On Sat, 2015-02-28 at 18:45 +0100, Johan Wevers wrote: > OK, not cryptographically. They could always try to bribe/threat/torture > someone to cooperate. But that model fails if you want to perform > unnoticed mass surveillance.
Admittedly, when it comes to "unnoticed mass surveillance" anonymous
cryptography (like TextSecure does for most users, since they aren't
pushed to validate - and even if, one cannot mark who was validated and
who not)... *might* help somewhat against unnoticed mass surveillance,
that is when something like DH is used.
But this assumption is largely based on two things:
- That's resource-wise too costly for them to MitM everyone
=> and given what we've learned from Snowden (and what "paranoid"
people already assumed/knew before)... I really doubt that this
would be any bigger problem for them.
Apparently they sit at all the bigger internet exchanges,
transatlantic cables, etc. and all the big US players (FB, Google,
and Tier-1 content providers are anyway forced to cooperate with
them)
- That people actually eventually check their keys, so that they'd find
out whether their anonymous DH was attacked by some MitM.
This might be done by some "more advanced" people who even know about
what a fingerprint is, and when their client actually exports it to
them (which may not be the case when you do something like whotsapp™
or any other system used by the masses, which just promises you to be
"secure".
Cheers,
Chris.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
