Note - I give anyone and everyone my express permission to mirror or otherwise repost this article, anywhere in the world and for all time.
Dedication - To two wonderful friends I have abroad, each of whom has helped me greatly in his and her own way. My best wishes to both of you -- and keep safe!
IntroductionBack in the 1950's, the Egyptian
(
Read more... )
Comments 28
Reply
I completely agree with you. Not only that, but to the extent that any foreign government cooperates with such an American information-collection, absent a clear mutual interest (such as putting-down international terrorism), that government would be betraying its own people.
This is the ultimate reason why this mad spy scheme is unlikely to do much good for the United States of America, even if by some miracle we avoid all the threats I mention. While the US government can mandate TPM compliance by American agencies, citizens and corporations, it can neither mandate nor enforce such cooperation by the agencies, citizens and corporations of other countries.
Given that the US government cannot do that, TPM-based espionage will only work to the extent that other countries are willing to use TPM-compliant hardware and software, or at least permit it to be used by personnel and companies in sensitive ( ... )
Reply
Reply
Then individuals will leave and start-up new companies overseas. Short of refusing to let the actual businessmen and programmers leave the country, there's no way to force them to work in America. And prohibiting them to leave would probably trigger a panicked flight of the better programmers -- who, because of what they know how to do are impossible to hold.
Reply
http://www.pcworld.com/article/2058000/lavabit-encryption-key-ruling-threatens-internet-privacy-eff-argues.html
Reply
The main strategy for keeping any secret is simple: don't tell it to anyone who will tell other people. This means: tell it to as few people as possible (those who uncover it and the ultimate consumers of the intelligence) and make sure that you don't hire anyone to work with it who seems as if they will be opposed to what one's agency is doing.The Obama Administration assumes itself to be inherently noble and morally-annointed to accomplish its ends, so it has very great difficulty understanding that anyone might honestly disagree with its objectives. What's more, it self-identifies as being of the Left and sees neither flaw nor contradiction in the Left, so it tends to hire and promote Leftists to sensitive positions (to ensure political support for itself in a crisis) ( ... )
Reply
Reply
Reply
Reply
Reply
Reply
http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
The Cambridge cryptographer Ross Anderson has great concerns that "TC can support remote censorship [...] In general, digital objects created using TC systems remain under the control of their creators, rather than under the control of the person who owns the machine on which they happen to be stored (as at present) [...] So someone who writes a paper that a court decides is defamatory can be compelled to censor it - and the software company that wrote the word processor could be ordered to do the deletion if she refuses. Given such possibilities, we can expect TC to be used to suppress everything from pornography to writings that criticize political leaders."[8] He goes on to state that ( ... )
Reply
TPM is not remotely new. It's the latest round of "trusted computing" and it's been around for well over 10 years. Here's a very critical article from 2003, and you'll note that most of Ross Anderson's fears remain hypothetical (as do most of the deployments of TPM proposed in that article.)
Bruce Schneier, whose name I assume you are familiar with (and if you're not, you really haven't done much reading in this area you are wading into), has written about TPM for years. Trusted Computing Best Practices (2005), Microsoft's BitLocker (2006), TPM to End Piracy (2008). (The last link has links to even earlier articles ( ... )
Reply
Reply
Actually, half the key is centrally-created and then spawned through random variation. The other half is your personal password. The thing is that if you crack the logic of the TPM chip itself -- any TPM chip -- you have a huge leg up on cracking any TPM password, because you can "deduce" (actually calculate using your own encryption equipment) the fundamental logic by which the firmware part of the key is generated. If you actually have the manufacturing records, you would have all the firmware keys and would then only need the private component to the passwords ( ... )
Reply
This hasn't BEEN reported in the MSM, and I know for sure that it is being censored on a lot of the Internet (particularly those parts run by companies with investments in TPM) as well. (If certain people would like to publicize their relevant experiences here, I'd appreciate it, but I won't talk about it myself).
And no, I mostly like, respect and admire the NSA. It's just that this technology offers such potential for abuse that I wouldn't feel safe unless the Lensman of E. E. "Doc" Smith's Galactic Patrol were running it.
There are many, many watchers watching the watchmen.Right now, the ultimate "watcher" (the President of the United States of America) is demonstrably an arrogant and corrupt man who acts out of a deep disrespect for the US Constitution. But since one cannot guarantee that any particlar President will be competent or lawful (though admittedly, ( ... )
Reply
Leave a comment