For the last 232 years, the supreme law of the land in the United States is the US Constitution. All government powers, whether Executive, Legislative, or Judicial, are subordinate to the limits defined in the Constitution.
Claiming that the US Legal system must have unfettered access to all information is the same as saying that the US Legal system must not be fettered or subject to the US Constitution. That leads me to 3 important questions:
Why is NOW a good time to abandon the US Constitution?
What authority does Director Wray claim to be superior to the US Constitution?
Shouldn't Director Wray be immediately fired for violating his Oath to "..Protect and Defend the Constitution of the United States.."?
The US has been attacking multiple countries via the Internet for years. We did it first. We did it best. Yay US. Years ago, our doctrine was that Internet attack was a favorable option, because it had less unfortunate consequences than physical attack. But now, Internet can be much more devastating that physical attack. And the US has the most to lose in Internet attack.
The US economy is totally dependent on the Internet. Internet attack can cripple or destroy us. We can no longer afford to legitimize Internet attack. The past aggressive internet attacks by the US, China and Russia have legitimized Internet attack for all the remaining governments. EVERYBODY who has anything valuable, now gets a chance to receive targetted, remote attack by several governments, PLUS targetted attack by the many organized crime groups.
The US must formally cease undeclared war via the Internet. We must work with all other governments to ensure that we ALL stop waging undeclared war via the Internet.
We use the words: cyberweapon, cyberwar, and cyberattack and think that we know the consequences of conflict. But our prior experience with conflict deceive us. Our instincts are wrong. Our sports metaphors delude us. We undervalue defense. We greatly overvalue attack. At the core, we still believe that Internet warfare is win-able. We believe that victory will go to the righteous aggressor. We believe that attack is sexy and desirable.
The reality is, Internet attack is like poisoning all sources of water, and hoping that your enemy dies first. There is no "Win" in "CyberWar". We all have to defend the same stuff. None of us have functional defenses. Every successful attack weakens us all.
It is easy to capture, analyze and reproduce somebody else's attack. If somebody drops a bomb on you, it is hard to reassemble all the bits, unburn the chemicals, and reuse it. But, if a government deploys an Internet attack, it is easy to copy the attack and repurpose it. When the US deploys an Internet attack, we give our enemies the motive, means, and opportunity to destroy us.
The Pentagon is trying to CyberAttack our way to a more secure future. But Security comes from Defense, not attack.
Thousands of years of human experience have shown that destruction is easier than creation. One man can quickly destroy something that takes a community months to create. It may be that "To every thing there is a season; and a time for every purpose under heaven." But, if you don't spend more time on creation than destruction, you end up a lonely, starving scavenger. Any stable, prosperous society must provide more rewards for creation then destruction.
Modern economies of manufacture and transportation have made many things better, but this is not one of them. In almost every way, the modern economy favors attack:
* The huge advantage granted to market leaders guarantee that we all, government, corporate, and private, foreign and domestic, use the same computers and software.
* There are great economic incentives to ship quickly, with many features, rather than spend time and money to create secure products.
* Our sales and advertising driven economy has convinced us that new stuff, with new features and vulnerabilities is always better than old stuff.
* Products are deployed LONG before understanding. Most of the issues, bugs, and vulnerabilities are discovered after things go into production.
The Internet has made many things better, but this is not one of them. In almost every way, the Internet favors attack over defense:
* The Internet makes everything more complex. This provides the attacker with a vast array of attack surfaces.
* The Internet makes it easier to extend influence. This allows attackers to greatly extend their list of victims. An attacker can easily apply a viable attack strategy to every eligible Internet target.
* The Internet increases the pace of attack. Usually attack can easily outrun any possible warning.
The transition to digital has made many things better, but, again, this is not one of them. In almost every way, being able to make effortless, accurate copies favors attack:
* It is easy to automate attack. This greatly reduces the cost of attack. It also removes the economic cost of scaling up attack against multiple victims.
* It is easy to make self-replicating attack. This allows attack to spread itself beyond any previous control or limit.
* It is easy to capture, analyze and reproduce somebody else's attack. If somebody drops a bomb on you, it is hard to reassemble all the bits, unburn the chemicals, and reuse it. But, if somebody develops an Internet attack, it is easy to copy the attack and repurpose it. Internet attack efficiently spreads destructive knowledge and capability direct to your enemies.
The reality is, Internet attack is like poisoning a common watershed, and hoping that your enemy dies first. There is no "Win" in "CyberWar". We all have to defend the same stuff. Every successful attack weakens us all.
We have a fairly clear understanding of how to increase security through defense. Almost every Internet Security expert agrees on the general shape of the necessary changes. But, the changes are HARD and EXPENSIVE. So, we keep hauling out the "Security Through Destruction" fantasy. If we were really serious about improving Defense, we would make changes like:
1) Change US politics and policy toward CyberWar. Our long-held belief is that Internet attack is less devastating than conventional attack. But now, all economies are so dependent on the Internet, that a sustained Internet outage would kill more people than a nuke. We need to lead the world to the negotiating table and impose strategic limits on Internet Attack. This needs to be enforced by cooperative International Internet monitoring and meaningful penalties.
2) Separate the Defenders from the Attackers. Defense needs it's own budget. Internet Defense must be prioritized OVER Attack. While Attack can inform Defense, it can't create
We already have limits on how US government can use personal information. The Carpenter Vs US lawsuit will continue to define those limits. We created these protections because we realized that government can use personal information to predict, manipulate, and control us. The combination of powerful government and enabling personal information is a threat to self-determination and rule by consent of the governed.
We have seen many recent examples where powerful modern entities used technology and personal information to predict, manipulate, and control us. FaceBook can predict, control and manipulate us. So can Google, Amazon, Political Action Committees, The Russian Government, advertising agencies, and so on. We need to take further action to protect our unalienable right of self determination. If we fail to act, our society and government continue to transform into "Rule by Manufactured Consent of the Manipulated".
Manipulation is a threat to ourselves and our society. Manipulation advances the goals of the manipulator. Manipulation has no fundamental respect for reality. Past manipulation divorced the victims from reality. Manipulation weakens both individuals and society. Present day manipulation must not be assumed to be legitimate, just because it is cheaper, more effective, more powerful, or wielded by new entities.
Once personal information is collected, it is almost impossible to destroy. It will be monetized. It will leak. It will spread. The cell-phone companies will sell or breech. An Intelligence agency will seize and leak. A well-meaning judge will issue a General Warrant.
For NOW, when you need privacy, you must DITCH THE PHONE.
One path forward is to realize that any personal information that is effective at predicting, controlling or manipulating us IS our identity. As long as this information is effective, and valuable, it is a part of us. We must establish that owning your own personal information is an unalienable right. The right of owning your personal information can not be stolen, seized, legislated or contracted away.
Attempts to legislatively say: "Thou Shalt NOT" will probably be ineffective when the underlying economy strongly favors collecting, storing, and using private information.
The most effective legal protections against invasive data collection are to change the economy of personal information. This sounds harsh and invasive, but it may be the only workable protection from widespread privacy threats and manipulation.
