From ben at links.org Thu Aug 1 12:06:07 2013 From: ben at links.org (Ben Laurie) Date: Thu, 1 Aug 2013 12:06:07 +0100 Subject: Updated Certificate Transparency site Message-ID: Since there was some puzzlement over CT, I thought it might be of interest that we have revamped the site: http://www.certificate-transparency.org/. Comments and questions welcome. From Richard.Hopkins at bristol.ac.uk Thu Aug 1 12:50:31 2013 From: Richard.Hopkins at bristol.ac.uk (Richard Hopkins) Date: Thu, 01 Aug 2013 12:50:31 +0100 Subject: Updated Certificate Transparency site In-Reply-To: References: Message-ID: --On 01 August 2013 12:06 +0100 Ben Laurie wrote: > Since there was some puzzlement over CT, I thought it might be of > interest that we have revamped the site: > http://www.certificate-transparency.org/. > > Comments and questions welcome. > Wonder why Google decided to bung Ben's email in my "spam" folder? ;-) Richard http://www.bris.ac.uk/infosec From ben at links.org Sat Aug 3 14:48:47 2013 From: ben at links.org (Ben Laurie) Date: Sat, 3 Aug 2013 14:48:47 +0100 Subject: Certificate Transparency Hack Day In-Reply-To: <51E984B4.8010708@ernest.net> References: <51E980AD.8050502@zen.co.uk> <51E984B4.8010708@ernest.net> Message-ID: On 19 July 2013 19:25, Nicholas Bohm wrote: > On 19/07/2013 19:08, Peter Fairbrother wrote: >> On 19/07/13 11:31, Ben Laurie wrote: >>> The Certificate Transparency team >> >> What exactly is Certificate Transparency? I'm thinking it has >> something to do with the little padlocks on browsers, but .. > > I didn't understand it either; but then I didn't expect to. > > (I think it's to do with being able to tell whether the certificate used > by a site is the one you'd expect, so as to help detect MITM attacks.) > > But I think it's clear you ought to go and find out (balloons or no > balloons), and maybe explain to us all. By the way. we updated the website, hopefully it makes it clearer: http://www.certificate-transparency.org/ > > Nick > -- > Contact and PGP key here > From nbohm at ernest.net Sun Aug 4 10:52:02 2013 From: nbohm at ernest.net (Nicholas Bohm) Date: Sun, 04 Aug 2013 10:52:02 +0100 Subject: Certificate Transparency Hack Day In-Reply-To: References: <51E980AD.8050502@zen.co.uk> <51E984B4.8010708@ernest.net> Message-ID: <51FE2442.9050306@ernest.net> On 03/08/2013 14:48, Ben Laurie wrote: > On 19 July 2013 19:25, Nicholas Bohm wrote: >> On 19/07/2013 19:08, Peter Fairbrother wrote: >>> On 19/07/13 11:31, Ben Laurie wrote: >>>> The Certificate Transparency team >>> What exactly is Certificate Transparency? I'm thinking it has >>> something to do with the little padlocks on browsers, but .. >> I didn't understand it either; but then I didn't expect to. >> >> (I think it's to do with being able to tell whether the certificate used >> by a site is the one you'd expect, so as to help detect MITM attacks.) >> >> But I think it's clear you ought to go and find out (balloons or no >> balloons), and maybe explain to us all. > By the way. we updated the website, hopefully it makes it clearer: > http://www.certificate-transparency.org/ > Thank you; I think it does. As it achieves adoption, it will increasingly mitigate risks of relying on an improperly issued certificate. Some of it relies on browser-vendors issuing updates to remove untrustworthy CAs from users' browsers, and on users being set up to receive and implement updates; or on users having some way of learning which CAs they would be wise to remove themselves. It therefore addresses some significant flaws in the current system. Just to put it in context, however, it needs to be viewed in the light of the very limited reliance that a user can wisely place on a genuine certificate. The CA business model (inevitably) rewards the CA that does the least checking of those to whom it issues certificates, and that allows the least liability exposure to those who suffer by relying on a certificate. One way of describing this is to say that the margin of trustworth conveyed by a genuine certificate as compared with a false one is as small as the issuing CA can get away with making it. This I find altogether a more fundamental problem than those which Certificate Transparency is aiming to address. That is no criticism of CT, which seems to me admirable. But it is relevant background for taking a view about how much better it will make the system as a whole. Nick -- Contact and PGP key here From g+ukcrypto at cobb.uk.net Mon Aug 12 14:12:02 2013 From: g+ukcrypto at cobb.uk.net (Graham Cobb) Date: Mon, 12 Aug 2013 14:12:02 +0100 Subject: Certificate Transparency Hack Day In-Reply-To: References: <51E980AD.8050502@zen.co.uk> <51E984B4.8010708@ernest.net> Message-ID: <5208DF22.5030709@cobb.uk.net> On 03/08/13 14:48, Ben Laurie wrote: > By the way. we updated the website, hopefully it makes it clearer: > http://www.certificate-transparency.org/ I have read through the material and I have one question... How does CT interact with self-signed or other limited CAs (such as enterprise CAs)? There are some more detailed questions as well... Can CT be used with self-signed certificates (in theory and/or in practice -- will any log actually accept certificates from private CAs)? If a log does accept a self-signed certificate from a personal CA does that in any way prevent anyone else from issuing a certificate for the same domain (either self-signed, or from a major CA)? If a log does accept self-signed certificates, what happens if I try to submit a self-signed certificate for www.google.com? Can an enterprise or individual run their own log for their certificates and configure their client to handle both public and private logs? Apologies if these should be obvious. Graham From alec.muffett at gmail.com Mon Aug 12 22:56:23 2013 From: alec.muffett at gmail.com (Alec Muffett) Date: Mon, 12 Aug 2013 22:56:23 +0100 Subject: Certificate Transparency Hack Day In-Reply-To: <5208DF22.5030709@cobb.uk.net> References: <51E980AD.8050502@zen.co.uk> <51E984B4.8010708@ernest.net> <5208DF22.5030709@cobb.uk.net> Message-ID: Any news on the hack day? -a -------------- next part -------------- An HTML attachment was scrubbed... URL: From ben at links.org Tue Aug 13 16:17:04 2013 From: ben at links.org (Ben Laurie) Date: Tue, 13 Aug 2013 11:17:04 -0400 Subject: Certificate Transparency Hack Day Message-ID: The Certificate Transparency hack day will take place at Google?s London offices on Wednesday, the 28th of August, 2013. Please sign up on this form by August 22nd, to let us know you plan to attend. Where & When: The hack day will be at Google?s offices in Belgrave House, 76 Buckingham Palace