On Sun, Sep 8, 2013 at 8:20 PM, Joel Rees <joel.r...@gmail.com> wrote:
> On Mon, Sep 9, 2013 at 3:27 AM, <lati...@vcn.bc.ca> wrote: > > Hello list. > > What do you think about it? > > > > https://www.schneier.com/blog/archives/2013/09/the_nsa_is_brea.html > > "Those that didn't know about it were gobsmacked." > > If any of that surprises you, you haven't been paying attention. > > If you even vaguely understand te math behind hashing and pki, you're amazed. That quote was talking about foreign intelligence analysts that were being read into the program (I didn't read Schneier, but from other articles with the same quote). I assume that was referring to people that know a thing or two about how this stuff works. I'd *love* to know w > But keep your nose clean. Don't be a target. > > And here I thought this was a technical list? Counselor, I keep having sexual thoughts about my mom, help? Rediculous. > Anything that must be private, keep it off the internet. > > So, you're recommending that all business stop? > Develop a good relationship with God, by whatever name you call That > Ultimate Entity, because that's going to be your only help in the end. > > Unless your God can calculate primes and do long devision faster than my God, I fail to see how either has any room in any discussion of this nature. As per some semi-sane thoughts on the issue, I think most of it is impressive. The database of private keys is totally awesome (ie, I wish I had it) - I want to make malware that Windows thinks is a keyboard driver, ok create a cert (burn the private one as they'll change it ASAP after) and plunder. This femtocell, VPN solution, iPhone sync, vehicle sync (or automation), etc has a pre-generated key and I want to control it - lets go. They mentioned that those keys were obtained sometimes by breaking into companies. I've got a minor issue with that as it makes our argument that China is being evil by hacking American businesses a bit less richus since we're obviously doing it. I've got *serious* issue with the NSA weakening crypto standards. This is like writing about the hand of God in a study about evolution - I don't care what you believe - don't tarnish scientific research with shit. And here, don't tarnish crypto research with shit - I don't care about your end goal - it shouldn't be worth getting in the way of science for.