1st, we need to increase the expense of collecting and storing personal data.
2nd, we need to decrease the value of using personal data.
For example, we can increase the expense of collecting, storing and exchanging personal data by:
* Require accurate tracking information on the collection, storage and exchange of personal data. This should include identifying information for every entity that handled the data. This should be coupled with large mandatory fines for any data that is missing past transaction history. Currently, data brokers have low overhead and bear no responsibility for their behavior. They are selling goods worth billions. Their activity should be tracked as completely as credit card transactions. Requiring accurate documentation of the personal data marketplace will increase the expense of reselling personal data.
* Impose aggressive taxes on collected, stored and exchanged personal information. It obviously has value. It is a major asset of Google and Facebook. It should be taxed like real estate or an economic transaction. The higher the taxes, the less incentive to collect, store and exchange personal information.
* Forbid exporting personal information from the country of origin. If an entity wishes to collect, store, or exchange personal information, they must do it in the country of origin.
* Add more teeth to "data breach" legislation. Remove any "due diligence" protection. Impose mandatory fines for data breach. Fines should be based on the number and severity of personal "facts". The higher the fines, the less incentive to collect and store personal information.
* Impose full breach liability on every upstream entity in the data collection stream. Currently, data collectors and brokers get rich by selling to a wide market and experiencing no liability. Imposing liability for the behavior of down-stream purchasers of personal data will greatly increase the expense of collecting, storing and exchanging personal data.
Then we must work to harden our society against the manipulative effects of collected personal data. This is a continual challenge. Things we might consider include:
* Require search engines and social media to unmistakably indicate if we are viewing "Relevant, tailored for us illusion" or "Consensus Reality".
* Consistently penalize search engines and social media when they inaccurately represent "Consensus Reality"
* Require search engines and social media to provide a simple, always on-screen method to easily switch between "Relevant, tailored for us illusion" or "Consensus Reality".
* Impose meaningful, effective restrictions on our government's ability to attempt to manipulate "Consensus Reality"
* Require our government to protect it's citizens from other government's or corporation's attempts to manipulate "Consensus Reality"
* Impose mandatory penalties on the enabling parties for every occurrence of identity theft. This means penalize the banks, the credit reporting agencies, and even the IRS. If identity theft occurred, then their process must have immediate, corrective feedback.
* Require multi-factor authentication when authenticating to critical resources.
* Educate our society that biometrics might be identifiers, but should never be an authentifier.
Ultimately, dealing with the problem of privacy abuse and invasive data collection will take much more than a legislative "Thou Shalt Not".
I believe that the FBI is attempting to distract us from the critical, core issues of this debate. In arguing the technical details of accessing cell phones, they distract from the critical speech issues. They REALLY don't want us to ask:
* What should be the limits of government power?
* Are we engaged in Speech or Association when we use our phones?
The US government has managed to bypass the 1st, 4th and 5th amendments by creating and extending the 3rd party doctrine. This doctrine roughly states that once information passes out of an individual's direct control, he can no longer exercise any control over it. This gives the government easy access to huge amounts of shared information.
The "Responsible Encryption" debate is a new legal theory to destroy speech and freedom. It is a "No Party Doctrine". That is, No Party, except the government, is allowed to control information. The No Party Doctrine says that information is so important to the government, that nobody except the government should be allowed to control it. There is no information so sensitive, private or protected that it should escape government control. Since information is so important, individuals must not be allowed to control it through their speech, actions, tools, or situations.
The FBI is cheerfully stating that the creators of the constitution would have allowed complete government control if only they had realized that information was important to a criminal investigation.
We should denounce the "Responsible Encryption" proposals as a straightforward attack on our freedom of thought, speech and association.
Instead, we should act to limit the 3rd party doctrine and restore our rights of speech and association.
It's a Golden Age of Surveillance. We have widely deployed multiple forms of mass surveillance without once asking:
Is mass surveillance consistent with an assumption of innocence?
Is mass surveillance consistent with government that is based on the consent of the governed?
Out personal information is widely available to multiple groups. The government has easy access to an almost endless amount of information about us. There is:
Collected credit-card purchasing information.
Collected cell-phone tracking information.
Real-time car tracking.
Collected browser activity from Google, Web sites, and search engines.
Collected travel information from hotels/airlines.
Mass monitoring of the Internet by the Intelligence community.
The 3rd party doctrine roughly states that we can only assert a privacy right over information we directly control. If the information is shared with a 3rd party, they we don't control it, and we can't assert a privacy right over it. As the 3rd party doctrine has expanded, we have lost privacy over any shared information.
Now, law enforcement wishes to move beyond the limits of the 3rd party doctrine. They advance the legal theory that we should not be allowed to control our own information/privacy AT ALL. They believe that the desires of law enforcement should always outvote an individual's desire for freedom, privacy or liberty. That we should never be allowed to be secret, private or alone.
The proposals for "Responsible Encryption" are a simple end-run around the 1st, 4th and 5th amendments to the US constitution. Instead of debating this crap, we should be demanding stronger privacy protections. We need to restrict the 3rd party doctrine. We need to penalize any lawyer or judge who participates in granting "General" warrants. We need to restrain the Intelligence community from conducting mass surveillance on the US public.
I think it is entirely unreasonable that I can't excrete diamonds. Therefore, I shouldn't have to go to work..
The government knows every important detail of the Sutherland Springs shooter's life. There is no question of what he did, where he went, how he did it. This case is completely irrelevant to their demand to discard the constitution and remake the world into a police state.
The proposal to ban laptops from the cabins of planes appears to be attempting to take advantage of the following logical fallacies and cognitive biases:
* Zero-risk bias: Prefer to reduce a small risk to zero, over a greater reduction of a larger risk. https://en.wikipedia.org/wiki/...
* Identifiable victim effect: We respond more strongly to a single identified victim, than a faceless group of victims. https://en.wikipedia.org/wiki/...
Remember that time they said they needed porno scanners? It turned out that the porno scanners didn't work. https://radsec.org/secure1000-... And, DHS
upper management (Chertoff http://www.motherjones.com/moj... ) got rich off the sale of the porno scanners. This shows that we should not blindly accept TSA/DHS proposals.
The TSA success rate at finding known weapons and explosives is 5%. IE, they only find 1 out of 20: https://www.theguardian.com/co... This means that the laptop change will not actually make a difference to the real risk.
If they are worried that a well funded group will make explosives that look like a laptop, why would they only do laptops? Why wouldn't an attacker make explosives that look like a suitcase? A CPAP? A baby stroller? Why can't an attacker disguise explosives as a big enough item that it doesn't make any difference where it is on a plane? If they can't find an explosive shaped like a laptop, they are not going to find an explosive shaped like other things. Are they going to ban all carry-ons and checked items?
On the face, It seems looke like they have decided to increase their security theater.
While we wait for the TSA's analysis, lets review a few facts. Here are some reference pages on various types of death in the US:
So, your chance of dying of various things in the US is:
* US Citizen killed by terrorists from 2005 through 2014: (about 1 in 240K deaths.)
