Hacker News new | past | comments | ask | show | jobs | submit login

Thanks for the response. Sorry for editing mine while you were writing yours.

> Oh I agree. Actually if you look back Clinton and first term Bush era they kept proclaiming that there was a cyber intelligence war but it never really caught on.

Interesting point. Now, in the 90s, wasn't the government trying to prevent encryption from being used by the public though?

> When it comes to hacking, the attacker always wins. Just playing defense is a losing game.

Still, there are a lot of defensive measures the public can take from hackers. For instance, using OTR, Tor/VPNs, and moving sites to HTTPS whenever possible.

Bruce Schneier has an interesting metaphor for this period in human evolution. He compares the information revolution to the industrial revolution. At first, people didn't realize how bad pollution could be, amongst other things like food safety. Books like "The Jungle" helped prompt people to stand up for themselves and demand better, and healthier ways of conduct. Overall, humanity evolved to handle the new technologies and their side effects. Snowden's revelations are like "The Jungle" of our time.




> Now, in the 90s, wasn't the government trying to prevent encryption from being used by the public though?

Oh yeah. They did before the 90s, during the 90s and are also doing it now. We won some serious ground in the 90s, allowing us to use stronger algorithms. But companies are still required to keep copies of all of your encryption keys at the ready if they want access to your data. If you haven't seen it the FOIA requested document from the CIA posted here a week or so ago has a pretty good history.

http://www.foia.cia.gov/sites/default/files/DOC_0006231614.p...

> Still, there are a lot of defensive measures the public can take from hackers. For instance, using OTR, Tor/VPNs, and moving sites to HTTPS whenever possible.

These things do help, but minimally. OTR is good if you want some privacy on your chats. Tor is good if you want a little anonymity. Some baseline level of encryption should be standard everywhere. If you look at the extensiveness of the backdoors though these don't really matter. For example take the FBI mass exploitation of Tor this year. In many instances (Apple iPhone/Microsoft Skydrive/etc with PRISM), copies of data are stored directy from a partner's product for inspection, whether it was originally encrypted during transit or no. And computer exploits that target operating systems are able to see everything on your computer that you see.

Re: Schneier:

I love his analogy to Digital Feudalism the most.


Will check that out, thanks




Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: