|Welcome to the Monastery|
Re: Re: The good, the bad, and the ugly....by pmas (Hermit)
|on Sep 15, 2001 at 00:35 UTC||Need Help??|
I know that we should stop this discussion, but here I am talking about somethig where real perl code might be involved.... ;-)
Backdoor to encryption technology will not prevent communication between terrorists and will just waste resources of USA. There are simpler tools and technologies already available which, when integratedm are harder even to detect, and not decrypt. To get perfect encryption, your key needs to be really long. Processing power of PC is cheap, and communication channels are for free (almost). How to implement it?
For non-urgent messages (like trainig manuals), just send floppy or CD by mail. It's easy to set up bogus company selling CD's with ethnic music - or just use existing one, and just swap CD's. Heck, terrorist can order 5 CD's, one is bogus (with coding dictionary), can even complain that it is not a music and get refund!
For more urgent and near-interactive messages, use spam: Check encoding via spam - SpamMimic. Determined Perl hacker can easily integrate this idea (published in a book), public chat channels, and program like Elisa. Your spam-mimic client will send short messages to chat, generated using dictionary appriate for a channel, and possibly responding to previous messages like Elisa does. Receiving agent will filter messages from known users only, and decode them. Short messages (by letter, or by word) look really innocent, try SpamMimic! Dictionary, programs for client sender and receiver, can be sent by CD-ROM. When thinking about it, I may even try it - looks interesting idea... ;-)
No Echelon and no Carnivore will be able to digest all this mountains of information - CIA has already tons of tapes with wirepaped phone messages waiting for a translation. And if terrorist are using code language (and sure they do), even phone messages may look innocent enough. So only known terrorists are traced in detail - not too promising, right?
As a programmer, I know that security can be only designed and build in, not tested out and controlled out. After reasonable punishment (just in eyes of at least of part of punished population), only way out is to give people something better to dream about than become a martyr out of desperation. Many good articles about it on www.salon.com.
In fighting, key to success is to use weight, power and inertia of your opponent to make him to do wrong step. Even in sumo, brute force alone cannot win. Looks like Americans forgot about that - probably watching too much staged fights of wrestlers of WWF.... :-(
"Violence is the last resort of the incompetent." - Salvor Hardin, Foundation by Isaac Asimov. I found in in google, in exactly the same context as I am using it right now...
I am not arguing against punishing terrorists (USA need to show it is not week). I try to warn against over-reacting, which will hurt freedoms of Americans, and do nothing about preventing next attack.
There are 24 milions people in Afganistan. All thinking people in USA and all over the world should be concerned, how many of afganistan young males will hate USA more than love own (miserable) life five years from now? Politicans plan only until next elections, year from now...