
Keeping Secrets - ghosh
https://medium.com/stanford-select/keeping-secrets-84a7697bf89f
======
eps
Pardon the longer quote, but I want to comment on this -

    
    
      Rather than trying to understand both sides of the 
      issue and make the “right” decision, Hellman said 
      that in the heat of the controversy, he listened to 
      his ego instead.
    
      It was not until Hellman watched Day After Trinity,
      a documentary about the development of the atomic 
      bomb, that he realized how dangerous his decision-
      making process had been. The moment in the film that 
      troubled him most, he recalled, was when the Manhattan 
      Project scientists tried to explain why they continued 
      to work on the bomb after Hitler had been defeated and 
      the threat of a German atom bomb had disappeared. The 
      scientists “had figured out what they wanted to do and
      had then come up with a rationalization for doing it,
      rather than figuring out the right thing to do and
      doing it whether or not it was what they wanted to do."
    

This attitude - screw the consequences, let's just scratch my curiosity itch -
is _extremely_ common in tech circles. Cryptonomicon did a good job presenting
this issue in a highly digested form - that is when the Avi character is
setting up a data haven for all the good reasons and the only people that show
up for the (funding) presentation are the criminals and rogue government
agents. I was messing with anonymous private p2p systems at the time when the
book came out and it was frankly a shock to read, because somehow it was an
obvious angle that I never considered at all. I was just _engineering_ stuff
because it was really interesting, but never did I consider the consequences
of actual application. Realizing that there's an ethical component to every
technical project was quite an eye-opener and it had profound effect on how
was viewing projects ever since. Perhaps it's obvious to some or a non-issue
to others, but then perhaps there are those here who can relate...

~~~
ableal
A short story that I read many years ago, possibly in an SF anthology, has
stayed with me. I've forgotten who's the author, and don't necessarily agree
with his point, but it is a good parable.

Briefly, a man comes to the house of a famous scientist, who happens to have a
mentally disabled son. The unknown visitor comes to plead, politely, for the
scientist to cease working on a super-weapon project. He is heard, but is
rejected. The visitor accepts it well, and asks to use the bathroom before
leaving.

After he has left, the scientist finds out that the man has given a gun to his
son. He manages to get hold of the weapon without mishap, and wonders what
kind of man would give a loaded gun to a disabled child ...

~~~
walterbell
Frederic Brown, _The Weapon_

[http://writenowisgood.wordpress.com/the-weapon-
questions/](http://writenowisgood.wordpress.com/the-weapon-questions/)

------
dsymonds
This is a good read, though it curiously omits mentioning that the NSA's
twiddling of DES's S-boxes turned out to have made DES stronger rather than
weaker. That seems like a pretty important note in the story.

([http://en.wikipedia.org/wiki/Data_Encryption_Standard#NSA.27...](http://en.wikipedia.org/wiki/Data_Encryption_Standard#NSA.27s_involvement_in_the_design))

------
nly
> According to Inman, the uptake of the research community’s cryptographic
> ideas came at a much slower pace than he had expected. As a result, less
> foreign traffic ended up being encrypted than the agency had projected, and
> the consequences for national security were not as dramatic as he had
> feared. Essentially, Inman recalled, “there was no demand” for encryption
> systems outside of governments, even though many high-grade systems
> eventually became available.

Some things don't change. Despite the fact that the bedrock of basically all
noteworthy asymmetric cryptography was laid in just a handful of years 40
years ago, and despite the fact we've had crypto protocols to solve a lot of
really compelling problems for decades, the NSA, and government generally,
still has little worry about. The market has a way of selecting really lowsy
solutions when it comes to privacy. Consider:

\- The abysmal state of implementation. Over-engineered, poorly designed,
poorly implemented, and poorly deployed. Did I miss the memo for the billions
of dollars of investment and meticulous engineering being poured in to the
cryptography Space Race? I guess a couple of OpenSSL forks is a start, right?

