Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Crypto Advocacy TED Talk

Gregory Maxwell gmaxwell at
Wed Nov 30 22:38:33 PST 2011

On Thu, Dec 1, 2011 at 12:01 AM, Jeffrey Burdges <burdges at> wrote:
> Aside from arguing these point, there should be emphasis that "this ain't your daddy's PGP", meaning modern crypto packages have grown incredibly easy to use.  Tor Browser Bundles are about the most user friendly thing in the world.  Off-the-record messaging is almost a triviality in Adium, Jitsi, or other open source IM clients.  Most mail readers have user friendly plugins for GPG.  etc.

I've argued before that protocol designers have an ethical obligation
to include always-on-by-default cryptography whenever it isn't
contraindicated by other requirements— The primary idea being here
that the whole cost of cryptography to the user can be drastically
reduced when its properly integrated.

In particular, even unauthenticated cryptography provides absolute
immunity to passive attacks, invisible wiretapping dragnets, and gives
active attacks a serious risk of discovery.  And this protection can
be added to any realtime communication for _free_ and invisibly from
the users perspective.  (Of course, authentication is important— and
nothing unauthenticated should be advertised to the user as encrypted.
But the unavoidable user-costlyness of authentication shouldn't
prevent us from getting encryption).

One point on this subject that is overlooked is the network effect: I
may have good reasons why I should be using encryption, but it's very
hard to use it when most of my friends are not using it.  This is
related to your point (1), but not identical. Unrelated to cover, my
contacts can't use encryption with me if I don't use encryption— and
asking me to use it is a social/time cost that discourages them from
using it when they really should. Unless encryption is a norm they
won't even ask.

Related to your point (2) I'd add a more subtle argument: The
widespread use of unencrypted communications enables an _industry_ of
dragnet surveillance.  Iran pays FooBarNetworks to build a fleet of
passive eavesdropping widgets... The R&D cost gets sunk building it
and then FooBar has a new product in their price book which their
sales drones go peddling to everyone who will take them, including the
governments of countries which are less prone to coming up with these
initiatives on their own. In this manner, oppression gains a marketing
department.  Fairly modest decreases in the effectiveness of
surveillance can break this cycle by making the initial cost less
appealing and making the products harder to sell.

(And at the extreme limit: A few billion to build and maintain an
infrastructure of hundreds of thousands of optical taps and fast
stateless packet filters is a _lot_ more attractive when it will
intercept Almost Everything then when its mostly only useful for
traffic analysis).

Another point that I make when discussing this subject is that none of
us is really able to correctly assess the risks in making the choice
to use encryption:  We're not aware of secret lawful and unlawful
interception by governments (our own, and/or hostile ones) and
organized crime. We don't have a good feel for how massive collections
of data may be used against our interests in the future. And once
disclosed the information genie can't easily be rebottled. Encryption
is cheap insurance, and would be much cheaper if ubiquitously

More information about the liberationtech mailing list