Road, London, SW1W 9TQ . Breakfast is at 8:30am, badges will be handed out at Belgrave House reception. The day itself will start with Ben?s introduction at 9am, ending by 6pm, with a lunch break at around 1:30pm. There?ll be drinks at a nearby pub afterwards. What to prepare: In order to make the most of the time we have on the day, you?ll need to do a little preparation. Please bring your own laptop with either: * A copy of the CT repository- check you have all the necessary dependencies and are able to compile it(instructions here), or * A copy of CT development Linux VMware image (available with instructions here ) Regards, Ben and the Certificate Transparency team at Google -------------- next part -------------- An HTML attachment was scrubbed... URL: From ben at links.org Tue Aug 13 16:17:26 2013 From: ben at links.org (Ben Laurie) Date: Tue, 13 Aug 2013 11:17:26 -0400 Subject: Certificate Transparency Hack Day In-Reply-To: References: <51E980AD.8050502@zen.co.uk> <51E984B4.8010708@ernest.net> <5208DF22.5030709@cobb.uk.net> Message-ID: On 12 August 2013 17:56, Alec Muffett wrote: > Any news on the hack day? > I just sent out the official invite. > > -a > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From lists at casparbowden.net Tue Aug 13 12:58:34 2013 From: lists at casparbowden.net (Caspar Bowden (lists)) Date: Tue, 13 Aug 2013 12:58:34 +0100 Subject: return of key-escrow: UK PKI Strategy cites bogus RIPA rationale In-Reply-To: <520A1F06.1070002@PrivacyStrategy.eu> References: <520A1F06.1070002@PrivacyStrategy.eu> Message-ID: <520A1F6A.5030108@casparbowden.net> Hadn't noticed any commentary on this... ? (Feb 28 2013) PKI Strategy and Implementation Strategy (occurs in both) * "For example key escrow *may be required* for private encryption keys in some services (*to comply with* Regulation of Investigatory Powers Act Section 3)" but FIPR 9/5/2000 * Surprisingly Mr.Clarke amended S.69 [Hansard link - at bottom] to exempt company directors from liability under Part.III - that is, they are no longer personally liable for failure of their company to comply with a decryption notice. This was the chief cause of FIPR's diagnosis of government strategy as being that of "key escrow by intimidation" - however it still leaves individuals and company employees in the firing line. ? Caspar Bowden -------------- next part -------------- An HTML attachment was scrubbed... URL: From amidgley at gmail.com Tue Aug 13 20:27:23 2013 From: amidgley at gmail.com (Adrian Midgley) Date: Tue, 13 Aug 2013 20:27:23 +0100 Subject: return of key-escrow: UK PKI Strategy cites bogus RIPA rationale In-Reply-To: <520A1F6A.5030108@casparbowden.net> References: <520A1F06.1070002@PrivacyStrategy.eu> <520A1F6A.5030108@casparbowden.net> Message-ID: Zombie ideas. >From Dr Adrian Midgley's hand On 13 Aug 2013 16:20, "Caspar Bowden (lists)" wrote: > Hadn't noticed any commentary on this... ? > > (Feb 28 2013) PKI Strategyand Implementation > Strategy(occurs in both) > > - "For example key escrow *may be required* for private encryption > keys in some services (*to comply with* Regulation of Investigatory > Powers Act Section 3)" > > but FIPR 9/5/2000 > > - Surprisingly Mr.Clarke amended S.69[Hansard link - at bottom] to exempt company directors from liability under > Part.III - that is, they are no longer personally liable for failure of > their company to comply with a decryption notice. This was the chief cause > of FIPR's diagnosis of government strategy as being that of "key escrow by > intimidation" - however it still leaves individuals and company employees > in the firing line. > > ? > > Caspar Bowden > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From igb at batten.eu.org Thu Aug 15 12:31:45 2013 From: igb at batten.eu.org (Ian Batten) Date: Thu, 15 Aug 2013 12:31:45 +0100 Subject: [CompSecSem] Encrypted Email Provider Lavabit Shuts Down, Blames US Gov't - Slashdot In-Reply-To: References: <52040A28.70804@cs.bham.ac.uk> Message-ID: On 15 Aug 2013, at 12:11, Mark Ryan wrote: > > On Thu, 8 Aug 2013, Chris Novakovic wrote: >> Lavabit was (allegedly) the mail >> provider being used by Edward Snowden. The closure message on Lavabit's >> home page implies that it was the subject of a national security letter. >> http://yro.slashdot.org/story/13/08/08/1956215/encrypted-email-provider-lavabit-shuts-down-blames-us-govt > > There is a (to me) fascinating video interview with Ladar Levison, the founder and operator of Lavabit, and another recipient of a "national security letter": > > http://www.democracynow.org/2013/8/13/exclusive_owner_of_snowdens_email_service > > It also contains a 2005 clip of then-senator Barack Obama giving a different opinion on national security letters than the one he appears to have today. Labour, prior to the 1997 general election, said of pretty well all forms of interception, key escrow and the like that they were wrong in principle and unworkable in practice. A group called "Scientists for Labour", who included people like Roger Needham, endorsed this policy document and said that their off-the-record discussions confirmed that Labour believed it and would live by it. Within about six months, Jack Straw as Home Secretary had launched the discussions which led to RIPA, with the earlier drafts far scarier than the result. The same thing happened with Clinton over "Clipper" and key escrow. Presumably likewise for Obama. The theory at the time was that upon entering office, liberal doves were taken into a room and given "The Briefing" about the alleged horrors from which the intelligence services allegedly keep us safe. They emerged as full-blooded intelligence hawks, willing to give the agencies everything they asked for, and more. ian From lists at casparbowden.net Thu Aug 15 14:05:05 2013 From: lists at casparbowden.net (Caspar Bowden (lists)) Date: Thu, 15 Aug 2013 14:05:05 +0100 Subject: [CompSecSem] Encrypted Email Provider Lavabit Shuts Down, Blames US Gov't - Slashdot In-Reply-To: References: <52040A28.70804@cs.bham.ac.uk>