\- Zero adoption of personal digital signatures. Zilch. Nudda. You can't prove
authorship of anything, and can be framed for almost anything. None of the
logs being made of your activities are seen by you, let alone signed-off by
you as authentic.

\- The complete lack of good, usable, client authentication. We've known how
to do secure password authentication, even in the presence of weak passwords,
since before the web existed, yet we have nothing. Google authenticator is the
only meaningful contribution to authentication on the web since the 90s
(Pretty much all the third-party systems conflate the issue of identification
and authorisation)

\- Complete centralisation of interpersonal messaging (Email -> Your webmail
provider, SMS, Whatsapp, Facebook Messenger etc). It's all unencrypted,
logged, and subverted for government or commercial interests.

\- Blackboxification of consumer electronics. Yet somehow, despite the urgency
in keeping DRM keys secret, essentially the same technology, we don't have
usable HSMs in consumer devices like phones yet.

\- Extensive surveillance of all our financial activity. Our supermarkets can
track our personal shopping habits down to the items we buy week on week, and
our banks knows where you like to buy your Sunday lunch. We've known how to
achieve cash-equivalent privacy digitally for 20 years. All we have is Bitcoin
which, while heading in the right direction on trust, serves some grand
libertarian ideal and accomplishes little in terms of privacy or user
friendliness. Go read about Digicash, in another life it could have shipped
with Windows 95.

\- The complete lack of good trust models and, more importantly, the lack of
any education or inclination amongst the general public, particularly among
the young and technologically comfortable, to question whether we should
really be trusting website X, company Y or app Q with our personal data and
habits. Social networks have changed attitudes toward sharing our personal
life in one generation. My dad considers Facebook statuses bizarre. My grandma
still doesn't trust plastic or direct debits, and prefers cash. We're caught
in a generation gap where we have no reason to trust many entities, but have
so much incentive to risk it anyway.

... clearly the demand for cryptography is still low.

~~~
Already__Taken
> Zero adoption of personal digital signatures. Zilch. Nudda.

See Estonia - [http://e-estonia.com/component/digital-
signature/](http://e-estonia.com/component/digital-signature/)

~~~
toyg
There has been piecemeal adoption of various "digital signature" technologies
across Europe, but it's mostly limited to specific areas dealing with tax and
government communications. Accountants and lawyers might have encountered this
sort of tech at some point, but that's about it.

Digital signatures are extremely disruptive of long-standing legislation, so
they require excruciatingly slow rollouts anyway: first you have to change all
laws dealing with contracts and identification, then you have to define what
technology you're going to use (and pray it doesn't change in 2 years), then
you have to modernize State infrastructure to deal with the new setup, then
you have to persuade regular citizens to change their habits. And of course,
as for all crypto schemes, the result will only be as strong as the weakest
link in the chain (e.g. the Diginotar fiasco).

~~~
TeMPOraL
> _then you have to persuade regular citizens to change their habits._

And then you still need to have a backup procedure for elders, people in
extreme poverty and others who for some reasons cannot use electronic
solutions to interact with the government.

------
dthal
From Hellman's letter to Stanford's attorney:

>Although it is a remote possibility, the danger of initially inadvertent
police state type surveillance through computerization must be considered.

Yup...I'd say we've pretty well backed in to it.

------
squozzer
I don't have a problem with the way things turned out. An equally plausible
scenario would be if the researchers had just surrendered to the Feds then we
would have nothing until it was too late.

The Feds like to squeeze - that's their job. It's why Congress usually takes
care in limiting the scope of their activities. But had the researchers acted
"reasonably", they'd probably be working in some basement a la Dan Akroyd's
character in "Spies Like Us."

------
andrew93101
Not directly related but a fun fact: GCHQ had discovered both RSA and Diffie
Hellman asymmetric crypto years earlier:
[http://en.wikipedia.org/wiki/Clifford_Cocks](http://en.wikipedia.org/wiki/Clifford_Cocks)

