diff options
| author | Kévin Le Gouguec <kevin.legouguec@gmail.com> | 2020-11-25 19:40:47 +0100 |
|---|---|---|
| committer | Kévin Le Gouguec <kevin.legouguec@gmail.com> | 2020-11-25 19:40:47 +0100 |
| commit | bacf765b2e7b6089c41e6d91540c3574be26e79e (patch) | |
| tree | 6e8d51781514e8bf1cb0113840d813c73f85c81a /reviews/articles.md | |
| parent | e1a80a5596dddc9582969e0a95fa8c09882085a9 (diff) | |
| download | memory-leaks-bacf765b2e7b6089c41e6d91540c3574be26e79e.tar.xz | |
Regroup paper reviews
Diffstat (limited to 'reviews/articles.md')
| -rw-r--r-- | reviews/articles.md | 76 |
1 files changed, 0 insertions, 76 deletions
diff --git a/reviews/articles.md b/reviews/articles.md deleted file mode 100644 index 9ca4c90..0000000 --- a/reviews/articles.md +++ /dev/null @@ -1,76 +0,0 @@ -# Phillip Rogaway - The Moral Character of Cryptographic Work - -:::: tags -- Cryptography -- Society -:::: - -An appeal to cryptographers to ponder on the [Russell-Einstein -manifesto], consider the moral implications of their work, take a step -back from "crypto-for-crypto", and focus on "crypto-for-privacy" (or, -to name the threat more explicitly, "anti-surveillance research"). - -Harps on FBI Director James Comey's "law-enforcement framing": - -> 1. Privacy is *personal* good. It's about your desire to control -> personal information about you. -> 2. Security, on the other hand, is a *collective* good. It's about -> living in a safe and secure world. -> 3. Privacy and security are inherently in conflict. As you -> strengthen one, you weaken the other. We need to find the right -> *balance*. -> 4. Modern communications technology has destroyed the former -> balance. It's been a boon to privacy, and a blow to security. -> Encryption is especially threatening. Our laws just haven't kept -> up. -> 5. Because of this, *bad guys* may win. The bad guys are -> terrorists, murderers, child pornographers, drug traffickers, and -> money launderers. The technology that we good guys use - the bad -> guys use it too, to escape detection. -> 6. At this point, we run the risk of Going Dark. Warrants will be -> issued, but, due to encryption, they'll be meaningless. We're -> becoming a country of unopenable closets. Default encryption may -> make a good marketing pitch, but it's reckless design. It will -> lead us to a very dark place. - -This framing is dismissed as "inconsistent with the history of -intelligence gathering, and with the NSA's own mission statement", -without further explanation. - -I wish the author had spent some prose explaining how exactly this -framing is fallacious. There is a footnote providing some references, -but as far as I can tell these references mainly reinforce the point -that the NSA's surveillance methods are a threat to privacy; it is not -obvious how "the NSA overreaches" contradicts "it's harder to catch -bad guys once they get better crypto". - -For what it's worth, I found that [Aaron Brantly's -article](#aaron-brantly---banning-encryption-to-stop-terrorists-a-worse-than-futile-exercise) -does a better job at showing the shortsightedness of this line of -reasoning, as does this footnote: - -> When crypto is outlawed only outlaws will have crypto. - -[Russell-Einstein manifesto]: https://en.wikipedia.org/wiki/Russell%E2%80%93Einstein_Manifesto - -# Aaron Brantly - Banning Encryption to Stop Terrorists: A Worse than Futile Exercise - -:::: tags -- Cryptography -- Society -:::: - -The debate can be phrased as follows: - -> Is increasing security in one narrow area worth degrading it in -> every other? - -Answering "yes" overlooks two things: - -1. Weakening officially distributed encryption will not impact - terrorists, who will simply move to new, unregulated platforms. - -2. Once they have done that, we end up in a situation where lawful - citizens are stuck with insecure communication channels, and - terrorists are the only ones benefiting from state-of-the-art - confidentiality/integrity/authenticity. |