Message-ID: <520CD201.8080507@casparbowden.net> On 08/15/13 12:31, Ian Batten wrote: > On 15 Aug 2013, at 12:11, Mark Ryan wrote: >> There is a (to me) fascinating video interview with Ladar Levison, >> the founder and operator of Lavabit, and another recipient of a >> "national security letter": >> http://www.democracynow.org/2013/8/13/exclusive_owner_of_snowdens_email_service >> It also contains a 2005 clip of then-senator Barack Obama giving a >> different opinion on national security letters than the one he >> appears to have today. > Labour, prior to the 1997 general election, said of pretty well all forms of interception, key escrow and the like that they were wrong in principle and unworkable in practice. A group called "Scientists for Labour" actually it was me wot got SfL into the crypto issue. > , who included people like Roger Needham, endorsed this policy document Don't know if Roger involved via Labour. The pledge against escrow hatched by well-known Net journalist. > and said that their off-the-record discussions confirmed that Labour believed it and would live by it. > > Within about six months, See for more http://www.fipr.org/rip/Cryptfree.htm > Jack Straw as Home Secretary had launched the discussions which led to RIPA, with the earlier drafts far scarier than the result. > > The same thing happened with Clinton over "Clipper" and key escrow. Presumably likewise for Obama. In case of interest (me) at http://www.independent.co.uk/voices/comment/prism-the-eu-must-take-steps-to-protect-cloud-data-from-us-snoopers-8701175.html Caspar From igb at batten.eu.org Thu Aug 15 14:17:18 2013 From: igb at batten.eu.org (Ian Batten) Date: Thu, 15 Aug 2013 14:17:18 +0100 Subject: [CompSecSem] Encrypted Email Provider Lavabit Shuts Down, Blames US Gov't - Slashdot In-Reply-To: <520CD201.8080507@casparbowden.net> References: <52040A28.70804@cs.bham.ac.uk>

<520CD201.8080507@casparbowden.net> Message-ID: <1F774079-34E9-4F09-A224-F80595783FEF@batten.eu.org> Yeah, sorry, while putting the to-list cc back into a departmental mailing list I confused two similarly named lists. This wasn't meant for ukcrypto. Apologies to all. ian On 15 Aug 2013, at 14:05, "Caspar Bowden (lists)" wrote: > On 08/15/13 12:31, Ian Batten wrote: >> On 15 Aug 2013, at 12:11, Mark Ryan wrote: >>> There is a (to me) fascinating video interview with Ladar Levison, the founder and operator of Lavabit, and another recipient of a "national security letter": http://www.democracynow.org/2013/8/13/exclusive_owner_of_snowdens_email_service It also contains a 2005 clip of then-senator Barack Obama giving a different opinion on national security letters than the one he appears to have today. >> Labour, prior to the 1997 general election, said of pretty well all forms of interception, key escrow and the like that they were wrong in principle and unworkable in practice. A group called "Scientists for Labour" > > actually it was me wot got SfL into the crypto issue. > >> , who included people like Roger Needham, endorsed this policy document > > Don't know if Roger involved via Labour. The pledge against escrow hatched by well-known Net journalist. > >> and said that their off-the-record discussions confirmed that Labour believed it and would live by it. >> >> Within about six months, > > See for more http://www.fipr.org/rip/Cryptfree.htm > >> Jack Straw as Home Secretary had launched the discussions which led to RIPA, with the earlier drafts far scarier than the result. >> >> The same thing happened with Clinton over "Clipper" and key escrow. Presumably likewise for Obama. > > In case of interest (me) at http://www.independent.co.uk/voices/comment/prism-the-eu-must-take-steps-to-protect-cloud-data-from-us-snoopers-8701175.html > > Caspar From lists at internetpolicyagency.com Thu Aug 15 15:19:26 2013 From: lists at internetpolicyagency.com (Roland Perry) Date: Thu, 15 Aug 2013 15:19:26 +0100 Subject: Certificate Transparency Hack Day In-Reply-To: References: Message-ID: In article , Ben Laurie writes >Breakfast is at 8:30am, badges will be handed out at Belgrave House >reception. > >The day itself will start with Ben?s introduction at 9am As a completely tangential issue, I hate these events that are planned by people in London, for people in London. 10am is a more respectable starting time, if you have ambitions for an audience of people living outside the M25. -- Roland Perry From bdm at fenrir.org.uk Thu Aug 15 11:00:34 2013 From: bdm at fenrir.org.uk (Brian Morrison) Date: Thu, 15 Aug 2013 11:00:34 +0100 Subject: Register article on using non-randomness of encrypted file content to reduce time needed to decrypt by brute force Message-ID: <20130815110034.00005541@surtees.fenrir.org.uk> Not seen this mentioned anywhere else yet: http://www.theregister.co.uk/2013/08/14/research_shakes_crypto_foundations/ Any opinions from those with direct knowledge of such techniques? -- Brian Morrison From D.M.Pick at qmul.ac.uk Thu Aug 15 12:39:48 2013 From: D.M.Pick at qmul.ac.uk (David Pick) Date: Thu, 15 Aug 2013 12:39:48 +0100 Subject: [CompSecSem] Encrypted Email Provider Lavabit Shuts Down, Blames US Gov't - Slashdot In-Reply-To: References: <52040A28.70804@cs.bham.ac.uk>

Message-ID: <520CBE04.9030202@qmul.ac.uk> On 15/08/13 12:31, Ian Batten wrote: > > > The theory at the time was that upon entering office, liberal doves were > taken into a room and given "The Briefing" about the alleged horrors from > which the intelligence services allegedly keep us safe. They emerged as > full-blooded intelligence hawks, willing to give the agencies everything > they asked for, and more. ...and none of them were willing to take the risk that there might be a genuine failure of intelligence leading to a successful terrorist attack for which they might be blamed (afterwards) because they resisted surveillance which, if only it had been allowed, would *of course* have prevented the attack. This is a consideration that only applies while you're "in Office"... -- David Pick Network Security Manager, IT Services Queen Mary University of London Tel: +44 (0) 20 7882 7079 Mob: +44 (0) 7973 379 161 E-Mail: D.M.Pick at qmul.ac.uk From mozolevsky at gmail.com Thu Aug 15 16:00:49 2013 From: mozolevsky at gmail.com (Igor Mozolevsky) Date: Thu, 15 Aug 2013 16:00:49 +0100 Subject: Register article on using non-randomness of encrypted file content to reduce time needed to decrypt by brute force In-Reply-To: <20130815110034.00005541@surtees.fenrir.org.uk> References: <20130815110034.00005541@surtees.fenrir.org.uk> Message-ID: On 15 August 2013 11:00, Brian Morrison wrote: > > Not seen this mentioned anywhere else yet: > > http://www.theregister.co.uk/2013/08/14/research_shakes_crypto_foundations/ > > Any opinions from those with direct knowledge of such techniques? Isn't the conventional wisdom to compress before encrypting to prevent thing like that? -- Igor M. From ben at links.org Thu Aug 15 16:56:12 2013 From: ben at links.org (Ben Laurie) Date: Thu, 15 Aug 2013 11:56:12 -0400 Subject: Certificate Transparency Hack Day In-Reply-To: References: Message-ID: On 15 August 2013 10:19, Roland Perry wrote: > In article mail.gmail.com>, > Ben Laurie writes > > Breakfast is at 8:30am, badges will be handed out at Belgrave House >> reception. >> >> The day itself will start with Ben?s introduction at 9am >> > > As a completely tangential issue, I hate these events that are planned by > people in London, for people in London. 