I've read recently (was it on/.?) that in order for 4th amendment protections to apply, there has to be a reasonable expectation of privacy. When you send unencrypted bit streams over equipment that is owned by a third party, you have no reasonable expectation of privacy.
If you want to create a reasonable expectation of privacy, use a privacy envelope of some sort. E.g., PGP. Otherwise, the email you send has even less legal protection than snail mail. AS IT SHOULD BE.
As I see it, the issue here is not whether it's a choice to break the law or not (it's always a choice), but whether some laws are "bad laws," inappropriately restricting human freedom.
It (should) be obvious to everyone why laws define punishments for certain classes of action against other human beings, such as physical violence or theft of tangible property.
What is less obvious is whether a person can or should be able to assert ownership over intangibles. The U.S. Constitution (as well as the laws of many other nations) says they can, but it's not natural, or obvious in the same way that physical security is.
So, while I won't argue for one second about whether [some factor] "causes" [some behavior], I will assert that the discussion at hand is a result of precisely the the kind of "elite social engineers" taking away freedom that you appear to hold in such contempt.
"Unconditionally secure" assumes you have a perfectly random generator for your one-time pad. If I can find a way to predict the next number your RNG gave you, I may be able to defeat your one-time pad. Good random numbers are easy to obtain. There are any number of physical phenomena whose randomness is quantum in origin and therefore unpredictable. Just use one of them in a heavily-shielded room to ensure that none of your data leaks and you're golden.
The hard part of using OTPs isn't generating the pads, it's transmitting and storing them securely. QC addresses secure transmission (though you still have to take care to avoid MITM attacks). Ok, sure, but the point was more to do with the overly-strong claim: GP claims OTPs are unconditionally secure but that claim is not justified. OTPs are secure given good entropy sources and good protection for the keys themselves.
Would I have done better to moderate the overly-strong claim by identifying the key management difficulties?
<whine> And why is it that your post is on/. for like, all of 15 sec. and has a score of 2? (What is it that you are doing that I'm somehow failing?) Is bad karma self-perpetuating? </whine>
"Unconditionally secure" assumes you have a perfectly random generator for your one-time pad. If I can find a way to predict the next number your RNG gave you, I may be able to defeat your one-time pad.
Ok, so the FCC wants wiretapping to be possible. Here's a novel idea: Make the companies that write the software for VoIP be wiretap-compliant. Write a special wiretap program. Give it to the government. Or, write an interface and let the government access it with a warrant, whatever (please don't critique the privacy issues here, that's not my point).
Umm. What about the non-corporate programmers? You might have heard of a small website called SourceForge?
And if the government mandates that all VoIP software be wiretap compliant, you've got DeCSS all over again: so-called "illegal" software will not suddenly cease to exist, it'll simply go underground.
When cryptography is outlawed, only outlaws will have cryptography.
<soapbox political="true"> No, I'm not making a sarcastic comparison with the 2nd Amendment here. I'm deadly earnest. Cryptography and guns are both useful means for citizens to preserve their freedoms. </soapbox>
Slashdot Mirror
I've read recently (was it on /.?) that in order for 4th amendment protections to apply, there has to be a reasonable expectation of privacy.
When you send unencrypted bit streams over equipment that is owned by a third party, you have no reasonable expectation of privacy.
If you want to create a reasonable expectation of privacy, use a privacy envelope of some sort. E.g., PGP. Otherwise, the email you send has even less legal protection than snail mail. AS IT SHOULD BE.
MOD PARENT UP (informative)
You're absolutely correct, as far as you go.
As I see it, the issue here is not whether it's a choice to break the law or not (it's always a choice), but whether some laws are "bad laws," inappropriately restricting human freedom.
It (should) be obvious to everyone why laws define punishments for certain classes of action against other human beings, such as physical violence or theft of tangible property.
What is less obvious is whether a person can or should be able to assert ownership over intangibles. The U.S. Constitution (as well as the laws of many other nations) says they can, but it's not natural, or obvious in the same way that physical security is.
So, while I won't argue for one second about whether [some factor] "causes" [some behavior], I will assert that the discussion at hand is a result of precisely the the kind of "elite social engineers" taking away freedom that you appear to hold in such contempt.
The hard part of using OTPs isn't generating the pads, it's transmitting and storing them securely. QC addresses secure transmission (though you still have to take care to avoid MITM attacks). Ok, sure, but the point was more to do with the overly-strong claim: GP claims OTPs are unconditionally secure but that claim is not justified. OTPs are secure given good entropy sources and good protection for the keys themselves.
Would I have done better to moderate the overly-strong claim by identifying the key management difficulties?
<whine>
And why is it that your post is on
(What is it that you are doing that I'm somehow failing?)
Is bad karma self-perpetuating?
</whine>
"Unconditionally secure" assumes you have a perfectly random generator for your one-time pad. If I can find a way to predict the next number your RNG gave you, I may be able to defeat your one-time pad.
They both stink?
Umm. What about the non-corporate programmers? You might have heard of a small website called SourceForge?
And if the government mandates that all VoIP software be wiretap compliant, you've got DeCSS all over again: so-called "illegal" software will not suddenly cease to exist, it'll simply go underground.
When cryptography is outlawed, only outlaws will have cryptography.
<soapbox political="true">
No, I'm not making a sarcastic comparison with the 2nd Amendment here. I'm deadly earnest. Cryptography and guns are both useful means for citizens to preserve their freedoms.
</soapbox>