* Killed by lightning in the US: (about 1 in 160K.) For every terrorism death, there are about 1 and 1/2 deaths by lightning.
* Dying in a plane crash: (about 1 in 10,000) For every terrorism death, there are about 25 deaths by plane crashes
* Being killed by police in the US: (about 1 in 2300) For every terrorism death, there are about 105 deaths by police
* Drowning in the US: (about 1 in 1200) For every terrorism death, there are about 200 deaths by drowning.
* Dying in a motor vehicle accident: (about 1 in 100.) For every terrorism death, there are about 2,200 deaths by motor vehicle accidents
* Heart disease & cancer in the US: (about 1 in 7 deaths.) For every terrorism death, there are 35,000 deaths by heart disease and cancer.
There hasn't been a big increase in deaths by terrorism. Or laptop. Why aren't we banning laptops in order to protect people from lightning? It would make just as much sense.
It looks like you could show a decrease in deaths by
I just realized that replacing the TSA with a agency that gives everybody a daily carrot will actually decrease the chance of carroticide (homicide via carrot.) After all, we all know that they only thing that can stop a bad guy with a carrot is a good guy with a carrot. BUT, if everybody has a carrot, all the bad guys should be stopped!
What I actually need to analyze is the cost of outfitting all the swat teams with assault rutabagas (swedes to you Brits.)
If the TSA is going to make a change, they must prove that the overall benefits justify the costs. Remember that time they said they needed porno scanners? It turned out that the porno scanners didn't work. And, TSA upper management made money off the sale of the porno scanners. At this point, we should just assume that any proposed TSA change is simply another "make TSA management rich" scheme. While we wait for the TSA's analysis, lets review a few facts:
Here are some reference pages on various types of death in the US:
It looks like you could show a decrease in deaths by shutting down the TSA and spending the money on all kinds of other things. For example, you would probably save thousands of people every year, if you took the TSA's budget and used that money to give a daily carrot to everybody in America.
Of course, the future of the KID (Karrot Issuance Daily) agency is not all shiny orange. The yearly number of carroticides might even exceed the number of US people killed by terrorists. But, even factoring in the increase of death by carrot, there still would be tremendous net positive benefit.
I know this isn't a popular opinion around here, but hear me out.
Your reasoning has been official US policy, because it seems sound. But the last few years of Internet warfare has revealed some problems with favoring offense over defense:
1) The weapons of the Internet are not like tanks and nukes. Deploying weaponized exploits require very little infrastructure. They cost almost nothing to replicate. Almost anyone can do it. When an enemy deploys an Internet attack against you, you can easily (compared to a nuke) figure it out, and then deploy it back at them.
2) For years, our standard doctrine was that an Internet attack was not as significant as a physical attack. But, this is no longer true. We are so dependent on the Internet, that a sustained Internet outage has the potential to do more damage to us than a limited nuclear exchange.
Perhaps the greatest problem with the offensive mindset is that it teaches us almost nothing about how to defend. We know we need to deploy better software, but we don't know:
* How to value effective security more than features.
* How to force large IT vendors to favor their customer's interests over short-term profit.
* How to force powerful Intelligence agencies to relinquish power, now that they are a greater threat to US, than they are to our enemies.
".. presently no way to disable or limit the Management Engine in general.
Now this is the feature that screams of interference by a spy agency. If this feature was for Management, then YOU COULD MANAGE IT!
It would be turned off by default. You could turn it off. You could permanently disable it. I have been asking for these capabilities for years. I know I am not the only one. When I talk to other security folks and IT admins, the majority of them want to be able to manage and control the possibility of remote management.
The security industry has learned at lot about attacking authentication systems in the last few years. It turns out, that to an attacker, everything is a digital recording or a digital stream. This means that:
* Something You Have;
* Something You Are;
* Somewhere You Are;
* and Something You Do;
all can ultimately be transformed into Something You (or a computer) Knows. Therefore, almost every multi-factor authentication system depends on several things that an attacker can discover, and mimic.
The security industry has found that biometerics have a major down side, in that they can't be changed. Once they are discovered by attackers, they are permanently discovered.
For example, the major compromise of the US Office of Personnel Management by the Chinese in 2015 disclosed 5.6 million recorded fingerprints. This included everybody who had a security clearance, and all covert agents in Intelligence and law enforcement. Since biometerics can't be changed, it will take decades before this compromise stops causing harm to the US government. US Covert agents can be identified. Any attempt to use fingerprint biometerics for these people can now be more easily attacked: https://en.wikipedia.org/wiki/...
Every government has aggressively begun to collect biometeric information from every possible source. Shortly afterwards, almost every government database of collected biometerics has been successfully compromised. Biometric information is collated by insurance, law and intelligence agencies. It is sold and resold on the various criminal marketplaces.
Part of this flourishing criminal marketplace in biometeric information includes permanent, unchangeable health and medical information: https://hipaahealthlaw.foxroth...
Also, US courts have ruled that biometeric info has almost no legal protections against collection, resale or forced disclosure.
Therefore, some security professionals now believe that well funded attackers can overcome the biometeric parts of an authentication system with less
expense than overcoming a password.
The best I could say was: "If he is being monitored by a government, they didn't really care what he was doing." Nobody seemed reassured..
This, by the way, was a mistake to say. If someone cared enough to break the law to monitor him, then that person was probably a serious threat to him.
I realized my mistake later. I was babbling on and on about types of RAT (Remote Access Tools) and the rise of the surveillance state. Eventually I stuttered to a stop when I saw the intense look of horror and betrayal on the kids face. You could not have hurt him more by stabbing him in the back with a knife. No amount of glib "Et tu Brute?" was going to make it better. His world had just become a dark, treacherous place. Somebody that he trusted, did not trust him. And, by placing the tracker on him in secret, they demonstrated that they were not worthy of trust.
I still have no idea what I could have said to restore the possibility of love and trust to that kid.
Recently we had a career fair for high school kids. Everybody was there. The kids loved it.
For one of our displays, we displayed the traffic of a wireless network using a network visualization tool: https://www.youtube.com/watch?... When the kids connected to the wifi, they could see their traffic. They loved doing different things and seeing what happened.
Somebody had surreptitiously placed a surveillance tracker on a kid's phone. Every thing he did caused a burst of traffic to a remote IP. When he scrolled a screen there was a burst of traffic to that IP, When he typed a character there was a burst of traffic to that IP.. He was absolutely heartbroken when he realized what was going on. His wonderful toy instantly became a treacherous enemy. His friends all took a step back and stared at him like he had become contagious.
I didn't know how to make it better. The best I could say was: "If he is being monitored by a government, they didn't really care what he was doing." Nobody seemed reassured..
The question presupposes that Big IT is desirable. The real questions are: Have I benefited from the lack of competition and choice? Is the slowness of innovation created by Big IT in my best interest? Have powerful corporations EVER served and protected me and mine?
I don't believe that Big IT serves my needs or interests. It cripples my abilities. It limits my choices. It creates powerful political pressures that wish to enslave me.