10am is a more respectable starting > time, if you have ambitions for an audience of people living outside the > M25. FWIW, I live in Wales. > > -- > Roland Perry > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From tonynaggs at gmail.com Thu Aug 15 17:28:10 2013 From: tonynaggs at gmail.com (Tony Naggs) Date: Thu, 15 Aug 2013 17:28:10 +0100 Subject: Register article on using non-randomness of encrypted file content to reduce time needed to decrypt by brute force In-Reply-To: <20130815110034.00005541@surtees.fenrir.org.uk> References: <20130815110034.00005541@surtees.fenrir.org.uk> Message-ID: I cannot see what is news in the Register or MIT descriptions, though I have not yet read the referenced PDF. Where the range of valid plaintexts is relatively small there are opportunities for an attacker with access to the ciphertext to improve their strategy for guessing the decryption key. In classic character by character encryption most encryption schemes are vulnerable to techniques such as frequency analysis. Mitigations for modern (mostly block) ciphers increase the entropy in the plaintext, e.g. compression before encryption (as practiced by PGP), padding with random nonces, using chained encryption modes instead of Electronic Code Book, (NIST make specific suggestions for the best modes to use with DES and AES). Ttfn, Tony -------------- next part -------------- An HTML attachment was scrubbed... URL: From lists at internetpolicyagency.com Thu Aug 15 17:54:51 2013 From: lists at internetpolicyagency.com (Roland Perry) Date: Thu, 15 Aug 2013 17:54:51 +0100 Subject: Certificate Transparency Hack Day In-Reply-To: References:

Message-ID: <2vOEpeZbfQDSFA+T@perry.co.uk> In article , Ben Laurie writes >As a completely tangential issue, I hate these events that are planned >by people in London, for people in London. 10am is a more respectable >starting time, if you have ambitions for an audience of people living >outside the M25. > >FWIW, I live in Wales And what time will you need to leave home to get to London by 8.30am? Or does Google expect you to pay in the region of ?100 to stay in London overnight. Even if they were paying your hotel bill (something I doubt they'll do for the regular attendees) it stretches the exercise well into the previous day. -- Roland Perry From ben at links.org Thu Aug 15 17:59:33 2013 From: ben at links.org (Ben Laurie) Date: Thu, 15 Aug 2013 12:59:33 -0400 Subject: Certificate Transparency Hack Day In-Reply-To: <2vOEpeZbfQDSFA+T@perry.co.uk> References:

<2vOEpeZbfQDSFA+T@perry.co.uk> Message-ID: On 15 August 2013 12:54, Roland Perry wrote: > In article mail.gmail.com >, Ben Laurie writes > > As a completely tangential issue, I hate these events that are planned by >> people in London, for people in London. 10am is a more respectable starting >> time, if you have ambitions for an audience of people living outside the >> M25. >> >> FWIW, I live in Wales >> > > And what time will you need to leave home to get to London by 8.30am? > > Or does Google expect you to pay in the region of ?100 to stay in London > overnight. > > Even if they were paying your hotel bill (something I doubt they'll do for > the regular attendees) it stretches the exercise well into the previous day. If you want to come, you are welcome to arrive at 10. My point was it was not planned by people in London :-) > > -- > Roland Perry > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From zenadsl6186 at zen.co.uk Thu Aug 15 18:41:28 2013 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Thu, 15 Aug 2013 18:41:28 +0100 Subject: Register article on using non-randomness of encrypted file content to reduce time needed to decrypt by brute force In-Reply-To: <20130815110034.00005541@surtees.fenrir.org.uk> References: <20130815110034.00005541@surtees.fenrir.org.uk> Message-ID: <520D12C8.3050101@zen.co.uk> On 15/08/13 11:00, Brian Morrison wrote: > > Not seen this mentioned anywhere else yet: > > http://www.theregister.co.uk/2013/08/14/research_shakes_crypto_foundations/ > > Any opinions from those with direct knowledge of such techniques? Lot of hot air. Maybe useful for coding theorists, but nothing new relevant to cryptography. I don't think the authors are crypto mainstream. "Abstract?Consider the situation where a word is chosen probabilistically from a finite list. If an attacker knows the list and can inquire about each word in turn, then selecting the word via the uniform distribution maximizes the attacker?s difficulty, its Guesswork, in identifying the chosen word. It is tempting to use this property in cryptanalysis of computationally secure ciphers by assuming coded words are drawn from a source?s typical set and so, for all intents and purposes, uniformly distributed within it. By applying recent results on Guesswork, for i.i.d. sources, it is this equipartition ansatz that we investigate here. In particular, we demonstrate that the expected Guesswork for a source conditioned to create words in the typical set grows, with word length, at a lower exponential rate than that of the uniform approximation, suggesting use of the approximation is ill-advised." Well that's all very interesting, but sensible cryptographers just know better than to use that approximation. Actually that's maybe not altogether true - sometimes bad cryptographers do. For instance, consider debit/credit card PIN numbers. A pickpocket gets three chances at guessing a PIN number for a card, and maybe 12 guesses if a) the stolen wallet has 4 cards in it, and b) the person uses the same PIN for all the cards. So, if the pickpocket chooses 12 PINs at random he has about a 1% chance of correctly guessing a PIN. However, PINS are not evenly distributed - people use 1234 more often than 6948. If our pickpocket uses the 12 most commonly-used PINs he has a better than 17% chance of guessing a correct PIN for the 4-card/same-PIN wallet. Now the banks may say that the chance of guessing a PIN is 1 in 10,000 or one in 3,333 for a card or 1 in 833 for a wallet -- when the real chance is about 1 in 20 overall for a wallet -- but that's just bad cryptography, and using the uniform equipartition assumption when it is ill-advised. Real cryptographers don't do that. Look at a cryptographer's theoretical brute-force attacks on ciphers - though ciphertext-only attacks are sometimes considered, typically we start with a known-plaintext attack, and go to via chosen plaintext attacks to adaptive chosen ciphertext attacks. No assumptions about equipartition or uniformity there. BTW, I also don't think they in any way say that Shannon was wrong, just that some assumptions some people (I assume coding theorists and bad cryptographers) make about Shannon aren't always correct. -- Peter Fairbrother From pwt at iosis.co.uk Thu Aug 15 22:57:15 2013 From: pwt at iosis.co.uk (Peter Tomlinson) Date: Thu, 15 Aug 2013 22:57:15 +0100 Subject: Certificate Transparency Hack Day In-Reply-To: <2vOEpeZbfQDSFA+T@perry.co.uk> References:

