What if Gilmore wins, and the NSA is forced to reveal all but the most secret information about cryptography? Would national security be compromised, as the NSA claims? "I don't think so," says Gilmore. "We are not asking to threaten the national security. We're asking to discard a Cold War bureaucratic idea of national security which is obsolete. My response to the NSA is: Show us. Show the public how your ability to violate the privacy of any citizen has prevented a major disaster. They're abridging the freedom and privacy of all citizens -- to defend us against a bogeyman that they will not explain. The decision to literally trade away our privacy is one that must be made by the whole society, not made unilaterally by a military spy agency."
This quote from May especially struck me “Would Hitler and Himmler have used ‘key recovery’ to determine who the Jews were communicating with so they could all be rounded up and killed?” The Nazi's wouldn't have really cared what Jewish people were saying because they just wanted to kill them. Similarly if we think of something like the Soviet Union while cryptography would have undeniably been helpful for dissidents for coordination and getting ideas out ultimately you still need to have people on the streets or in office to get anything changed.
You're right that you need to have people on the streets or in office to get anything changed. I think too many people forget this and forgo the slow hard work of street-by-street politics and downticket races.
But I think the fight about making cryptography available, really is the fight for right to privacy, and even right to secrecy in certain areas of our society. The USA is fortunate in some ways because of the constitution, and its repercussions throughout modern history - even if law enforcement can build or buy a device to see through walls, that doesn't allow such tools to be used without regulation.
But now is the time to regulate large scale meta-data, traffic analysis, in addition to guaranteeing a right to technology that allows data to be kept secret.
Sure, you still need to buy things in person, which can be done with cash. But drug dealers seem to be able to do a pretty good job of evading taxes.
Imagine if everything that you bought in person was done with cash, or a bitcoin payment. That money would be untaxable.
If you buy a house, for sure, the government can track that, and you need to make sure the money used to buy that is "clean", but a surprising large percentage of a person expenses could be done in a safe way.
Buying a house or renting housing leaves a paper trail. So does renting or buying a car from most places that sell or rent cars. So does paying utility bills. So does paying for prescription drugs, medical services, car insurance, life insurance... So does paying for higher education.
I guess if you had some cash-only tax evading side business you could use cash to buy things like food, clothing, gasoline, and miscellaneous household goods. But you're not going to be able to dodge the taxes on middle class life's major expenses -- at least not without tripping the same mechanisms that catch drug dealers buying cars etc. with cash. I suppose you could live like an off-the-grid survivalist who never interacts with ordinary businesses. That looks like a lot more work than living an ordinary life where you work at jobs that don't involve trusting other criminals, buy things and pay taxes like usual.
You're also assuming that the government would sit still in the face of a serious erosion of the tax base, and not crack down on it. The US is bad enough with its arbitary seizures of cash, let's not destabilise the situation further.
Just because cryptography isn't useful for that particular case doesn't make it not useful for other cases; no one is arguing crypto will fix all government abuses. It doesn't mean it isn't a useful tool, though, in fighting corrupt governments.
In countries like the USA, or even Apartheid South Africa it can have a much bigger role in organizing protests and other activities.
I am a big fan of this technology , and still hope that it will be more wide spread among citizens in a secure form. Like freedom of speech, information security is definitely an important pillar of the modern state and empowers citizens. Unfortunately, all attempts to introduce it to the masses and get it right from the security point of view have failed so far.
It is a tough balancing act to get right : freedom, convenience, safety - you seemingly can only have two of them.
 e.g. in the form of https://www.gnupg.org/
The Cypherpunks list was remarkable for a time. Very high-volume, fractious, competitive, vicious, with at least one participant going to jail for a long time due to acting on some of the ideas. And very, very full of ideas ranging from mind-candy to very dangerous.
May's Cyphernomicon is really his interpretation of what was going on, colored heavily by his politics. Paraphrasing the joke, ask three cypherpunks what the word meant and you'd get four answers. But the document is an in-depth look at some of the implications of cryptography, a look at some deeply non-mainstream politics, and a contemporaneous recounting of the politics and technology development of a really interesting period of time and a really interesting mailing list that had, I think, a surprisingly outsized (if hard to pin down) role in shaping security policy.
 Stephenson's Cryptonomicon came out at roughly the same time as May's work, and it was one of those funny little accidents that the name collided.
 I do think the Clipper chip fiasco and the ITAR changes wouldn't have played out the same way without the collaboration that happened on the list, and it was fertile ground that lead to several companies and weirder entities being formed.
Edit: of course as soon as I post I then find some recent(ish) posts by him here: http://lambda-the-ultimate.org/user/3908/track
Fuck the NSA.
Maybe he was trying to throw off the NSA, and protect the not-so-innocent... ;)
Since that's not terribly clear, here's the explanation: https://techpinions.com/an-old-mystery-solved-project-c-43-a...
The idea that a piece of software could not be legally exported from the US but could be fetched via FTP from Italy was pretty amazing in its dissonance. All of the representatives of the federal government I ended up interacting with all understood that the battle was "lost" but they were doing their part to slow or chill research or distribution.
- has E2E encryption  of text, image, audio, video
- does not require phone # 
- does not require address book upload
- is not ad-supported
- has open-sourced code for their desktop and mobile clients
- has single msg editing & deletion
 using a desktop browser, register at http://app.wire.com with email, then login to mobile app
Does anyone know how it's financed? Without a clear business model, it's hard to trust anyone these days. If it was an open source project just for the sake of having an open source solution, that'd be one thing, but the website mentions Jobs, and has a web-based app run by them, so there's real money being invested here, and at some point they'll have to reap profits from it.
Rdio (common investor) lasted five years, https://en.wikipedia.org/wiki/Rdio
If they go under, it may be possible to build an open-source client+server that is inspired by their current OSS client. In fact, that effort can start now, as an insurance policy.
Edit: found a Mar 2016 interview with Janus Friis (who is financing and chairing the company), they have 50 employees in Berlin and are seeing 150K new user signups per month, http://www.bloomberg.com/news/articles/2016-03-10/amid-apple...
- has single msg editing & deletion
- a distributed P2P network with no proprietary or centralized services
- no email requirement
- Linux support (advertising "cross-platform support" without Linux is a fucking joke)
Since the baseband processor is a major attack point on a mobile device, it's a big deal that Wire does not need a phone number. It means you can use a WiFi-only device like an iPod Touch or non-cellular tablet.
In the bigger picture, we have to stop supporting companies whose business model is based on data harvesting. Wire is a small step in the right direction. We need more steps and more alternatives.
Wire reduces metadata, e.g. no phone number and no social network/contact graph for triangulation. You can use a throwaway email to register, that is never used in other contexts. That leaves metadata for device key fingerprints, Wire account ID and public IP addresses.
Wire also uses WebRTC for some communication, not sure about the metadata implications of that protocol.
Readers will gradually learn how to select writers with independent perspectives, filtering out groupspeak, as they have learned to do with advertising.
Edit: manually curated Twitter whitelists, connected to Flipboard, can provide an efficient view of reader-prioritized, coherent perspectives. We need better whitelist support on discussion services.
For DIY quantification, create a spreadsheet of userids, threads and manually tagged perspectives from your favorite social network or discussion forum. Then apply open-source tools for social network graph analysis of node interactions. With this data, apply exclusion filters to targeted clusters of userids, then re-read the "mass opinion". Palantir has proprietary software for network influence analysis, but many algorithms and OSS tools are available from academia.
The scheme is called a one-time pad, and while it might be considered impractical, it was definitely used successfully. In fact Alan Turing apparently contributed to one such device: https://en.wikipedia.org/wiki/SIGSALY
> The Project X method required courier distribution of noise tracks on phonograph records. Because the noise had to be as long as the speech it masked and each track could only be used once–it was the audio equivalent of a Vernam cipher or a one-time pad–the system was exceedingly cumbersome.
What is need is a mainstream movement to embrace crypto as a fundamental human right.
Sidebar: The article is part of "Passcode" - a field guide to security and privacy from The Christian Science Monitor:
And, only one company will sign everyone's public key, because regular users just want to delegate everything to a familiar name. Then we will need another revolution, an underground network of public key signers. With names like 51GNpnk and TheRealBob. One of TheRealBobs will come smoke a joint with you in your parent's basement, and sign your key for $5, so that you can get into the Minecraft party on the weekend.
In blockchain-style naming, there's no UDRP, and if you can't get jurisdiction over the particular name-holder, you can't get much joy from litigation either. There's no registry or registrar to whom a court order could be issued.
That has advantages and disadvantages from the end user's point of view: sometimes the legal system would have undermined uses of names that they wanted to make (as in the case of censorship by seizing or canceling a domain name, or transferring it as a punishment for violating an unrelated law), while other times it would have protected them from confusion and fraud.
Not by itself. That's what protocols are used for. A weak protocol would allow for an attacker to intercept public keys, allowing the attacker to mitm communications.
I will say this- we are on the verge of the crypto revolution. I have never before seen so much energy and effort, and finally, money in the crypto sphere. In large part because now there is cryptographic money (eg: bitcoin et al.)
For those of you who think that the startup scene has become lame where you're just building apps to sell advertising, you're missing out.
The thing about the crypto revolution is that it is not nearly as obvious. Internet and PCs were obviously great in the early days- great for everyone. Crypto is harder, has a learning curve for consumers and until that's eliminated it's easy to think that it will go nowhere in the same way that pgp has effectively gone nowhere for 20 years.
Much in the way that we've given up on "artificial intelligence" and made great strides in machine learning.. crypto is on the edge.
It's the place you want to be.
Here's a longer clip of the same interview: https://www.youtube.com/watch?v=oR0_LPbWxe4
Sidenote: that Banksy street art (photo in article) has already been destroyed.