I don't need or want Big IT or any other powerful corporation. I would be better off without Apple, Microsoft, Cisco, and Oracle.
It is odd that the Australian government is calling on ISPs to take action against computer malware, when most of the effective actions are in the government's hands. Computer malware is a complex issue. There is no single fix. Instead, we need to systematically value and build up security. Probably, the most important changes that we could implement with our ISPs is to require them to properly handle abuse reports.
* ISPs need to properly assess, then quickly forward valid abuse reports to the owners of internet connected equipment.
* Then ISP's need to disconnect misbehaving internet equipment if an abuse report doesn't result in timely mitigation.
This is probably the single biggest change that an ISP could make to help people increase their commitment to effective security.
On the other hand, there is an enormous amount of effective action that could be taken by the Australian government. It includes:
* NEVER HORDE SECURITY VULNERABILITIES! Enable the timely, accurate disclosure of security vulnerabilities and issues. Even by government intelligence agencies.
* Protect whistle-blowers and security researchers from reprisal and harassment.
* Work to crash the global market in vulnerabilities and exploit, by countering it with free, quick, and accurate disclosure.
* Create an independent, well-funded organization similar to the CDC that creates and publicizes accurate tracking of ALL malware activity. Including government malware. We will never get anywhere until we have meaningful epidemiology with details on effective counters.
* Change government purchasing standards to favor resistance to malware over convenience and features.
If the internet suffers an extended outage, there would be massive numbers of deaths. During the first few days, there would be thousands of deaths. During the first few weeks there would be millions of deaths. During the first few months, there would be billions of deaths.
So... two-three months without the Internet and billions will die. The hyperbole is strong in this one. ---SNIP--- I think we'd lose the modern tech that requires a civilization-level effort like computers and such, but I think Amish-level societies would be reasonably self-sufficient enough to survive.
So, to summarize, we agree that if we lose the internet, we are screwed. You feel that we can somehow return to 18th century farming practices and still sustain current population levels.
I pray that we will avoid this situation. The only thing that might take down the internet is a sustained, determined effort by a large group of crazy people. Unfortunately, it sounds like Congressman Sensenbrenner might be an example of such a group.
I don't think it is hyperbole to say the billions will die in an extended (months long) internet outage. Here are a few more depressing facts:
* Almost all of the world's money is virtual. It exists as trust and electronic records. It's potential is only the potential to create certain types of communication. All these communications depend on the internet. Without the internet, the computers in the banks are simply odd shaped piles of toxic waste. An internet-less credit card only has value as a book mark. There are no financial transactions without the internet. There is only barter.
* Most of the US cultivated farmland is degraded from 200 years ago. The soils have increased levels of minerals and salts. The soils have decreased levels of organic material. The aquifers are depleted. Most US farmland requires high-tech intervention to maintain productivity.
Almost all the cultivated farmland west of the Mississippi requires high-tech irrigation to produce crops.
* There are no meaningful stocks of "heritage" seeds. The US lives off of hybrid seed that is produced in a small number of high-tech farms. Even if the current crops could be used for seed stock, most farmers no longer have the means or knowledge to preserve and treat seed.
* Farming is HARD, specialized work. It takes decades to get good at it. 18th century farming is even harder and more specialized. It requires knowledge, skills, and culture that only exists in the Amish. The Amish are good, but they aren't going to feed more than a few thousand people.
There are almost no available animals to support a large return to 18th century farming. Virtually no oxen. very limited stocks of chickens, geese, ducks, pigs, and sheep. There are only a few thousand work-horses.
18th century farming requires a lot of specialized support skills that no longer exist. I would be surprised if there are 100 blacksmiths in the US that could support a farming community. I expect I could count the number of coopers that can work at that level of technology on my fingers. And that is only 2 of a couple dozen specialists that would be needed to create a viable farming community.
Even if somebody could figure out what people need to know to survive, there is no way to communication that information to people without the internet. We don't have the old, low-tech printing presses anymore. If the old printing presses still existed, you couldn't get supplies for them. Even if you could somehow print the information, you couldn't distribute it before most of the people died.
The population of the world back in 1800 was about 1 billion people. There is a considerable state transition between our current state and that state. It may not be reversible.
So, to summarize, if we lose the internet, first the money disappears, then the food disappears, then the people disappear.
I hope somebody convinces the congressman that the internet is essential to the US economy before he causes too much damage.
Our society requires rapid, successful transportation and communication. We have almost completely transitioned to a Just In Time (JIT) economy. See: https://en.wikipedia.org/wiki/...
Thanks to JIT optimization, there are no large stores of immediately useful resources and goods in the US. All elements of our society depend on tight, reliable links between supply and demand. The stores only have a few days supplies. The stores rely on timely orders and deliveries to maintain stock and reduce overhead. The suppliers of stores only have a few days of supplies. They rely on receiving accurate and timely orders to know where to deliver. Those suppliers then must place timely and accurate orders to keep the next link in the chain moving. This continues all the way to the harvesting and transportation of raw materials. Every step is optimized to reduce overhead and unnecessary stock. Any supplier that fails to optimize is replaced by a more efficient supplier that has optimized. Every step is dependent on quick, accurate communication and transport. When this breaks down, people die.
For example, most of the deaths during the Hurricane Katrina debacle were not caused by the initial flooding. They were caused by the breakdown in transportation and communication.
ALL aspects of the US transportation and communication grids are dependent on the continued functionality of the internet. The phone systems are now interlinked with the internet. The management of the highways and the supermarkets all depend on the internet. The internet supports all orders and deliveries in the US. Without the internet, there is no food in the stores or gas in the gas stations. If the internet goes, the electrical grid quickly follows.
If the internet suffers an extended outage, there would be massive numbers of deaths. During the first few days, there would be thousands of deaths. During the first few weeks there would be millions of deaths. During the first few months, there would be billions of deaths.
On the other hand, the internet is built and maintained by hordes of capable people. We can overcome almost any obstacle. Once the dying starts, we will come up with answers. They will not be pretty, but they should be functional. Hopefully, one of the first acts will be the elimination of anybody who claims that the internet is unnecessary.
The CIA and the NSA leaks teach us several important lessons. They include:
* The Intelligence communities are much better at creating problems than fixing them. They can easily destroy individuals, communities, governments and trust. They don't create anything of lasting value. Nor do they clean up the messes that they create.
* Secrecy really REALLY isn't security. Secrecy creates and maintains private agendas. Secrecy creates and fosters waste. Secrecy destroys trust. Secrecy interferes with almost all aspects of security and good governance.
* A large, complex intelligence organization can't keep secrets. They can't keep secrets from hostile governments. They can't keep secrets from organized crime.
* Finally, we have learned that cryptanalysis can be surprisingly effective, but a full frontal assault on an encryption algorithm is the hardest way to break a crypto-system. There are many easier ways to break or bypass crypto.
There is a huge gap between crypto theory (https://www.cs.princeton.edu/~felten/encryption_primer.pdf) and expressed and implemented crypto reality. This gap provides many opportunities for anybody who wishes to favor attack over defense.
