
Assange: How cryptography is a key weapon in the fight against empire states - 23david
http://www.guardiannews.com/commentisfree/2013/jul/09/cryptography-weapon-fight-empire-states-julian-assange
======
jakeogh
The biggest threat we face is our tendency to enslave ourselves in the name of
a perfect society.

"Our government has kept us in a perpetual state of fear — kept us in a
continuous stampede of patriotic fervor — with the cry of grave national
emergency. Always there has been some terrible evil at home or some monstrous
foreign power that was going to gobble us up if we did not blindly rally
behind it by furnishing the exorbitant funds demanded. Yet, in retrospect,
these disasters seem never to have happened, seem never to have been quite
real." -General Douglas MacArthur July 30th 1957

Eisenhower warned us.
[http://www.youtube.com/watch?v=8y06NSBBRtY](http://www.youtube.com/watch?v=8y06NSBBRtY)

~~~
D9u
Ike omitted the _Congressional_ portion of the equation. It's taken the
collusion of both mainstream political parties, in concert with the military-
industrial establishment, to bring us to the current juncture.

~~~
mtgx
It would be so incredibly helpful for America's democracy if it had a multi-
party system, where a new party could "easily" rise up to become the major one
after 2 or so elections.

Having a 2 party system (for decades or centuries at a time) only guarantees
that there will be a lot of things both parties will agree on, and there's
_nothing_ the citizens can do about it (other than massive protests, which
don't seem to be happening in America anymore, or if they do happen they get
mocked by the media, and then by the brainwashed masses who watch said media).

I think approval voting would change things dramatically, but even using the
voting systems of other countries (such as having 2 voting tours) would help a
lot:

[http://www.electology.org/approval-
voting](http://www.electology.org/approval-voting)

~~~
andyjohnson0
_" Having a 2 party system (for decades or centuries at a time) only
guarantees that there will be a lot of things both parties will agree on"_

Charlie Stross recently wrote about this in the content of UK politics:

[http://www.antipope.org/charlie/blog-static/2013/07/a-bad-
dr...](http://www.antipope.org/charlie/blog-static/2013/07/a-bad-dream.html)

~~~
mtgx
>Democracy is a rather crap form of government, with several failure modes (of
which the tendency to converge on an oligarchy is but one), but it has one
huge advantage over other forms of government: it provides a mechanism for
peacefully transferring power when a governing clique has outlived its
popularity

First, I'd like to point out that by "democracy" he's referring to what we all
understand by democracy right now - a democratic republic.

Now, I think the way most democratic republics work has failed. I think we
need a lot more _direct democracy_ elements implemented in the democratic
republic system. He says there that even the democratic republics were formed
so the transfer of power is done without bloodshed.

But what do you do when even in such a system, the people feel compelled to
create massive protests, possibly even violent ones (most revolutions)? I
think the answer is an even _more democratic_ republic. And I think you can
achieve that with more direct democracy elements, such as more citizen-made
laws, referendums, citizen vetos of bills, and so on (some of these exist in
some countries like Germany or Switzerland, but not a lot of them, and there
need to be more to become "more democratic").

This way, when the citizens are _really_ frustrated about something, they can
just fight to change the laws themselves, instead of waiting for the corrupt
government to do it, and instead of having to gather in the millions to
protest the government _in the streets_.

Note: I'm not saying we should completely discard the democratic republic
system, and do away with "representatives". That's what most people
(mistakenly) think when they hear this type of suggestion.

