Strawman recapitulation of PHKs thoughts. Unfortunately, the conclusions are both wrong, and naïve at worst.
Crypto that gets used has to be easy-to-use, MySQL style. I think a project like tcpcrypt is great example, in theory. Simple is good because the pain of setup has to be least. (Tcpcrypt is opportunistic encryption that needs no additional setup and is different from SSL.)
Crypto does work. Snowden admitted as such.
“Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.”
(The last point is another form of the ancient security problem of taking steps to minimize chances of plaintext disclosure.)
The cost to capture or recover plaintext should be much greater to the proportion of the potential value of the PT over the time it could cause damage.
Just giving up is defeatist and expects that some future government made of fallible people would suddenly get enlightenment and act benignly. Never going to happen, there is too much money and power at stake. (USG fears its citizens but abuses power to crucify dissenters.)
Encrypting almost everything is one immediate way to forcibly remove the possibility of abuse. Remember that even if (and that's a big "if") political sands were shifted one way, they would certainly shift back to a culture of secrecy and expedient Machevellianism. If you don't take reasonable measures to protect yourself, you don't understand what's going on or what works. There are no easy fixes, only defense-in-depth. Security is fundamentally an unending competition of gambits and countermeasures that will continue so long as people have secrets or desire freedom from intrusion.
> Crypto that gets used has to be easy-to-use, MySQL style. I think a project like tcpcrypt is great example, in theory. Simple is good because the pain of setup has to be least. (Tcpcrypt is opportunistic encryption that needs no additional setup and is different from SSL.)
The off-the-record (OTR) plugins for various IM clients spring to mind as easy to use.
Funny you mention OTR. I started to write that and thought of this and next comment down. Why not show a no configuration technology that could be packaged/advertised a little better and be really useful instead?
Except that a lot of people never care about validating the peers fingerprint. "Hey, I am A, I am at another computer at the moment, hence then new keys."
(I know this is somehow mitigated by SMP in libotr, but some clients have not implemented it yet, e.g.:
https://trac.adium.im/ticket/9768)
I think what we can achieve with cryptography is to force the government to use proper courts and due process instead of mass surveillance.
I don't know why war metaphors are used for everything since 9/11. The Maginot Line is completely irrelevant, because this is not a war where one party wins and one loses. It's a complex and ongoing political and social process.
We can use technology to make long standing legal principles more effective and their violation more visible.
Yeah, my understanding is that the French knew very well that the Germans would go around; the Line was only meant to force them to detour through rough country and slow them down long enough for the French Army to mobilize. It failed because the Nazis used unprecedented tactics and technology to storm through Belgium and the Netherlands faster than anyone thought they could; the French Army still knew they were coming, but weren't able to mobilize fast enough to stop them.
Also, the British forces that were supposed to be guarding the Western route into France folded quickly and retreated. "Blood, Tears, and Folly" contains exceprts from contemporary sources noting that the British determination to retreat was such that they prevented French troops from redeploying to their Western flank so as to avoid the French defence impeding the British retreat.
Additionally, the Belgian fortifications were not nearly up to the level of the Maginot Line, nor the level the Belgians boasted. They proved to be little more than a speedbump for the Wehrmacht.
The Germans also devised novel tactics to overcome the Belgian fortifications. In the initial attack on Eben-Emael [0], for example, commandos descended on the fort in gliders in the black of night and used newly devised shaped charges to destroy the heavily bunkered Belgian guns.
Blitzkrieg itself was a new tactic, but its success depended on surprise, which the Germans achieved by sending their main mechanized force through the rough, wooded terrain of the Ardennes while feinting an attack to the north, through the plain of Flanders, where the Belgians and French expected them. That was a hugely risky endeavor, and the offensive would probably have failed if the German movements had been discovered during the several days it took to cross the Ardennes Wood.
I should have mentioned the biggest problem, which is that the whole enterprise of the Vichy government was essentially a coup against the Republic, taking advantage of the German pressure to overthrow the government of the day - many members of the Vichy leadership had a history of involvement in anti-Republic groups (Monarchists, anto-secularists, and so on) and some were involved in planned coups in the 30s.
>It failed because the Nazis used unprecedented tactics and technology to storm through Belgium and the Netherlands faster than anyone thought they could;
The German war plans were captured by the Belgians in 1940's "Mechelen Incident". The Germans subsequently changed the plan, but the allies reacted to the German attack assuming the original plan.
The final ("Manstein") plan was a big gamble on Germany's part, and the generals hated it because the German army would have be obliterated if the allies countered properly.
Your basic point is correct, though. It's easy to blame France's collapse on the Maginot Line, but reality isn't so simple.