<2vOEpeZbfQDSFA+T@perry.co.uk> Message-ID: <520D4EBB.9040307@iosis.co.uk> Sometimes not that bad in London. For example, Travelodge offers at least 3 hotels at ?60 or just under for the 27th if you book today. But for 10th Sept I wasn't offered anything under ?160 when I booked a room about 2 weeks ago, so I'm staying some distance out of town (does indeed waste time the previous day, but I'm meeting up with a mate and also getting cheap travel tickets). And where do I live? Bristol. Peter On 15/08/2013 17:54, Roland Perry wrote: > Or does Google expect you to pay in the region of ?100 to stay in > London overnight. From chl at clerew.man.ac.uk Fri Aug 16 09:37:35 2013 From: chl at clerew.man.ac.uk (Charles Lindsey) Date: Fri, 16 Aug 2013 09:37:35 +0100 Subject: Register article on using non-randomness of encrypted file content to reduce time needed to decrypt by brute force In-Reply-To: <20130815110034.00005541@surtees.fenrir.org.uk> References: <20130815110034.00005541@surtees.fenrir.org.uk> Message-ID: On Thu, 15 Aug 2013 11:00:34 +0100, Brian Morrison wrote: > Not seen this mentioned anywhere else yet: > > http://www.theregister.co.uk/2013/08/14/research_shakes_crypto_foundations/ > > Any opinions from those with direct knowledge of such techniques? > Isn't that more or less how Colossus worked? -- Charles H. Lindsey ---------At Home, doing my own thing------------------------ Tel: +44 161 436 6131 Web: http://www.cs.man.ac.uk/~chl Email: chl at clerew.man.ac.uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From ukcrypto at sourcetagged.ian.co.uk Fri Aug 16 15:20:35 2013 From: ukcrypto at sourcetagged.ian.co.uk (Ian Mason) Date: Fri, 16 Aug 2013 15:20:35 +0100 Subject: Register article on using non-randomness of encrypted file content to reduce time needed to decrypt by brute force In-Reply-To: References: <20130815110034.00005541@surtees.fenrir.org.uk> Message-ID: On 15 Aug 2013, at 16:00, Igor Mozolevsky wrote: > On 15 August 2013 11:00, Brian Morrison wrote: >> >> Not seen this mentioned anywhere else yet: >> >> http://www.theregister.co.uk/2013/08/14/research_shakes_crypto_foundations/ >> >> Any opinions from those with direct knowledge of such techniques? > > > Isn't the conventional wisdom to compress before encrypting to prevent > thing like that? "Conventional wisdom" - yes, actual wisdom, no. The compression layer in SSL has been used to attack it (http://breachattack.com/). The original article is nothing new - it's just a (partial) known plaintext attack. Any predictability in the underlying plaintext of a cyphertext gives you a handle to attack the cypher with. Most WW2 cryptanalysis was done around known or likely (partial) plaintexts. The moral of the story is, never send anything predictable. If your message is predictable mix something genuinely random into it. > > > -- > Igor M. > From zenadsl6186 at zen.co.uk Fri Aug 16 19:29:07 2013 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Fri, 16 Aug 2013 19:29:07 +0100 Subject: Register article on using non-randomness of encrypted file content to reduce time needed to decrypt by brute force In-Reply-To: References: <20130815110034.00005541@surtees.fenrir.org.uk> Message-ID: <520E6F73.4010902@zen.co.uk> On 16/08/13 09:37, Charles Lindsey wrote: > On Thu, 15 Aug 2013 11:00:34 +0100, Brian Morrison > wrote: > >> Not seen this mentioned anywhere else yet: >> >> http://www.theregister.co.uk/2013/08/14/research_shakes_crypto_foundations/ >> >> >> Any opinions from those with direct knowledge of such techniques? >> > Isn't that more or less how Colossus worked? > Yes, and no, and yes. Yes because Colossus used non-randomness of plaintext to help decrypt. The paper however is about calculating how many guesses it takes to find a solution *_when you order guesses according to the probability that they are correct_*. So also no, because the Colossus machine mostly used non-randomness of plaintext to detect when a (partial) solution had been found, but for eg Tutte's "1+2 break in" the individual tests were not ordered in terms of how likely they were to be correct - the machine just did a batch of tests in non-significant order. And also yes, sort-of, because the Colossus process, as opposed to the machine, also used non-randomness to order the choice of what to test next - most likely first, then next most likely, and so on. The authors don't introduce any new techniques in this paper, just some new thoughts on estimating the number of guesses needed when using the optimum ordering strategy above - try the most likely first, then the next most likely, and so on - to test on non-linearly distributed guess spaces, where some guesses are more probable than others. It seems some approximations which may have been used in calculating how many guesses are needed in those situations are "ill-advised". This isn't significant when considering eg brute-forcing a ciphertext-only attack on a modern cipher with randomly-chosen keys - there is no way to use the low entropy of the plaintext to order the trial keys by the probability that they are correct, so the test keys are effectively chosen at random and the old estimates hold. However if you are brute-forcing eg a user-chosen password in a highly non-linear space, where some choices are much more likely than others, then you can order the trials by likelihood, and if you do then their result for the number of trials needed is lower than that given by some other methods, implying that it is easier to do some theoretical password-type searches than we previously thought it was. This has no significance as far as today's actual practical attacks on passwords are concerned, because for real attacks on passwords we already know about how hard it is to find a match, from practical experience - but maybe some attacks which aren't done at present might be easier than we thought they were, and could be more productive than we thought. However I doubt there will be many of those new situations, as the approximations they have found to be ill-advised aren't widely used by cryptographers. More, experienced cryptographers would likely take any results based on them with a big pinch of salt anyway. I know I would, for other reasons - how do you accurately find the probability of each of a list of passwords being correct? the entropy of a non-linear password space? average/minimum case? distribution of guesswork? what's the entropy of english letters? - long before I wondered whether some math approximations were right or not. It is a bit interesting - but it would have been much more so if they had introduced a methodology for actually calculating the guesses needed, rather than just showing this or that approximation is wrong. And it doesn't shake crypto foundations much, if at all. -- Peter Fairbrother From zenadsl6186 at zen.co.uk Fri Aug 16 20:00:26 2013 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Fri, 16 Aug 2013 20:00:26 +0100 Subject: Register article on using non-randomness of encrypted file content to reduce time needed to decrypt by brute force In-Reply-To: References: <20130815110034.00005541@surtees.fenrir.org.uk>

Message-ID: <520E76CA.2020704@zen.co.uk> On 16/08/13 15:20, Ian Mason wrote: > > On 15 Aug 2013, at 16:00, Igor Mozolevsky wrote: > >> On 15 August 2013 11:00, Brian Morrison wrote: >>> >>> Not seen this mentioned anywhere else yet: >>> >>> http://www.theregister.co.uk/2013/08/14/research_shakes_crypto_foundations/ >>> >>> >>> Any opinions from those with direct knowledge of such techniques? >> >> >> Isn't the conventional wisdom to compress before encrypting to prevent >> thing like that? No. Conventional modern wisdom is to trust the cipher, which has been designed so that it is indistinguishable under partial or even full known plaintext attack (and adaptive chosen plaintext attack, and chosen ciphertext attack, and ...). If the attacker can't guess anything about the key, that should be enough. So keys should be chosen at random, and securely held. That may not be easy .. > "Conventional wisdom" - yes, actual wisdom, no. The compression layer in > SSL has been used to attack it (http://breachattack.com/). > > The original article is nothing new - it's just a (partial) known > plaintext attack. ??? Any predictability in the underlying plaintext of a > cyphertext gives you a handle to attack the cypher with. With a modern cipher the handle should be so slippery it gives you no traction at all. > Most WW2 > cryptanalysis was done around known or likely (partial) plaintexts. Yes - but that for WW2 ciphers, not modern ones. > The > moral of the story is, never send anything predictable. If your message > is predictable mix something genuinely random into it. There is no longer any need to avoid sending predictable messages. Except if it's predictable, why bother sending it? :) -- Peter Fairbrother > >> >> >> -- >> Igor M. >> > > > From mozolevsky at gmail.com Fri Aug 16 22:52:51 2013 From: mozolevsky at gmail.com (Igor Mozolevsky) Date: Fri, 16 Aug 2013 22:52:51 +0100 Subject: Register article on using non-randomness of encrypted file content to reduce time needed to decrypt by brute force In-Reply-To: References: <20130815110034.00005541@surtees.fenrir.org.uk>

Message-ID: On 16 August 2013 15:20, Ian Mason wrote: > > On 15 Aug 2013, at 16:00, Igor Mozolevsky wrote: > >> On 15 August 2013 11:00, Brian Morrison wrote: >> >>> >>> Not seen this mentioned anywhere else yet: >>> >>> http://www.theregister.co.uk/**2013/08/14/research_shakes_** >>> crypto_foundations/ >>> >>> Any opinions from those with direct knowledge of such techniques? >>> >> >> Isn't the conventional wisdom to compress before encrypting to prevent >> thing like that? >> > > "Conventional wisdom" - yes, actual wisdom, no. The compression layer in > SSL has been used to attack it (http://breachattack.com/). > If I understand the paper correctly, the relies on knowing a part of the plaintext prior to the compression (and at 4.2 the authors say *if* one can inject known payload into plaintext then the attack would potentially work)?.. -- Igor M. -------------- next part -------------- An HTML attachment was scrubbed... URL: From ben at links.org Mon Aug 19 12:04:14 2013 From: ben at links.org (Ben Laurie) Date: Mon, 19 Aug 2013 07:04:14 -0400 Subject: return of key-escrow: UK PKI Strategy cites bogus RIPA rationale In-Reply-To: <520A1F6A.5030108@casparbowden.net> References: <520A1F06.1070002@PrivacyStrategy.eu> <520A1F6A.5030108@casparbowden.net> Message-ID: On 13 August 2013 07:58, Caspar Bowden (lists) wrote: > Hadn't noticed any commentary on this... ? > > (Feb 28 2013) PKI Strategyand Implementation > Strategy(occurs in both) > > - "For example key escrow *may be required* for private encryption > keys in some services (*to comply with* Regulation of Investigatory > Powers Act Section 3)" > > but FIPR 9/5/2000 > > - Surprisingly Mr.Clarke amended S.69[Hansard link - at bottom] to exempt company directors from liability under > Part.III - that is, they are no longer personally liable for failure of > their company to comply with a decryption notice. This was the chief cause > of FIPR's diagnosis of government strategy as being that of "key escrow by > intimidation" - however it still leaves individuals and company employees > in the firing line. > > PSN is a company with directors? > > > ? > > Caspar Bowden > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From lists at casparbowden.net Mon Aug 19 12:37:26 2013 From: lists at casparbowden.net (Caspar Bowden (lists)) Date: Mon, 19 Aug 2013 12:37:26 +0100 Subject: return of key-escrow: UK PKI Strategy cites bogus RIPA rationale In-Reply-To: References: <520A1F06.1070002@PrivacyStrategy.eu> <520A1F6A.5030108@casparbowden.net> Message-ID: <52120376.1090905@casparbowden.net> On 08/19/13 12:04, Ben Laurie wrote: > On 13 August 2013 07:58, Caspar Bowden (lists) > wrote: > > Hadn't noticed any commentary on this... ? > > (Feb 28 2013) PKI Strategy > > and Implementation Strategy > > (occurs in both) > > * "For example key escrow *may be required* for private > encryption keys in some services (*to comply with* Regulation > of Investigatory Powers Act Section 3)" > > but FIPR 9/5/2000 > > * Surprisingly Mr.Clarke amended S.69 > > [Hansard link - at bottom] to exempt company directors from > liability under Part.III - that is, they are no longer > personally liable for failure of their company to comply with > a decryption notice. This was the chief cause of FIPR's > diagnosis of government strategy as being that of "key escrow > by intimidation" - however it still leaves individuals and > company employees in the firing line. > > > PSN is a company with directors? No, but the bit Clarke chopped in