What I'm saying is far from it. I just want the republics to become _more
democratic_ , and for more ways to exist to _bypass_ the representatives in
_certain situations_ (explicitly defined in the law), when there is _big
frustration_ about something. But of course a balance must be kept, and the
representatives should still handle 95%-99% of the policies.

~~~
gizmo686
An idea I find promising is delagate system. Every voter starts with one vote,
which they can delagate to someone else (who can delagate to someone else,
etc...). Additionally, you can reclaim or redelagate your vote at any time, or
for a specific issue. This system preserves the main benifits of a republic,
while allowing direct democracy.

As an added bonus, it solves the problem of rebublics like the US where a
party could have 5% support and 0% representation.

------
gnosis
Encryption is just one (important) piece of the privacy puzzle. Another
important piece is steganography.[1]

Effective steganography could hide the fact that you're using encryption at
all, and could make traffic analysis[2] more difficult. Widespread use of
effective steganography could make wholesale digital spying a lot more
difficult.

The use of anonymous remailers[3] also needs to become much more popular; in
particular, the mixminion[4] remailer, which was designed to address many
weaknesses in earlier remailers.

Traditionally much more difficult, but as or even more important than the
technological solutions mentioned above, is educating the general public about
the need for and value of privacy enhancing technologies. Fortunately, the
massive publicity around the recent spying scandals is doing a lot of the hard
work for us in this area.

Finally, there's a great need for educating the general public on how to use
these privacy enhancing technologies properly, and making them easier to use.
There's still a lot to be done on this front, but the challenges are not
insurmountable, and they are getting easier as the general public becomes more
computer literate and more privacy- and security-conscious.

[1] -
[https://en.wikipedia.org/wiki/Steganography](https://en.wikipedia.org/wiki/Steganography)

[2] -
[https://en.wikipedia.org/wiki/Traffic_analysis](https://en.wikipedia.org/wiki/Traffic_analysis)

[3] -
[https://en.wikipedia.org/wiki/Anonymous_remailer](https://en.wikipedia.org/wiki/Anonymous_remailer)

[4] -
[https://en.wikipedia.org/wiki/Mixminion](https://en.wikipedia.org/wiki/Mixminion)

~~~
mikegioia
I read something a while back (unfortunately, I can't find it) in the NYTimes
postulating that the 9/11 hijackers used steganographic techniques to
communicate via the open 'net. If that's true, I wondered, then what could
possibly be the point of storing/analyzing internet communications _twelve
years later_? If they were using steganography in 2001, I can't imagine the
techniques they're using to hide in plain view today.

It makes you wonder what the actual point to all of this surveillance is.
Regardless, I whole-heartedly agree with you that steganography should be
prioritized much higher than crypto.

~~~
VexXtreme
You are naive if you think that national security is the reason for all this
surveillance. It's a pretext, a convenient excuse for the masses. The real
reason is establishing a global surveillance network, monitoring digital
communications both in the US and abroad and establishing/continuing
international supremacy.

Since you can't explain it in those exact terms to the masses without causing
an outrage, you have to tell them it's for their own safety and to protect
them from brown skinned tunic-wearing AK47-waving freedom-hating lunatics.

------
beloch
Sixty years ago, if something weird happened most people would say, "Gee, I
wish I owned a camera!"

Ten years ago, if something weird happened most of us would say, "Gee, I wish
I'd brought a camera!".

Today, if something weird happens most of us would say, "Gee, I wish I'd had
my phone out of my pocket when that happened!".

A couple of years from now, we'll just take for granted that we're recording
everything around us all the time.

Humans love sharing stories, but we're obsessed with our own credibility. We
could entertain others with a well spun tale far better than with a cellphone
snap-shot, but we still strive to record that snap-shot so we won't need to
tell the story and risk being doubted. In the process, we are eliminating the
mutability of truth and perspective in human experience in favor of cold, hard
bits that tell only the objective truth, and will do so perfectly for as long
as they are stored.

While we worry about keeping the secrets we have, we're generating new secrets
at an exponentially increasing rate. Secrets are necessarily losing their
impact as a result. A nude photo was once a scandal. A hardcore pornographic
movie, deliberately leaked, is now cheap promotion. Here in Canada, the mayor
of a major city was allegedly caught doing crack on tape. People weren't sure
whether to care or not, and it mostly came down to whether or not they already
liked him. Society is changing to accommodate the reduction of personal
privacy by becoming less responsive to scandal.

This is why the use of encryption has such difficulty overcoming sloth and why
there is so little rage among the U.S. public about their loss of privacy.
Compared to the indignities their pop-idols are subjected to, the snooping of
the NSA seems benign. The government would have to start placing cameras in
their bathrooms and bedrooms before they'd be properly outraged, and in a
decade or two even that may be tolerable! However, even as some types of
information lose their ability to wound, the type of information the
government seeks will still serve as an instrument of control.

It's a bit of a conundrum. How do we make people care more about privacy when
society is busy transforming itself to care less? I don't think the cypherpunk
movement has a hope of combating this trend. Whatever it does for the good of
society will have to be done in spite of society rather than with it's willing
participation.