Traffic Analysis/meta data collection provides cheap, effective attack against virtually all current communication channels. Once you know who, when, where, how, and approximately what they are saying, you usually don't need to break their crypto.
The easiest way to weaken crypto implementation is to simply withdraw support for updates and improvements. Good crypto is hard. Defense is
expensive. Without constant support, defenses fail. If you wish to weaken crypto defenses, it is usually sufficient to withhold support for good standards and good processes, and fail to eliminate mistakes.
The next most cost effective ways to weaken crypto implementation is to focus on degrading or hindering:
1) Transparency and disclosure;
2) Purchasing standards;
3) Vetting or approval standards;
4) Programming environments and standards.
5) Crypto standard processes;
6) Crypto implementation projects;
7) And crypto standards;
Good crypto implementations are almost indistinguishable from bad crypto implementations. The market will cheerfully purchase poor crypto if it is available, cheap, and the consequences are not immediate.
If an attacker ever needs to access info that is protected by a robust crypto implementation, it is usually faster and cheaper to subvert it's surrounding environment, people, hardware or software.
Reform of the Intelligence agencies should begin by greatly reducing their budget. Currently, they are huge, bloated, unmanageable monsters. They twist government to their whim. They distort the civilian economy. They cause massive incidental damage. A slim, tightly focused agency can be more carefully controlled and managed. A small, efficient CIA or NSA would achieve almost all of OUR important goals with a tiny fraction of the collateral damage.
For years, IT has used complex password rules to make up for the failings of IT security. Specifically, we have required complex passwords because:
* IT fails to protect our password hashes. Password hashes require almost as much protection as plain text passwords. They both must be protected from exposure. Password hashes must be continually upgraded to the strongest hashing algorithms. They must be individually salted. Their communication pathways must have the highest level of protection to prevent exposure and pass-the-hash attacks.
* IT fails to detect and limit password guessing. Short passwords can be quite effective when there are effective limits on password guessing.
* IT fails to implement multi-factor authentication. We have known that multi-factor authentication was necessary for decades.
* IT fails to audit itself or transparently track the use of IT resources, including authentication.
None of this is magic. We have known that this is required of IT security since the mainframe days. Defense in depth with different security layers is not just a good idea. It is central to all effective defense planning for thousands of years. However, instead of doing good IT security, we attempted to push the burden and failings of IT onto the users via complex password rules.
Of course, there should be some password rules. They should look more like:
* You must use some form of password management. It should be secure. It could be a piece of paper that you keep in your wallet. I personally use KeePass.
* You must use different passwords for every different trust situation.
* You must have an effective strategy for generating non-guessable passwords. I personally use KeePass's random password generation or the "shocking nonsense" approach to generating password phrases.
* You must change your password when you have a reason to suspect that they might have been compromised. The recent Cloudbleed issue is a good reason to change many of your passwords. Fortunately, if you have a good password manager, it just takes a couple minutes to change them all.
* You should change your passwords when there has been a significant change the in trust relationship with the remote party. This can include non-obvious things like when they go public, or when they outsource (or in-source) their IT. A good hint is when they start offering multi-factor or Single Sign On. This means that they have reviewed and updated their entire authentication system. You should change passwords to take immediate advantage of the improved system.
When I worked IT Security for a University, we took extra effort to thank anybody who reported a security issue. Here are some examples:
* We had an alert clerk notice that "something was off" when 3 people tried to sweet talk their way into a storage area. She flirted with them, while her co-worker called campus security. The cops had the penetration team spread and handcuffed before they could present their "Get Out Of Jail" documentation. Even then, they kept them handcuffed, until the cops called and verified the documentation. It was the first time that the penetration team had EVER had to use their documentation. I personally called and thanked everybody. I also arranged for the clerk to get a 2 pound box of the local Blue Bird Chocolates: http://bluebirdcandy.com/
* Later, we found that prompt, public thanks worked as well as ice cream. We would promptly analyse every report, and then send out 2 sets of emails. The first would be the thank-you to the reporter. It included: Personalized thanks; A description of the scam; A report of how many others at USU were warned, thanks to their alertness. The second set of email would go out to everybody who had received a copy of the phishing scam. It included: A notification that the prior message was a fraud; Instructions for how to recover, if they had fallen for the fraud; A report of how many others also received the phish; A public acknowledgement of the alert reporter.
* This spring, we had a "Phishing Tournament" with various awards for reporting fraudulent emails. The grand prize was a tackle box full of goodies.
The small amount we spend on thanks was more than repaid by the savings created by a community of alert, careful internet skeptics.
Last night, my computer and Slashdot combined to throw away a 4 hour description on how to maintain anonymity when under omnipresent surveillance. That was frustrating. But, after a night's sleep and some reflection, I think it was for the best. The required skills and commitment are almost superhuman. Today, US citizens can expect little privacy in their purchases, travel, interpersonal communication or internet activity. We need better answers that will help everybody. If we train ourselves to defeat the current generation of surveillance and discovery, we will be faced with even more intrusive measures. We need to change the game in fundamental ways.
The initial problem seems to be that we don't trust each other or government. The cause of that distrust seems to be that we all keep secrets from each other. But, when you look at the cause of the secrets, you find that we have created incentives for secrecy and distrust. In our current laws and culture we benefit from keeping secrets from each other and from the government. Our government benefits from keeping secrets from us. We all have created an economy of discovering and exploiting each other's secrets. Thus, we have created incentives that motivate secrecy, deceit, surveillance, and betrayal. This is not a good way to live.
It seems like we aren't valuing privacy enough. But, I think it is just the opposite. We value privacy enough spend resources to penetrate, subvert, and deny it. The answer isn't to increase the value of anonymity. That will just increase the incentive to destroy privacy. We somehow need to regain privacy and anonymity by devaluing the secrets. We also need to increase the value of trust, while we increase the cost of betrayed trust.
I can see how to accomplish this at the local level. If I am more open, honest and involved with my friends, family and community, then we increase in trust towards each other and know each other's secrets. At that point, our secrets have no value and there is everything to lose and nothing to gain from surveillance, deceit, or betrayal.
I've got no idea how the fix my broken relationship with the highest levels of government.
Local government is small and well behaved. I know them and they know me. We have no meaningful secrets. We have years of mutual support and trust.
I have no problem with telling my next door neighbor, the-city-councilman all the details of my life. We have lived next to each other for almost 4 decades. We have raised each other's children. I know several good policemen and women. I know a good FBI agent. But, somewhere at the top, it all goes sour.
The Feds seem to get great benefit from lying to me, and betraying my trust. I don't know how to make it stop. The CPI (Consumer Price Index) is a bad, blatant lie. I can't imagine why they feel they need to lie about things that are intimate knowledge to every American. It's embarrassing. And the lie damages almost every American. The published employment rates don't pass any kind of simple fact checking. We all nodded along for decades while the Feds inflated the dangers of marijuana. And, now that it is all revealed as an colossal fabrication, they refuse to admit error or correct the damage. All for no obvious reason. The Feds can't admit mistake. The Feds can't correct mistake. And, it appears that they can't tell fact from wild delusion. With that history, I can't stand the idea of giving them more power over me.