response to (largely commercial) campaigning was the only part containing any express "key escrow by intimidation" aimed at board-level of organizations So the question I am raising is whether there is some other "public policy" rationale for arguing that escrow is compelled by the hypothetical necessity to respond to some particular decrypt request in future (contrast to arguments about "relevance" in PATRIOT 215 metadata). AFAIK this falls under Council of Europe R.87 (1987) which forbids ECHR states from compelling retention of arbitrary data as a matter of public policy in organs of the state, unless there is a precise authorizing law. RIPA Part.3 is not that law (but e.g. the EU DRD is such a law - in that it exists!), and of course compelling escrow in public sector has huge structural effects on normative practices (that what R.87 fuss was all about) CB -------------- next part -------------- An HTML attachment was scrubbed... URL: From zenadsl6186 at zen.co.uk Tue Aug 20 16:53:40 2013 From: zenadsl6186 at zen.co.uk (Peter Fairbrother) Date: Tue, 20 Aug 2013 16:53:40 +0100 Subject: Miranda detention, passwords given up Message-ID: <52139104.5060100@zen.co.uk> A little off-topic perhaps, although according to El Reg: http://www.theregister.co.uk/2013/08/20/british_gave_us_heads_up_over_interrogation_of_snowden_hacks_partner/ (El Reg unfortunately seems to be a little less accurate these days) apparently Miranda gave up the passwords to his laptop and mobile, perhaps after being required to under Part 3 of RIPA. Or perhaps he was forced to give up his passwords under paragraph 5 of Schedule 7 of the Terrorism Act, which says: "A person who is questioned under paragraph 2 or 3 must?(a)give the examining officer any information in his possession which the officer requests;" Presumably that information includes any keys in his possession, but the penalty here is only 3 months, rather than 2 - or 5 - years under RIPA. Anyway, I was looking at paragraph 2 of Schedule 7 of the Terrorism Act 2000, and saw that apart from some Northern-Ireland-specific stuff, the only purpose for which a person can be questioned (or detained) under Schedule 7 of the Terrorism Act 2000 is "for the purpose of determining whether he appears to be a person falling within section 40(1)(b)" i.e. whether he appears to be "a person who ... is or has been concerned in the commission, preparation or instigation of acts of terrorism." As far as I can tell, what reportedly happened to Miranda isn't anywhere near that. Scotland Yard claim it was lawful, but I can't see how it could be. Any lawyers care to comment? -- Peter Fairbrother From mozolevsky at gmail.com Tue Aug 20 17:04:47 2013 From: mozolevsky at gmail.com (Igor Mozolevsky) Date: Tue, 20 Aug 2013 17:04:47 +0100 Subject: Miranda detention, passwords given up In-Reply-To: <52139104.5060100@zen.co.uk> References: <52139104.5060100@zen.co.uk> Message-ID: On 20 August 2013 16:53, Peter Fairbrother wrote: Anyway, I was looking at paragraph 2 of Schedule 7 of the Terrorism Act > 2000, and saw that apart from some Northern-Ireland-specific stuff, the > only purpose for which a person can be questioned (or detained) under > Schedule 7 of the Terrorism Act 2000 is > > "for the purpose of determining whether he appears to be a person falling > within section 40(1)(b)" > > i.e. whether he appears to be > > "a person who ... is or has been concerned in the commission, preparation > or instigation of acts of terrorism." > > As far as I can tell, what reportedly happened to Miranda isn't anywhere > near that. > > Scotland Yard claim it was lawful, but I can't see how it could be. > This was one of the grounds raised by Bindmans: http://www.theguardian.com/world/interactive/2013/aug/20/david-miranda-letter-home-office -- Igor M. -------------- next part -------------- An HTML attachment was scrubbed... URL: From nbohm at ernest.net Tue Aug 20 17:16:45 2013 From: nbohm at ernest.net (Nicholas Bohm) Date: Tue, 20 Aug 2013 17:16:45 +0100 Subject: Miranda detention, passwords given up In-Reply-To: References: <52139104.5060100@zen.co.uk> Message-ID: <5213966D.2040504@ernest.net> On 20/08/2013 17:04, Igor Mozolevsky wrote: > > > > On 20 August 2013 16:53, Peter Fairbrother wrote: > > Anyway, I was looking at paragraph 2 of Schedule 7 of the > Terrorism Act 2000, and saw that apart from some > Northern-Ireland-specific stuff, the only purpose for which a > person can be questioned (or detained) under Schedule 7 of the > Terrorism Act 2000 is > > "for the purpose of determining whether he appears to be a person > falling within section 40(1)(b)" > > i.e. whether he appears to be > > "a person who ... is or has been concerned in the commission, > preparation or instigation of acts of terrorism." > > As far as I can tell, what reportedly happened to Miranda isn't > anywhere near that. > > Scotland Yard claim it was lawful, but I can't see how it could be. > > > This was one of the grounds raised by Bindmans: > > http://www.theguardian.com/world/interactive/2013/aug/20/david-miranda-letter-home-office > Perhaps it will be contended that hacking the NSA with a view to influencing the (US) Government = terrorism as defined in the Act. It would be nice to see that argued out in public. Nick -- Contact and PGP key here From fjmd1a at gmail.com Tue Aug 20 18:33:25 2013 From: fjmd1a at gmail.com (Francis Davey) Date: Tue, 20 Aug 2013 18:33:25 +0100 Subject: Miranda detention, passwords given up In-Reply-To: <5213966D.2040504@ernest.net> References: <52139104.5060100@zen.co.uk> <5213966D.2040504@ernest.net> Message-ID: 2013/8/20 Nicholas Bohm : > Perhaps it will be contended that hacking the NSA with a view to > influencing the (US) Government = terrorism as defined in the Act. > It would have to *seriously* interfere with or seriously disrupt the NSA computer systems. Now a demo that involved smashing a radio set would be much more clearly caught by s.1 > It would be nice to see that argued out in public. > Indeed. -- Francis Davey From mozolevsky at gmail.com Tue Aug 20 18:33:59 2013 From: mozolevsky at gmail.com (Igor Mozolevsky) Date: Tue, 20 Aug 2013 18:33:59 +0100 Subject: Miranda detention, passwords given up In-Reply-To: <5213966D.2040504@ernest.net> References: <52139104.5060100@zen.co.uk> <5213966D.2040504@ernest.net> Message-ID: On 20 August 2013 17:16, Nicholas Bohm wrote: > On 20/08/2013 17:04, Igor Mozolevsky wrote: > > On 20 August 2013 16:53, Peter Fairbrother wrote: > > > > Perhaps it will be contended that hacking the NSA with a view to > influencing the (US) Government = terrorism as defined in the Act. > > It would be nice