Posted in Apple, CIA, Encryption, FBI, NSA, Personal

Apple vs FBI: The unspoken Truth on Encryption

While one can admire Apple for ‘defending’ it’s customers privacy, while also benefiting with the positive advertising. It is probably a moot, and hollow victory as the NSA and the CIA have already broken Apple security.

Not that it shouldn’t be of high importance, the resources required to do the cracking of any particular extraction of an encrypted message sent with a iPhone would most likely exceed the budget of a small country. Which is exactly the point of encryption, making it hard, and expensive to decrypt. Imagine the joviality at the NSA/CIA after the hours of decryption, that the ‘Important’ message turns out to be a high priority, top secret Cookie Recipe from you mothers cookbook.

And thereby is the unspoken truth of encryption the first one is this: you must either decrypt everything, to find what is being said, because if you can only choose strategic messages, choosing the right ones are tantamount.

During WWII monitoring enemy communication was aided by observing the frequency of communication traffic, when frequency increased, something important was being communicated. Modern military communications is continuous and unbroken, transmitting meaningless message traffic, and therefore not highlighting any particular message in the traffic stream that would be required to be decrypted. This would now be a requirement to decrypt everything, in the military traffic stream.

The second Truth is this; The assumption that you can decrypt all the messages is the hight of arrogance and ignorance. Anyone, yes anyone can create an encryption that will be impossible for a machine of any sort to decrypt, and many of these can be hidden to the point that even a human expert directly observing the message can not decipher.

Imagine hiding messages in the continuous email stream called Spam, which now constitutes more that 80% of all email traffic?

Thoughts like this keep the NSA/CIA/FBI up nights, and no matter what Bull Shit they might tell you about the need to have back doors and encryption keys it will NEVER catch all the potential secret messages that terrorists might choose to pass to each other.

Because the simplest of truths: It isn’t possible.

UPDATE: and now the E.U. politicians are talking about it. European Officials To Discuss Anti-Encryption Measures.

Advertisements
Posted in Personal

Hiding in plain sight

In this age of ‘Big Data‘ the masters are the ones who hide in plain sight. If you generate billions of media bits that must be parsed by the powers that be, the devil really is in the details.

During a stint in a fraud unit I learned that the trick wasn’t to read all the monitored data, but to build patterns of ‘normal’ for everyone monitored. If the patterned changed then something had changed, and an investigator was assigned.

Another article I keep remembering is an interview with a ‘Ninja Assissan’ who was quoted as;

” I never sleep in the same bed two nights in a row (he had 5 bedrooms), and he never ate the same thing for breakfast (though he always ate what he wanted)

Hence the pattern he would generate would always be random, and therefore a consistent repeated event would be considered abnormal and a ‘red flag’ that something wasn’t normal.

So to hide, and maintain privacy would be to either overwhelm the bit watchers, or develop such a random lifestyle as to make normal pattern matching methods useless.

anyone want to be a Ninja Assissan?