What's the basis here for casting aspersions on a specific individual? It seems like nothing more than "I noticed this guy's name appearing in more than one place" and "Mozilla declined to comment". Surely the threshold has to be higher than that.
We're all for public inquiry into serious matters, but the internet is quick to smear people and I shudder at HN being used that way.
Lack of evidence or credible track record by the accuser makes this indistinguishable from concern trolling. That's a shitty thing to do to another human being, and you can't do it here.
User flags killed the thread before I finished writing my comment, so moderator intervention turned out not to be needed. Had it been needed, we would have done it, but I'm glad the community is on the same wavelength that we are.
Disagree. It's unfortunate he took a job with NSA and I sympathize with his situation. However, you are all underestimating his influence. He isn't just some background nerd, he has fundamental power. People in such positions need to be carefully vetted both privately and publically.
If you ask me, he has way more power than elected politicians, excepting US senators, state governors, party leaders, cabinet members, and the president.
Ekr is a keystone in global cyber security infrastructure and being in the spotlight is appropriate.
This feels like a circle cover up. NSA was awful. Why didn't ekr speak up like Snowden when he had the chance? Anything associated with NSA should be carefully analyzed.
Unbelievable! A valid line of inquiry. How soon we forget wtf the NSA did.
People need to be careful about casting these kinds of aspersions. Eric Rescorla is first and foremost one of the longest-serving volunteers on the IETF TLS working group (also: the author of ssldump, which has saved my bacon on numerous occasions). He was the natural point of contact for anyone, at any large organization, looking to amend TLS with a custom extension.
His "involvement" with extended-random, so far as we know, is that someone in the Federal Government told him "here is a sketch of something we need to deploy TLS within the US Federal Government" (so far as I've been able to find, nobody has ever recommended that general-purpose implementations should adopt extended-random).
Moreover, if you look at the mailing list at the time, you'll see tens of other TLS standards people looking at extended-random and OpaquePRF, shrugging, and saying "this looks whatever ok fine". Are they all damaged goods? I'm sure there's more than one person who voted this story up who thinks so. That's an especially easy position to take if you're an anonymous rando who hasn't donated a single hour to the IETF.
It is only in the wake of BULLRUN --- which generated enough circumstantial evidence to turn the far-fetched story about Dual_EC into something plausible --- that any crypto person looks at big random blobs with skepticism. Until about 4 years ago, for most professionals, "more random" meant "more secure".
I think this is a recklessly, negligently written abuse of "Ask HN". I flagged it, and I'd ask that others join me. Thank you.
With this, it's completely absurd to imagine that NSA cryptographers did not discover this possible backdoor, when they were explicitly aware of the relationship of knowing Q and P and knowing the state of the RNG.
Even assuming that the NSA cryptographers were incompetent and did not discover it before the public researchers and classified it for no reason, their continued endorsement for Dual_EC and their $10 million payments to RSA for making Dual_EC the default RNG paints a clear picture that -- yes, it's backdoored, and the NSA intentionally endorsed bad crypto to American companies.
It should also be noted that the NSA's public comments does not deny that the put in a backdoor. "The non-denial denial". And this is not counting the beyond-any-doubt evidence from Snowden that, Dual_EC was concretely part of BULLRUN.
This isn't even a coherent narrative about the NSA's role. The NSA isn't alleged to have "discovered" the relationship between curve points and the security of the RNG. They're alleged --- at this point credibly --- to have deliberately invented PKRNG as a key escrow mechanism.
And what this says is that you don't even know what BULLRUN is, but are happy to chime in on a thread about how EKR was an NSA plant. I feel bad singling you out, because I'm pretty sure the person who wrote this idiotic post doesn't know the backstory either.
I am convinced by your argument that Eric Rescorla is indeed a respectable person and not working for NSA secretly, but your flagging the question is too much. The Snowden leaks slaps every one in the face who sees every conspiracy theorist as a lunatic, so it is perfectly reasonable for people to question even the slightest appearance of NSA infiltration.
Well, personally I think that no one should be treated as damaged goods for the rest of their career, but before we go all kneejerk on ekr, let's make sure we understand how things work at Mozilla.
Mozilla separates our codebase for Firefox and other projects into discrete units of code or activity, called Modules. An overview: https://wiki.mozilla.org/Modules
Module Owners have final say over the area their module covers, unless they are sub-module, in which case a disagreement can be escalated to the parent module. Module Peers are appointed by Module Owners to help them out based on a history of good contribution. In practice, this roughly means that peers and owners handle code review and merging of code for the code covered by that module.
