[Discuss] KeePassX
Kent Borg
kentborg at borg.org
Wed Aug 14 07:46:12 EDT 2013
On 08/13/2013 05:04 PM, Jerry Feldman wrote:
> The real issue is determining who and what to monitor.
That is the key. For years the idea is that the NSA is selective and
decides what traffic to analyze, what messages to try to decrypt, what
targets to actively attack (with such things as a man-in-the-middle
attack). They can't attack everything, they have to choose. Much of
this discussion is based in this traditional world.
Except the recent news blows that out of the water.
They want *everything*.
That means that they don't have time to attack any real encryption, they
are going after plaintext--and trivial encodings of plaintext. Yes, they
still will do more traditional work, but all of that is removed from the
"everything" efforts. The costs are completely different, their
capacity to do real crypto work is quite finite. Their "everything"
efforts are infinite, but only as long as they are efficient.
I am arguing that every measure that makes their "everything" efforts
inefficient is a blow against this blanket surveillance.
-kb
More information about the Discuss
mailing list