~~~
popee
What you do in your house is your thing, but in my country it is not legal to
record stuff in public without permission.

Also, yeah, humans like to share stuff, but not with _enemies_ or whom they
think is not worth sharing (like corrupted government, etc).

~~~
Andrew_Quentin
What country is that?

------
nextstep
The most important problem of our time is the risk of losing all privacy. We
must work to make strong crypto widely accessible to the masses.

~~~
wladimir
What scares me most is that now that storage is so cheap, everything can be
stored for later. So even though no one may be watching now (likely), they
keep a dossier with all your calls, mails, visited sites, google searches, for
any time in the future to look at at their leisure.

It always reminds me of a shocking fact in Dutch history: _In the Netherlands,
the Germans managed to exterminate a relatively large proportion of the Jews.
The main reason was that before the war, the Dutch authorities had required
citizens to register their religion so that church taxes could be distributed
among the various religious organizations_
([https://en.wikipedia.org/wiki/Dutch_resistance](https://en.wikipedia.org/wiki/Dutch_resistance))

And this looks so quaint now. We can only imagine what potentially damning
information a totalitarian government can now find about every citizen
retroactively.

Digital networks are increasingly an intermediate in every little
communication and transaction between people. And with the internet of things,
in everything we do, in the future maybe even inside our bodies (what's after
Google Glass?).

We really need a way to prevent rampant data collection, otherwise the
internet is a large threat to civilization. I didn't go into technology to
facilitate some 1984-ish world government :(

~~~
grinich
OTR encryption is pretty good in this regard.

 _" If you lose control of your private keys, no previous conversation is
compromised."_

[http://www.cypherpunks.ca/otr/](http://www.cypherpunks.ca/otr/)

~~~
Spearchucker
It's also a poster child of secure F/OSS comms - easy to get the source code,
and crazy difficult to have a secure conversation with a verified buddy.

There's no obvious getting started guide, no plain English explanation stating
that Pidgin must be installed first, nothing about configuring for first use,
and nothing about starting a verified conversation.

~~~
ippisl
There are easy to use implementations of otr like securetext android app.

------
netcan
I think there is a commonality between the war against pirating , wikileaks
and government surveillance programs that all relate in some way to
"information wants to be free." I'm not quite sure how to articulate it.

Basically, there is a trend. Technology liberates "information" by improving
access to it. But the same forces also work on aggregating information.
Information is not just what the government is doing. It's also what you are
doing.

When we talk about governments trying harder to maintain their secrets or
record companies trying to maintain their copyrights, it seems like they are
fighting a lost cause. You can't fight the trend. _copy_ right is meaningless
in a world of digital copies. Information gets out. It gets aggregated. Is
that any different from these

Same force only this time we don't like the result.

~~~
route66
If you would not try to align record companies and the NSA in the axis of evil
you would come to a less convoluted analogy: If we accept that _copyright is
meaningless in a world of digital copies_ (a.k.a. "cannot put the toothpaste
back") the same holds for the river of digital traces everyone leaves behind.

So it's not governments who try harder to maintain their secrets, it's _you_
(or _us_ or whoever).

Just for the fun of it: take a recent pandora related artist-bashing thread,
look for the "too late, digital wants to be free" comments and apply them to a
scenario where we not talking about sound waves but phone metadata.

------
contingencies
_The cypherpunks have yet to do their greatest work. Join us._

Nice ending, a call to action and all that. Quick quiz then - what do fellow
HN'ers see as some of the greatest work still to come from a cypherpunk-like
movement?

~~~
greyman
For example, being able to communicate in an encrypted way with _anyone_.

This is not yet a solved problem, because now I can do that only with someone
who is able and is willing to install PGP or other tools - a very limited
number of people. That would be quite an achievement.