Eric's peer of a few WebRTC-related modules and owner of the Media Transport module, which AFAICT is a submodule of WebRTC, owned by someone else. This is to be expected for someone who has done lots of good work around WebRTC and media.
Reading that bug, as far as I can see he's making public comments on a public bug about his opinions of how something in some open source code should work. He's been recognized by his peers as a skilled (paid) contributor in the area and thus his opinion is valued. He's making arguments, not shutting down people. He's even discussing the issue and asking for a decision from the WebRTC module owner, who has more say over this than he does.
This is a bunch of nonsense. ekr was, for many years, the chair of the TLS working group at the IETF. He worked on TLS for years, which is why you'll see his name on the RFCs for TLS 1.1[1] and 1.2[2]. He's currently doing the bulk of the work on TLS 1.3.
The only hint of an insinuation that he's ever acted against the common interest comes from the fact that his name is also on the Extended Random draft. That's because the supposedly good half of the NSA (the Information Assurance Directorate) asked for that change and needed someone to guide the process through the IETF. Since ekr was so central to the working group and so practiced at it, he ended up writing it as a draft and thus his name got attached.
I bet he seriously regrets that now but, at the time, there was no hint that this was bad. Sure, it was odd, but it was totally plausible that some government process had decreed that some minimum amount of entropy must be included or something so, whatever. Nobody planned to implement it and nobody really cared.
In hindsight, that was naïve—on the part of everyone. But casting aspersions on ekr because of it is just codswallop.
> I bet he seriously regrets that now but, at the time, there was no hint that this was bad.
Before the recent whistleblower revelations (2013 - present), there was very little evidence that the NSA was overwhelmingly nefarious. If they had given me a job offer back in the day, I probably would have accepted it. Nowadays, even associating with them can kill your brand (for good reason) and I'll give them a blanket refusal.
This conspiracy theory / slander towards ekr seems ridiculous. Guilt by association doesn't apply here.
After doing some research into this topic (Extended Random, which was drafted by Eric Rescorla, and how it makes exploiting the native holes in dual elliptical curve easier) I think asking questions about their role and responsibilities within Mozilla are valid.
If this dude is in charge of anything non-crypto related then fine, whatever. But if he is responsible for TLS/SSL or similar, then I have "concerns" given their personal history with the NSA and pushing crypto backdoors.
I do not believe that you actually believe EKR is an NSA plant, Mr. Kamp.
I'm familiar with your writing and believe you could produce any number of valid, incisive critiques of the IETF TLS standards process (I'm no fan of it myself).
That being the case, you might want to be wary that you're unintentionally lending your name to a whispering campaign. The question of whether TLS is inept is orthogonal to the question of EKR's motives. Nobody involved in the IETF TLS effort during OpaquePRF did an especially great job of honing TLS into a coherent and secure transport protocol, but many of them worked very hard and in good faith to try.
Thank you for giving such a clear explanation of the realpolitik affecting the Free Software community. "Operation Orchestra" is an incredible talk which had a significant impact on me.
It's such a difficult question. I've read the mozilla bug thread and it's pretty obvious to me that he is simply stonewalling legitimate suggestions. In a previous life I've implemented STUN, TURN and ICE and I think the suggestion to allow users to be prompted when it is used is a reasonable one. Enabling it by default is irresponsible IMHO. Having a big global switch would make it practically useless (unless you are IPV6 or VPN usage only) because you would constantly be turning it off and on. The only other reasonable option is to enable it with a whitelist of sites, but that's almost certainly unapproachable by most users.
However, there is a big difference between a "my way or the highway", holier than thou, ass hat developer and someone who is intentionally breaking stuff. Anybody who has tried to use the GNOME desktop using multiple languages that require an IME will know that this kind of stuff happens all the time. No amount of discussion can dissuade some developers from unthinkingly rejecting ideas that aren't their own. Arguments like "I can't use my computer anymore" often don't trump "It will make the design messy". What chance does "We need to warn users about leakage of private information in ways they have no hope of understanding" have?
I'd be pretty uncomfortable tracking people's past associations and deciding what things they are or are not allowed to work on. It reminds me of a McCarthy style blacklist and no matter what the risk, I think that's unacceptible.
I think we need to ask ourselves: why does software freedom exist? My personal answer is so that I don't have to worry about whether someone is intentionally breaking stuff or whether they are breaking stuff because they are stubborn (or stupid -- though the person in question does not strike me as being stupid). We can never force people to act the way we wish them to act, but at least we can provide another option.
Basing decisions only on past associations is something to be avoided, but that this particular case is not just about the past: much of the complaint is about the current issue involving the stonewalling that you mentioned. The past associations become relevant when they directly affect a current situation.
