No doubt that today's revelations violate HIPPA and probably many other laws, yet there's no one looking to hold anyone accountable.All of this just further confirms my decisions to stay with as much open-source software for our office, maintain everything in-house, and work with internet providers and carriers who are a bit on the hippie/libertarian side of things. No, but it certainly makes it us a much more difficult target when not using the standard stuff.Also, has anyone looked into the CIA's quasi-private organization, In-Q-Tel?
• September 5, 2013 PM From the Guardian report: "It shows the agency worked covertly to get its own version of a draft security standard issued by the US National Institute of Standards and Technology approved for worldwide use in 2006." Which standard is that? • September 5, 2013 PM Someone owning the internet is inevitable.
• September 5, 2013 PM Please, whenever you have time/opportunity, tell us more about the 'why' of these comments: "Prefer symmetric cryptography over public-key cryptography. People should be happy that its the good guys and not the Russians or the Chinese.
• September 5, 2013 PM Bruce, You are writing about openness in your essays.
You are writing about monitoring government and NSA activities.
Anarchists who think that we can enter some sort of stateless utopia through radical transparency are delusional.
• September 5, 2013 PM I just read today's Snowden-based articles in the New York Times and the Guardian on NSA actions to SIGINT-enable target communications.
Anything to control the narrative and deflect attention from the vital issues. No, he wasn't going to make a stink about a "hacker" but he's going to do everything in his power to makes sure that what the hacker reveals is promptly buried. They really should have consulted with our host before destroying all the credibility of all U. • September 5, 2013 PM On the crypto bits in your guardian piece, I found especially interesting that you suggest classic discrete log crypto over ecc. Because other respectable cryptographers recommend the opposite: how does RSA play in this? How do you consider ecc with non-nsa-influenced curves? (I don't think DJB is secretly an NSA-spy) What I found especially troubling to hear about DSA is that it's unsafe as soon as you have a single signature made with a broken RNG.
Though I don't know what other dlp/ecdlp-based algos suffer from that.
Prefer conventional discrete-log-based systems over elliptic-curve systems; the latter have constants that the NSA influences when they can." Thank you...a luta continua!! • September 5, 2013 PM You know, we mathematicians go to ALL THIS WORK coming with all these FANTASTIC structures that are all theoretically UNBREAKABLE. Does everyone here really want Iran, China, Russia, Syria, etc to be able to do their business without the intelligence community being able to keep tabs on it?