~~~
contingencies
That would be nice, but such a goal faces at least five major challenges: not
everyone has or wants computers, those with computers these days often don't
control them anymore (OTA updates to or vendor-locked devices), most people
aren't educated enough to use any solutions that do exist, global
discoverability requires central or at least hierarchical registration prior
to key exchange, and secure key management is still so painful that average
individuals are not going to opt in to it without some kind of serious
requirement on their part... or deal well with a potential scenario of key
loss.

~~~
greyman
Yes, that was exactly my point - solution based on secure key management
doesn't work for most people, so probably something completely different
should be invented. I don't have solution that would work, I was just
answering the question what "cypherpunks" can work on.

~~~
contingencies
Yes, I wasn't criticizing just thinking out loud!

------
venomsnake
That is wrong on many levels.

Its like saying in the 1950-s - if we ship enough weapons to the MLK
supporters they will get their civil rights. Maybe, maybe not. What we will
have for sure is more volatile and bloody situation.

Cryptography cannot be stable response to a surveillance/government overreach
state. It just creates an arm race in which the government still has the power
to beat you up to a pulp on whim. With a robot(wait 5 years).

It's the second amendment fallacy - enough technology in the hands of the
people can stop the government.

By encrypting everything you just open the door for arbitrary enforcement on
various laws.

~~~
siddboots
What makes me disagree with this point is the same sentiment behind the phrase
"the universe believes in encryption." As far as anyone on earth knows, prime
factorization takes exponential time on a deterministic machine. Without one
or two major advances in human knowledge, there can't be any "arms race".

More to the point, encryption isn't a "weapon" in this situation, it's the
goal. If people are able to use encryption that can be trusted, the people
have means to the basic right of privacy when they wish for it.

~~~
mrgoldenbrown
The arms race doesn't need to happen in the pure math realm of crypto. It can
happen in a myriad of other areas. One example - if I have a keylogger
installed on your computer, it doesn't matter how perfect your encryption
algorithm is.

------
chrisvineup
Which is precisely why the government in the UK added encryption sections into
the RIPA acts
[http://en.m.wikipedia.org/wiki/Regulation_of_Investigatory_P...](http://en.m.wikipedia.org/wiki/Regulation_of_Investigatory_Powers_Act_2000)
people who fail to hand over keys to encryption can face a prison sentence.
The rather obvious flaw in this is that people routinely forget their
passwords and the prosecution have to prove intent.

~~~
cmdkeen
Yet the UK has successfully obtained convictions for failing to hand over
passwords - and the UK legal system hasn't yet been compromised to the level
of ignoring reasonable doubt.

The majority of people who receive such notices hand over their decryption
keys. Because the UK requires such notices only be made after consulting with
specialists - it isn't like some random cop makes the requirement on their
own. Those specialists can determine things like the likelihood of the "I
forgot" defence working.

It should be fairly easy to come up with scenarios where claiming a forgotten
password is unlikely. Especially if it is a case of the key being used
regularly, for instance whole drive encryption, or one key for all email
encryption. Then they're not claiming they forgot the key at some point -
they're claiming they forgot it at the very moment the police came knocking.
Because otherwise they'd have to claim they've been sitting on a bricked
computer, or unusable email account. Which becomes even harder if you can show
emails having been sent from that account up until a certain point in time.

Remember criminals tend not to be the smartest cookies running state of the
art encryption with deniable characteristics etc.

~~~
userulluipeste
Can't I just say that the police knocking gave me intense emotions which
caused me a cerebral shock or something?

------
Zigurd
When you argue against the routine use of strong encryption for data storage
and communications, remember that before the NSA became the hot news, it was
foreign hacking and spying that was the problem. You need strong encryption,
and you will need it for threats that arise in the future.

------
uonyechi
Quick question then (which may be a bit naive). What happens when this crypto
tech falls into the hands of terrorists - the ones that target human lives?

~~~
userulluipeste
Quick answer - someone says that the future is imperfect:
[http://www.daviddfriedman.com/Future_Imperfect/Chapter3.html](http://www.daviddfriedman.com/Future_Imperfect/Chapter3.html)

------
WhoIsSatoshi
read his book.

------
kimlelly
Relevant poll:
[https://news.ycombinator.com/item?id=6017918](https://news.ycombinator.com/item?id=6017918)