And the Feds keep trying to pass their bad habits to my state and local governments.
Slashdot Mirror
This is not a technical issue.
For the last 232 years, the supreme law of the land in the United States is the US Constitution. All government powers, whether Executive, Legislative, or Judicial, are subordinate to the limits defined in the Constitution.
Claiming that the US Legal system must have unfettered access to all information is the same as saying that the US Legal system must not be fettered or subject to the US Constitution. That leads me to 3 important questions:
The US has been attacking multiple countries via the Internet for years. We did it first. We did it best. Yay US. Years ago, our doctrine was that Internet attack was a favorable option, because it had less unfortunate consequences than physical attack. But now, Internet can be much more devastating that physical attack. And the US has the most to lose in Internet attack.
The US economy is totally dependent on the Internet. Internet attack can cripple or destroy us. We can no longer afford to legitimize Internet attack. The past aggressive internet attacks by the US, China and Russia have legitimized Internet attack for all the remaining governments. EVERYBODY who has anything valuable, now gets a chance to receive targetted, remote attack by several governments, PLUS targetted attack by the many organized crime groups.
The US must formally cease undeclared war via the Internet. We must work with all other governments to ensure that we ALL stop waging undeclared war via the Internet.
We use the words: cyberweapon, cyberwar, and cyberattack and think that we know the consequences of conflict. But our prior experience with conflict deceive us. Our instincts are wrong. Our sports metaphors delude us. We undervalue defense. We greatly overvalue attack. At the core, we still believe that Internet warfare is win-able. We believe that victory will go to the righteous aggressor. We believe that attack is sexy and desirable.
The reality is, Internet attack is like poisoning all sources of water, and hoping that your enemy dies first. There is no "Win" in "CyberWar". We all have to defend the same stuff. None of us have functional defenses. Every successful attack weakens us all.
It is easy to capture, analyze and reproduce somebody else's attack. If somebody drops a bomb on you, it is hard to reassemble all the bits, unburn the chemicals, and reuse it. But, if a government deploys an Internet attack, it is easy to copy the attack and repurpose it. When the US deploys an Internet attack, we give our enemies the motive, means, and opportunity to destroy us.
The Pentagon is trying to CyberAttack our way to a more secure future. But Security comes from Defense, not attack.
Thousands of years of human experience have shown that destruction is easier than creation. One man can quickly destroy something that takes a community months to create. It may be that "To every thing there is a season; and a time for every purpose under heaven." But, if you don't spend more time on creation than destruction, you end up a lonely, starving scavenger. Any stable, prosperous society must provide more rewards for creation then destruction.
Modern economies of manufacture and transportation have made many things better, but this is not one of them. In almost every way, the modern economy favors attack:
The Internet has made many things better, but this is not one of them. In almost every way, the Internet favors attack over defense:
The transition to digital has made many things better, but, again, this is not one of them. In almost every way, being able to make effortless, accurate copies favors attack:
The reality is, Internet attack is like poisoning a common watershed, and hoping that your enemy dies first. There is no "Win" in "CyberWar". We all have to defend the same stuff. Every successful attack weakens us all.
We have a fairly clear understanding of how to increase security through defense. Almost every Internet Security expert agrees on the general shape of the necessary changes. But, the changes are HARD and EXPENSIVE. So, we keep hauling out the "Security Through Destruction" fantasy. If we were really serious about improving Defense, we would make changes like:
We already have limits on how US government can use personal information. The Carpenter Vs US lawsuit will continue to define those limits. We created these protections because we realized that government can use personal information to predict, manipulate, and control us. The combination of powerful government and enabling personal information is a threat to self-determination and rule by consent of the governed.
We have seen many recent examples where powerful modern entities used technology and personal information to predict, manipulate, and control us. FaceBook can predict, control and manipulate us. So can Google, Amazon, Political Action Committees, The Russian Government, advertising agencies, and so on. We need to take further action to protect our unalienable right of self determination. If we fail to act, our society and government continue to transform into "Rule by Manufactured Consent of the Manipulated".
Manipulation is a threat to ourselves and our society. Manipulation advances the goals of the manipulator. Manipulation has no fundamental respect for reality. Past manipulation divorced the victims from reality. Manipulation weakens both individuals and society. Present day manipulation must not be assumed to be legitimate, just because it is cheaper, more effective, more powerful, or wielded by new entities.
Once personal information is collected, it is almost impossible to destroy. It will be monetized. It will leak. It will spread. The cell-phone companies will sell or breech. An Intelligence agency will seize and leak. A well-meaning judge will issue a General Warrant.
For NOW, when you need privacy, you must DITCH THE PHONE.
One path forward is to realize that any personal information that is effective at predicting, controlling or manipulating us IS our identity. As long as this information is effective, and valuable, it is a part of us. We must establish that owning your own personal information is an unalienable right. The right of owning your personal information can not be stolen, seized, legislated or contracted away.
Attempts to legislatively say: "Thou Shalt NOT" will probably be ineffective when the underlying economy strongly favors collecting, storing, and using private information.
The most effective legal protections against invasive data collection are to change the economy of personal information. This sounds harsh and invasive, but it may be the only workable protection from widespread privacy threats and manipulation.
For example, we can increase the expense of collecting, storing and exchanging personal data by:
Then we must work to harden our society against the manipulative effects of collected personal data. This is a continual challenge. Things we might consider include:
Ultimately, dealing with the problem of privacy abuse and invasive data collection will take much more than a legislative "Thou Shalt Not".
I believe that the FBI is attempting to distract us from the critical, core issues of this debate. In arguing the technical details of accessing cell phones, they distract from the critical speech issues. They REALLY don't want us to ask:
The US government has managed to bypass the 1st, 4th and 5th amendments by creating and extending the 3rd party doctrine. This doctrine roughly states that once information passes out of an individual's direct control, he can no longer exercise any control over it. This gives the government easy access to huge amounts of shared information.
The "Responsible Encryption" debate is a new legal theory to destroy speech and freedom. It is a "No Party Doctrine". That is, No Party, except the government, is allowed to control information. The No Party Doctrine says that information is so important to the government, that nobody except the government should be allowed to control it. There is no information so sensitive, private or protected that it should escape government control. Since information is so important, individuals must not be allowed to control it through their speech, actions, tools, or situations.
The FBI is cheerfully stating that the creators of the constitution would have allowed complete government control if only they had realized that information was important to a criminal investigation.
We should denounce the "Responsible Encryption" proposals as a straightforward attack on our freedom of thought, speech and association.
Instead, we should act to limit the 3rd party doctrine and restore our rights of speech and association.
Out personal information is widely available to multiple groups. The government has easy access to an almost endless amount of information about us. There is:
The 3rd party doctrine roughly states that we can only assert a privacy right over information we directly control. If the information is shared with a 3rd party, they we don't control it, and we can't assert a privacy right over it. As the 3rd party doctrine has expanded, we have lost privacy over any shared information.
