitting next (or at least across) from Bruce right now. He is definitely interested (and humoured) in this conversation. As he notes, he's written a book on it. I'd say that a conversation about Bruce's trustworthiness is definitely worthwhile. One should have it about everybody. Of course, it means we should also have it about the people who are most interested in trying to attack Bruce's trustworthiness.
Re:Can Bruce Schneier Be Trusted? by gmanterry · 2013-10-22 13:55 · Score: 5, Insightful

This could become a circus. If the NSA can get you to not trust Bruce, Then you couldn't trust any encryption system. If you trust none then you are just where the NSA want's you. Sometime we are going to have to pick someone we trust. Until proven otherwise, I trust Bruce.

--
Since when is "public safety" the root password to the Constitution?