to see that argued out in public. I was thinking about that, but then it seemed rather broad- the US government telling the Russian government that granting any form of asylum to Snowden would have serious adverse consequences would then amount to an act of terrorism under such a broad definition... And I have no idea how many alarms I've just triggered in the snoop-land!.. In any event, he wasn't doing the hacking- at best he was carrying a copy of some product of hacking... -- Igor M. -------------- next part -------------- An HTML attachment was scrubbed... URL: From fjmd1a at gmail.com Tue Aug 20 18:40:32 2013 From: fjmd1a at gmail.com (Francis Davey) Date: Tue, 20 Aug 2013 18:40:32 +0100 Subject: Miranda detention, passwords given up In-Reply-To: References: <52139104.5060100@zen.co.uk> <5213966D.2040504@ernest.net> Message-ID: 2013/8/20 Igor Mozolevsky : > I was thinking about that, but then it seemed rather broad- the US > government telling the Russian government that granting any form of asylum > to Snowden would have serious adverse consequences would then amount to an Those "serious adverse consequences" would have to fall within one of the list in s1(2). The point about 1(2)(e) is that we all know that seriously interfering with the operation of an electronic system is much easier (and less serious really) than the rest of the list which involves killing or hurting people or acts of a similar nature. -- Francis Davey From mozolevsky at gmail.com Tue Aug 20 18:46:59 2013 From: mozolevsky at gmail.com (Igor Mozolevsky) Date: Tue, 20 Aug 2013 18:46:59 +0100 Subject: Miranda detention, passwords given up In-Reply-To: References: <52139104.5060100@zen.co.uk> <5213966D.2040504@ernest.net> Message-ID: On 20 August 2013 18:40, Francis Davie wrote: > 2013/8/20 Igor Mozolevsky: > > > I was thinking about that, but then it seemed rather broad- the US > > government telling the Russian government that granting any form of > asylum > > to Snowden would have serious adverse consequences would then amount to > an > > Those "serious adverse consequences" would have to fall within one of > the list in s1(2). The point about 1(2)(e) is that we all know that > seriously interfering with the operation of an electronic system is > much easier (and less serious really) than the rest of the list which > involves killing or hurting people or acts of a similar nature. > I went to see what the Act says about it after I posted the quick reply, and, as you say, under 1(2)(e) one would need to "seriously interfere ... or disrupt an electronic system". I doubt merely copying data from the NSA to some removable device would amount to interference or disruption let alone a serious one if such copying was not outside SOP for the clearance level that Snowden had... -- Igor M. -------------- next part -------------- An HTML attachment was scrubbed... URL: From nbohm at ernest.net Tue Aug 20 19:01:30 2013 From: nbohm at ernest.net (Nicholas Bohm) Date: Tue, 20 Aug 2013 19:01:30 +0100 Subject: Miranda detention, passwords given up In-Reply-To: References: <52139104.5060100@zen.co.uk> <5213966D.2040504@ernest.net>

Message-ID: <5213AEFA.5050800@ernest.net> On 20/08/2013 18:46, Igor Mozolevsky wrote: > > > > On 20 August 2013 18:40, Francis Davie wrote: > > 2013/8/20 Igor Mozolevsky: > > > I was thinking about that, but then it seemed rather broad- the US > > government telling the Russian government that granting any form > of asylum > > to Snowden would have serious adverse consequences would then > amount to an > > Those "serious adverse consequences" would have to fall within one of > the list in s1(2). The point about 1(2)(e) is that we all know that > seriously interfering with the operation of an electronic system is > much easier (and less serious really) than the rest of the list which > involves killing or hurting people or acts of a similar nature. > > > > I went to see what the Act says about it after I posted the quick > reply, and, as you say, under 1(2)(e) one would need to "seriously > interfere ... or disrupt an electronic system". I doubt merely copying > data from the NSA to some removable device would amount to > interference or disruption let alone a serious one if such copying was > not outside SOP for the clearance level that Snowden had... The NSA may think its electronic systems have been seriously disrupted by the publicity they've been given. That may not strike rational people as a tenable argument under the Act, but smashing up the Guardian's computers doesn't seem the act of a rational government, so it's hard to say where this may go. Nick -- Contact and PGP key here From mozolevsky at gmail.com Tue Aug 20 19:13:18 2013 From: mozolevsky at gmail.com (Igor Mozolevsky) Date: Tue, 20 Aug 2013 19:13:18 +0100 Subject: Miranda detention, passwords given up In-Reply-To: <5213AEFA.5050800@ernest.net> References: <52139104.5060100@zen.co.uk> <5213966D.2040504@ernest.net>

<5213AEFA.5050800@ernest.net> Message-ID: On 20 August 2013 19:01, Nicholas Bohm wrote: [snip] > That may not strike rational > people as a tenable argument under the Act, but smashing up the > Guardian's computers doesn't seem the act of a rational government Yes, if it is true that MIB thought that destroying some computers is a way to permanently put an end to the NSA leaks story, then there should serious concerns and not just about rationality... -- Igor M. -------------- next part -------------- An HTML attachment was scrubbed... URL: From pwt at iosis.co.uk Tue Aug 20 19:23:51 2013 From: pwt at iosis.co.uk (Peter Tomlinson) Date: Tue, 20 Aug 2013 19:23:51 +0100 Subject: Miranda detention, passwords given up In-Reply-To: References: <52139104.5060100@zen.co.uk><5213966D.2040504@ernest.net>

<5213AEFA.5050800@ernest.net> Message-ID: <5213B437.9060704@iosis.co.uk> Guardian editor Alan Rusbridger on Channel 4 News just now on this topic, including destroying their copy of the Snowden material with Home Office observers present. You can watch again on More 4 (Ch 13 Freeview) soon after 8pm or wait a little longer and see it on the web at http://www.channel4.com/news/catch-up/ Peter On 20/08/2013 19:13, Igor Mozolevsky wrote: > > > > On 20 August 2013 19:01, Nicholas Bohm wrote: > > [snip] > > That may not strike rational > people as a tenable argument under the Act, but smashing up the > Guardian's computers doesn't seem the act of a rational government > > > > Yes, if it is true that MIB thought that destroying some computers is > a way to permanently put an end to the NSA leaks story, then there > should serious concerns and not just about rationality... > > > -- > Igor M.