Now, law enforcement wishes to move beyond the limits of the 3rd party doctrine. They advance the legal theory that we should not be allowed to control our own information/privacy AT ALL. They believe that the desires of law enforcement should always outvote an individual's desire for freedom, privacy or liberty. That we should never be allowed to be secret, private or alone.
The proposals for "Responsible Encryption" are a simple end-run around the 1st, 4th and 5th amendments to the US constitution. Instead of debating this crap, we should be demanding stronger privacy protections. We need to restrict the 3rd party doctrine. We need to penalize any lawyer or judge who participates in granting "General" warrants. We need to restrain the Intelligence community from conducting mass surveillance on the US public.
The government knows every important detail of the Sutherland Springs shooter's life. There is no question of what he did, where he went, how he did it. This case is completely irrelevant to their demand to discard the constitution and remake the world into a police state.
The proposal to ban laptops from the cabins of planes appears to be attempting to take advantage of the following logical fallacies and cognitive biases:
Remember that time they said they needed porno scanners? It turned out that the porno scanners didn't work. https://radsec.org/secure1000-... And, DHS upper management (Chertoff http://www.motherjones.com/moj... ) got rich off the sale of the porno scanners. This shows that we should not blindly accept TSA/DHS proposals.
The TSA success rate at finding known weapons and explosives is 5%. IE, they only find 1 out of 20: https://www.theguardian.com/co... This means that the laptop change will not actually make a difference to the real risk.
If they are worried that a well funded group will make explosives that look like a laptop, why would they only do laptops? Why wouldn't an attacker make explosives that look like a suitcase? A CPAP? A baby stroller? Why can't an attacker disguise explosives as a big enough item that it doesn't make any difference where it is on a plane? If they can't find an explosive shaped like a laptop, they are not going to find an explosive shaped like other things. Are they going to ban all carry-ons and checked items?
On the face, It seems looke like they have decided to increase their security theater.
While we wait for the TSA's analysis, lets review a few facts. Here are some reference pages on various types of death in the US:
So, your chance of dying of various things in the US is:
There hasn't been a big increase in deaths by terrorism. Or laptop. Why aren't we banning laptops in order to protect people from lightning? It would make just as much sense.
It looks like you could show a decrease in deaths by
What I actually need to analyze is the cost of outfitting all the swat teams with assault rutabagas (swedes to you Brits.)
Here are some reference pages on various types of death in the US:
So, your chance of dying of various things in the US is:
The TSA failure to find weapons and explosives rate is 95%. IE, they only find 1 out of 20: https://www.theguardian.com/co...
It looks like you could show a decrease in deaths by shutting down the TSA and spending the money on all kinds of other things. For example, you would probably save thousands of people every year, if you took the TSA's budget and used that money to give a daily carrot to everybody in America.
Of course, the future of the KID (Karrot Issuance Daily) agency is not all shiny orange. The yearly number of carroticides might even exceed the number of US people killed by terrorists. But, even factoring in the increase of death by carrot, there still would be tremendous net positive benefit.
I know this isn't a popular opinion around here, but hear me out.
Your reasoning has been official US policy, because it seems sound. But the last few years of Internet warfare has revealed some problems with favoring offense over defense:
Perhaps the greatest problem with the offensive mindset is that it teaches us almost nothing about how to defend. We know we need to deploy better software, but we don't know:
".. presently no way to disable or limit the Management Engine in general.
Now this is the feature that screams of interference by a spy agency. If this feature was for Management, then YOU COULD MANAGE IT!
It would be turned off by default. You could turn it off. You could permanently disable it. I have been asking for these capabilities for years. I know I am not the only one. When I talk to other security folks and IT admins, the majority of them want to be able to manage and control the possibility of remote management.
all can ultimately be transformed into Something You (or a computer) Knows. Therefore, almost every multi-factor authentication system depends on several things that an attacker can discover, and mimic.
The security industry has found that biometerics have a major down side, in that they can't be changed. Once they are discovered by attackers, they are permanently discovered.
For example, the major compromise of the US Office of Personnel Management by the Chinese in 2015 disclosed 5.6 million recorded fingerprints. This included everybody who had a security clearance, and all covert agents in Intelligence and law enforcement. Since biometerics can't be changed, it will take decades before this compromise stops causing harm to the US government. US Covert agents can be identified. Any attempt to use fingerprint biometerics for these people can now be more easily attacked: https://en.wikipedia.org/wiki/...
Every government has aggressively begun to collect biometeric information from every possible source. Shortly afterwards, almost every government database of collected biometerics has been successfully compromised. Biometric information is collated by insurance, law and intelligence agencies. It is sold and resold on the various criminal marketplaces.
Part of this flourishing criminal marketplace in biometeric information includes permanent, unchangeable health and medical information: https://hipaahealthlaw.foxroth...
Also, US courts have ruled that biometeric info has almost no legal protections against collection, resale or forced disclosure.
Therefore, some security professionals now believe that well funded attackers can overcome the biometeric parts of an authentication system with less expense than overcoming a password.
The best I could say was: "If he is being monitored by a government, they didn't really care what he was doing." Nobody seemed reassured..
This, by the way, was a mistake to say. If someone cared enough to break the law to monitor him, then that person was probably a serious threat to him.
I realized my mistake later. I was babbling on and on about types of RAT (Remote Access Tools) and the rise of the surveillance state. Eventually I stuttered to a stop when I saw the intense look of horror and betrayal on the kids face. You could not have hurt him more by stabbing him in the back with a knife. No amount of glib "Et tu Brute?" was going to make it better. His world had just become a dark, treacherous place. Somebody that he trusted, did not trust him. And, by placing the tracker on him in secret, they demonstrated that they were not worthy of trust.
I still have no idea what I could have said to restore the possibility of love and trust to that kid.
For one of our displays, we displayed the traffic of a wireless network using a network visualization tool: https://www.youtube.com/watch?... When the kids connected to the wifi, they could see their traffic. They loved doing different things and seeing what happened.
Somebody had surreptitiously placed a surveillance tracker on a kid's phone. Every thing he did caused a burst of traffic to a remote IP. When he scrolled a screen there was a burst of traffic to that IP, When he typed a character there was a burst of traffic to that IP.. He was absolutely heartbroken when he realized what was going on. His wonderful toy instantly became a treacherous enemy. His friends all took a step back and stared at him like he had become contagious.
I didn't know how to make it better. The best I could say was: "If he is being monitored by a government, they didn't really care what he was doing." Nobody seemed reassured..
I don't believe that Big IT serves my needs or interests. It cripples my abilities. It limits my choices. It creates powerful political pressures that wish to enslave me.
I don't need or want Big IT or any other powerful corporation. I would be better off without Apple, Microsoft, Cisco, and Oracle.
This is probably the single biggest change that an ISP could make to help people increase their commitment to effective security.
On the other hand, there is an enormous amount of effective action that could be taken by the Australian government. It includes:
If the internet suffers an extended outage, there would be massive numbers of deaths. During the first few days, there would be thousands of deaths. During the first few weeks there would be millions of deaths. During the first few months, there would be billions of deaths.