From Bamford's books, I get that the NSA has historically relied on moles within US firms for privileged access. They've either groomed and planted them, or appealed to their patriotism. They've typically focused on engineers, and have not involved management.
Some have claimed that Eric Rescorla's privacy is being violated. I don't believe that's so, because his role in these matters has made him a public figure.
There's a huge difference between writing a paper saying "this algorithm seems good/secure" and actually backdooring an algorithm yourself. He did not work for the NSA, and there is no evidence he was aware of, let alone involved with, designing the "key escrow" in Dual_EC_DRBG.
Unless evidence of that comes to light, I don't see why his integrity should be questioned.
His work at Mozilla is in the code base. Can you find anyplace where he has specifically weakened the crypto for his masters at the NSA? Or are you assuming that he has sprinkled evil magic fairy dust so the NSA can subvert any Mozilla code with a simple spell and unicorn blood?
I read through the discussion you listed. Maybe my NSA paranoia settings aren't set to ultra supermax high but most of the relevant discussion on that thread were about
the nitty gritty about how WebRTC works (that part was interesting BTW), not covering a black ops conspiracy for the NSA.
Brian Smith, Eric Rescorla, Julien Vehent... all of these individuals have dragged their feet on certain security/privacy issues in the past in ways that could have benefited intelligence agencies, particularly pre-Snowden when scrutiny was arguably far lower. They've also all done pretty positive things at one point or another: there's some nuance there.
I would encourage anyone with time/interest in these issues to get to know these people personally if possible and to think critically about their pre-Snowden attitudes toward engineering choices related to privacy/security as reflected in their code contributions or policy decisions, rather than simply wielding pitchforks..
I'm sorry but isn't that precisely the point of open-source? You can see all the work this guy has done. If you don't trust him, you can check his code and decisions.
I'm not interested in individual employees but to my ear the push inside Mozilla to deprecate HTTP in Firefox sounds like it could be part of an overarching NSA agenda to make web-scale traffic analysis far easier by reducing the web's decentralized nature. Not to mention it would make the web less green since more CPU would be needed to push all those extra bytes.
The ratio of comments to votes in this thread is a perfect example of the "chilling effect" surrounding this topic and the limits it creates on free speech.
the same really. I don't think anyone will know for sure. The poor guy might just have not caught the issues back then. Or maybe it was malicious and still is.
It's hard to say. In these cases, the wisest option is "innocent until proved guilty". False positives are worse than false negatives.
That's probably more attributable to knowledge of HN's algorithms basing article ranking on the upvote/comment ratio than on any sort of "chilling effect".
No. This isn't private information. The code is open source and his public employment and presentations are not private. There's a very reasonable mechanism to develop intent, and the arrow of time points in the right direction (would anyone care if he went from Mozilla to NSA? Not likely). The potential for a mole in something as critical as Firefox is non-trivial.
A leak isn't a threat, but a false-flag operation is very much in the cards.
On one hand, I see what you're saying here. I would far rather live in a world where hiring and firing decisions came from quality of code produced, and quality of interactions with colleagues, than just about any other metric.
On the other hand, the tech community has already legitimized social shaming as a method for getting people out of jobs cf. Brendan Eich, and if this is what we're using
to make these sorts of decisions, then I can totally get behind the idea of working at the NSA equating to something shameful.
But what's shameful next month?
So. Like most nerds, all I'd really like to see is some consistency.
> the tech community has already legitimized social shaming as a method for getting people out of jobs cf. Brendan Eich
We shouldn't treat dumb shit like that as any kind of binding precedent. Just because the "tech community" has gone on silly witch hunts before doesn't justify any and all future witch hunts.
good. NSA employees may be singularly unconscious to not know who they are working for, but at some point they have to start taking personal responsibility for their actions. if the 'free market' punishes them, then good i say.
So if someone leaves the NSA because they disagree with the actions of the NSA, they should still be "punished" by the free market? That seems... counterproductive.
Hmm, this seems rather callous considering. It seems to me it is rather presumptuous to attempt to get someone fired because of their history -- unless you have evidence that this person is doing the things that you say. In this case it seems that he is legitimate.
I am not saying do not treat them with suspicion and scrutiny.
We're all for public inquiry into serious matters, but the internet is quick to smear people and I shudder at HN being used that way.
Lack of evidence or credible track record by the accuser makes this indistinguishable from concern trolling. That's a shitty thing to do to another human being, and you can't do it here.
User flags killed the thread before I finished writing my comment, so moderator intervention turned out not to be needed. Had it been needed, we would have done it, but I'm glad the community is on the same wavelength that we are.