The article mentions " I was told yesterday (by Bruce Schneier, so I trust it) that the noise pattern from a device’s antenna can be used to fingerprint it, a side effect of high-precision wireless transceivers."
My quick attempts with Google did not provide any good results. Does anybody have pointers to research about how feasible this fingerprinting is for example against modern cellphones?
Modern cellphones have many, many other ways to fingerprint them that are more economic. I doubt what Schneier suggests would ever be used in anything other than military applications for the next 10 years.
It's more of an issue for something like wifi, where you can trivially change MAC (and do host-level stuff to change the fingerprint of the rest of the stack).
Interesting that they originally planned to have it cover Belgium too - if they'd actually finished it Germany would not have been able to go through Belgium after all. I wonder why they didn't finish it?
As I recall there were a few reasons. The two biggest ones:
1) The Belgians threw a shitfit over the French wanting to build a wall to seal in France with them on the wring side of it. They offered instead to allow the French to connect French eastern border defenses to Belgium's eastern border defenses, promising that if the Germans did decide to invade Belgium again that their line would hold.
2) The portion that was completed cost over twice what was projected. The Franco-Belgian border would have been harder to fortify than the Franco-German border, and considering the cost overruns on the latter portion the former started to look infeasible.
Also worth noting: Belgium was traditionally neutral, having been set up as effectively a buffer state in the wake of the Napoleonic wars. The bloody quagmire First World War was in no small part precipitated by Germany's violation of Belgian neutrality, which brought Great Britain into the war on the Franco-Russian side -- the UK had committed as a guarantor of Belgian neutrality. So despite strong misgivings about German revanchism during the 1920s and 1930s, Belgium was also historically somewhat ambivalent about joint defense projects with foreigners.
Yes, absolutely. And I note that these days Belgium is home to NATO's Supreme Headquarters Allied Powers Europe (SHAPE). They might not have worked it out after WW1, but after WW2 ...
This is perhaps off topic but my cousin is a tour guide in one of the villages close to the border with the Germans. Thanks to this I had the opportunity to visit some of the Maginot bunkers where the French troops waited anxiously for the invasion to come to their doorstep. A few rooms had their walls entirely covered in miniature Mickeys, giving the place an eerie and deeply melancholic atmosphere.
The point of my post is that it feels really great that France and Germany are now allies, maybe even friends. You can criticize Europe a lot but at least we aren't fighting each other and hopefully won't do so for another century. Whenever I see Americans complaining about their country turning to shit I want to tell them to focus on the fact that it could have been so much worse.
I actually appreciate that article. Yes, it is written a little heavy handedly, but the point is sound. Sure, there are some smart/informed people who knew the actual power of the gov't to snoop, but by and large the "carbon copy" metaphor is dead on.
Even here on Hacker News recently, there was an article about how the entire US nuclear armament is run through ancient computers and we chuckle. "Ha ha, you gov't people are stuck in the stone ages".
"when a burglar comes through the window, do you put more locks on the door? Better to just acknowledge that we chose to live in a dangerous neighborhood."
So they start keeping both the door _and_ the window unlocked? If that happened to me, I would 1) get better at keeping my windows closed/locked/barred 2) consider moving to a better neighbourhood.
"in violation of the 5th amendment, likely, but how long until a friendly precedent on that account?" – so vote, speak out, do something instead of accepting the status quo.
Defence of their Western border was very important when the Wehrmacht was active in the East - early in the war they really didn't have the men to attack in the East and defend in the West so having fixed defences there was seen as very important.
Crypto that gets used has to be easy-to-use, MySQL style. I think a project like tcpcrypt is great example, in theory. Simple is good because the pain of setup has to be least. (Tcpcrypt is opportunistic encryption that needs no additional setup and is different from SSL.)
Crypto does work. Snowden admitted as such.
“Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.”
http://m.techcrunch.com/2013/06/17/encrypting-your-email-wor...
(The last point is another form of the ancient security problem of taking steps to minimize chances of plaintext disclosure.)
The cost to capture or recover plaintext should be much greater to the proportion of the potential value of the PT over the time it could cause damage.
Just giving up is defeatist and expects that some future government made of fallible people would suddenly get enlightenment and act benignly. Never going to happen, there is too much money and power at stake. (USG fears its citizens but abuses power to crucify dissenters.)
Encrypting almost everything is one immediate way to forcibly remove the possibility of abuse. Remember that even if (and that's a big "if") political sands were shifted one way, they would certainly shift back to a culture of secrecy and expedient Machevellianism. If you don't take reasonable measures to protect yourself, you don't understand what's going on or what works. There are no easy fixes, only defense-in-depth. Security is fundamentally an unending competition of gambits and countermeasures that will continue so long as people have secrets or desire freedom from intrusion.