So... two-three months without the Internet and billions will die. The hyperbole is strong in this one. ---SNIP--- I think we'd lose the modern tech that requires a civilization-level effort like computers and such, but I think Amish-level societies would be reasonably self-sufficient enough to survive.
So, to summarize, we agree that if we lose the internet, we are screwed. You feel that we can somehow return to 18th century farming practices and still sustain current population levels.
I pray that we will avoid this situation. The only thing that might take down the internet is a sustained, determined effort by a large group of crazy people. Unfortunately, it sounds like Congressman Sensenbrenner might be an example of such a group.
I don't think it is hyperbole to say the billions will die in an extended (months long) internet outage. Here are a few more depressing facts:
So, to summarize, if we lose the internet, first the money disappears, then the food disappears, then the people disappear.
Our society requires rapid, successful transportation and communication. We have almost completely transitioned to a Just In Time (JIT) economy. See: https://en.wikipedia.org/wiki/...
Thanks to JIT optimization, there are no large stores of immediately useful resources and goods in the US. All elements of our society depend on tight, reliable links between supply and demand. The stores only have a few days supplies. The stores rely on timely orders and deliveries to maintain stock and reduce overhead. The suppliers of stores only have a few days of supplies. They rely on receiving accurate and timely orders to know where to deliver. Those suppliers then must place timely and accurate orders to keep the next link in the chain moving. This continues all the way to the harvesting and transportation of raw materials. Every step is optimized to reduce overhead and unnecessary stock. Any supplier that fails to optimize is replaced by a more efficient supplier that has optimized. Every step is dependent on quick, accurate communication and transport. When this breaks down, people die.
For example, most of the deaths during the Hurricane Katrina debacle were not caused by the initial flooding. They were caused by the breakdown in transportation and communication.
ALL aspects of the US transportation and communication grids are dependent on the continued functionality of the internet. The phone systems are now interlinked with the internet. The management of the highways and the supermarkets all depend on the internet. The internet supports all orders and deliveries in the US. Without the internet, there is no food in the stores or gas in the gas stations. If the internet goes, the electrical grid quickly follows.
If the internet suffers an extended outage, there would be massive numbers of deaths. During the first few days, there would be thousands of deaths. During the first few weeks there would be millions of deaths. During the first few months, there would be billions of deaths.
On the other hand, the internet is built and maintained by hordes of capable people. We can overcome almost any obstacle. Once the dying starts, we will come up with answers. They will not be pretty, but they should be functional. Hopefully, one of the first acts will be the elimination of anybody who claims that the internet is unnecessary.
There is a huge gap between crypto theory (https://www.cs.princeton.edu/~felten/encryption_primer.pdf) and expressed and implemented crypto reality. This gap provides many opportunities for anybody who wishes to favor attack over defense.
Traffic Analysis/meta data collection provides cheap, effective attack against virtually all current communication channels. Once you know who, when, where, how, and approximately what they are saying, you usually don't need to break their crypto.
The easiest way to weaken crypto implementation is to simply withdraw support for updates and improvements. Good crypto is hard. Defense is expensive. Without constant support, defenses fail. If you wish to weaken crypto defenses, it is usually sufficient to withhold support for good standards and good processes, and fail to eliminate mistakes.
The next most cost effective ways to weaken crypto implementation is to focus on degrading or hindering:
Good crypto implementations are almost indistinguishable from bad crypto implementations. The market will cheerfully purchase poor crypto if it is available, cheap, and the consequences are not immediate.
If an attacker ever needs to access info that is protected by a robust crypto implementation, it is usually faster and cheaper to subvert it's surrounding environment, people, hardware or software.
Reform of the Intelligence agencies should begin by greatly reducing their budget. Currently, they are huge, bloated, unmanageable monsters. They twist government to their whim. They distort the civilian economy. They cause massive incidental damage. A slim, tightly focused agency can be more carefully controlled and managed. A small, efficient CIA or NSA would achieve almost all of OUR important goals with a tiny fraction of the collateral damage.
None of this is magic. We have known that this is required of IT security since the mainframe days. Defense in depth with different security layers is not just a good idea. It is central to all effective defense planning for thousands of years. However, instead of doing good IT security, we attempted to push the burden and failings of IT onto the users via complex password rules.
Of course, there should be some password rules. They should look more like:
The small amount we spend on thanks was more than repaid by the savings created by a community of alert, careful internet skeptics.
Last night, my computer and Slashdot combined to throw away a 4 hour description on how to maintain anonymity when under omnipresent surveillance. That was frustrating. But, after a night's sleep and some reflection, I think it was for the best. The required skills and commitment are almost superhuman. Today, US citizens can expect little privacy in their purchases, travel, interpersonal communication or internet activity. We need better answers that will help everybody. If we train ourselves to defeat the current generation of surveillance and discovery, we will be faced with even more intrusive measures. We need to change the game in fundamental ways.
The initial problem seems to be that we don't trust each other or government. The cause of that distrust seems to be that we all keep secrets from each other. But, when you look at the cause of the secrets, you find that we have created incentives for secrecy and distrust. In our current laws and culture we benefit from keeping secrets from each other and from the government. Our government benefits from keeping secrets from us. We all have created an economy of discovering and exploiting each other's secrets. Thus, we have created incentives that motivate secrecy, deceit, surveillance, and betrayal. This is not a good way to live.
It seems like we aren't valuing privacy enough. But, I think it is just the opposite. We value privacy enough spend resources to penetrate, subvert, and deny it. The answer isn't to increase the value of anonymity. That will just increase the incentive to destroy privacy. We somehow need to regain privacy and anonymity by devaluing the secrets. We also need to increase the value of trust, while we increase the cost of betrayed trust.
I can see how to accomplish this at the local level. If I am more open, honest and involved with my friends, family and community, then we increase in trust towards each other and know each other's secrets. At that point, our secrets have no value and there is everything to lose and nothing to gain from surveillance, deceit, or betrayal.
I've got no idea how the fix my broken relationship with the highest levels of government.
Local government is small and well behaved. I know them and they know me. We have no meaningful secrets. We have years of mutual support and trust.
I have no problem with telling my next door neighbor, the-city-councilman all the details of my life. We have lived next to each other for almost 4 decades. We have raised each other's children. I know several good policemen and women. I know a good FBI agent. But, somewhere at the top, it all goes sour.
The Feds seem to get great benefit from lying to me, and betraying my trust. I don't know how to make it stop. The CPI (Consumer Price Index) is a bad, blatant lie. I can't imagine why they feel they need to lie about things that are intimate knowledge to every American. It's embarrassing. And the lie damages almost every American. The published employment rates don't pass any kind of simple fact checking. We all nodded along for decades while the Feds inflated the dangers of marijuana. And, now that it is all revealed as an colossal fabrication, they refuse to admit error or correct the damage. All for no obvious reason. The Feds can't admit mistake. The Feds can't correct mistake. And, it appears that they can't tell fact from wild delusion. With that history, I can't stand the idea of giving them more power over me.
And the Feds keep trying to pass their bad habits to my state and local governments.