[messaging] Value of deniability
Natanael
natanael.l at gmail.com
Thu Dec 11 12:04:03 PST 2014
Den 11 dec 2014 20:45 skrev "Sam Lanning" <sam at samlanning.com>:
>
>
> On 11/12/14 19:24, Natanael wrote:
> > On Thu, Dec 11, 2014 at 7:51 PM, Eleanor Saitta <ella at dymaxion.org>
wrote:
> >> Hash: SHA256
> >>
> >> This is a joke, right? You don't actually believe that cryptographic
> >> hashes influence any of these social outcomes, do you?
> >
> > The only response I can give to your aggressive tone is that you're
> > free to develop and promote your own tools which abandon every form of
> > security not yet proven in court to work effectively in the vast
> > majority of cases. Unfortunately for you I'll be telling people to
> > stay away from them.
> >
>
> Ok, I don't know about anyone else, but I certainly feel that there has
> been enough aggression flying in BOTH directions in this thread.
>
> Lets try and remember that we are all part of this mailing list because
> we're trying to work towards certain goals. We are NOT each other's
> enemy. We all want a better world with better security, and we are all
> trying to bring this to the general public.
>
> I get that we all have very strong opinions. But shouting at each other,
> and not completely reading and addressing the full responses people are
> putting into this thread will not get us anywhere... it will result in
> endless back and forth...
>
> Please take the time to take a deep breath before each response, and
> carefully consider what everyone is saying, not just the people that
> agree with you.
My main point is that the subset is all possible attacks which is currently
happening (vs those who aren't) isn't primarily differentiated by either
success rate, profitability, complexity, or anything else like that.
The main difference is that one set was among the first ones attempted, and
because they succeeded they kept going.
Defending only against the attacks currently happening is like patching
only the hole in your castle that the attacking army's soldiers is
currently getting in through, choosing to ignore all the others.
It is why USA's response to terrorism has been described as reactive
security theatre - they only try to stop the past from repeating itself.
They have no vision for how to make the future MORE secure. They only force
the attackers to change tactics frequently, nothing more.
That's not success.
When all the attacks currently attempted is stopped, they won't give up.
They aren't one-trick ponies. They'll look for the next attack, one that
hasn't been tried before only because nobody needed to. Anything that's
profitable, anything that can cause more damage than it costs to attempt.
We need to identify all plausible attacks, and that kind of rejection of
entirely plausible attacks is unfounded.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20141211/413f8e4b/attachment.html>
More information about the Messaging
mailing list