It is not a lack of crypto that enables phishing. Hence, what do you mean by the last 6 words?
Hi Toby,
It is a lack of good crypto and good security that enables phishing. The lack of good crypto and security traces back to government interference in the marketplace, perhaps best viewed as a successful attempt to trample competition because of policy desires to control it.
Posted by Iang at June 17, 2008 05:51 AMThanks for the great historical tidbit about the cryptowars!
> Strategic victory went to the US government, which still maintains a policy of keeping the Internet insecure by suppressing crypto where and when it can.
Can you elaborate on this? How do you feel the USG is keeping the Internet insecure?
Posted by Brenden at June 17, 2008 10:11 AMArcheological email about proposal for doing pgp-like public key (from 1981):
http://www.garlic.com/~lynn/2006w.html#email810515
The internal network was larger than the arpanet/internet from just about the beginning until sometime summer of '85. Corporate guidelines had become that all links/transmission leaving corporate facilities were required to be encrypted. in the '80s this met lots of link encryptors (in the mid-80s, there was a claim that the internal network had over half of all the link encryptors in the world).
A major crypto problem was with just about every link that crossed any national boundary created problems with both national governments. Links within national boundaries would usually get away with argument that it was purely internal communication within the same corporate entity. Then there was all sorts of resistance encountered attempting to apply that argument to links that cross national boundary (from just about every national entity).
For other archeological lore ... old posting with new networking activity from 1983 http://www.garlic.com/~lynn/2006k.html#8
Above posting includes listing of locations (around the world) that had one or more new network links (on the internal network) added sometime during 1983 (large precentage involved connections requiring link encryptors).
more recent post http://www.garlic.com/~lynn/2008h.html#87 mentioning coming to the realization (in the 80s) that there were three kinds of crypto.
Posted by Lynn's archelogical pgp-like proposal at June 17, 2008 05:17 PMHi Ian-- I actually agree with you. I didn't want to say that on my ebay ad because if I make people depressed maybe they won't want to spend money. (On the other hand, I spend more money when depressed. So...)
Posted by Sameer Parekh at June 17, 2008 07:20 PMI don't think we lost because the US government made a successful strategic retreat, thought that is part of it.
Rather, the plan is harder to carry out than we thought.
As I write in http://jim.com/security/cypherpunk_program.html
The plan is to strike at the state from the jungle of complexity, to strike at the state from beyond the state’s intellectual and temporal horizons.
Cryptography alone is insufficient to implement crypto-anarchy. Correct understanding and implementation of cryptography has proven to be hard, as numerous embarrassing failures have demonstrated, but correct understanding and implementation of cryptography turned out to be only the beginning of what was needed.
Often secure cryptographic algorithms have been used to construct insecure cryptographic protocols, but worse than that, correct cryptographic protocols, such as SSL, have resulted in insecure behavior.
Successfully designing such systems requires a whole system viewpoint – cryptographic protocols and user interface and business models and accounting principles and economic understanding and understanding of computer mediated social networking.
The cypherpunk movement collapsed in the realization that the problem was harder than it seemed, that mere cryptography was insufficient.
The cypherpunk movement produced a lot of cryptographic tools, among them by own Crypto Kong, only to realize that no one wanted cryptographic tools. To use a cryptographic tool, you have to understand and think about what it is doing, understand and think about the cryptographic primitives involved every time you use it. Unfortunately, even committees of experts tend to screw up when they attempt to specify correct use of cryptographic primitives. No way can end users be expected to burden themselves with such a task. Rather, cryptography needs to be embedded invisibly in tools that do user tasks, and make those tasks secure without the end user ever thinking about cryptography. SSH is the best example of a tool that works like this. You never see a dialog box that relates to cryptographic matters. It is just secure. It acts the way people expect it to act, and they don’t need to think about the messy details of how it ensures that hostile adversaries cannot meddle and make things fail in unexpected ways. Similarly, Skype's encryption is invisbly embodied in a utility that people use to communicate with each other, and no one should ever be aware of it.
If people use secure tools to mediate cooperation, and the storage and creation of value, to do business, then those tools will not only be secure against ordinary criminals, but against governments – wherupon it becomes hard for governments to collect taxes or regulate business, hard for governments to intrude themselves in honest peaceful activities.
As soon as we produced the first not very satisfactory versions of such tools, and early adopters came to use them, we hit the second problem. The cypherpunk program requires heavy reliance on value, exchange, and promises to pay and deliver being computer mediated. But computers are extremely insecure. One’s computer is apt to come under the control of hostile criminals. The computer virus and trojan problem makes it impractical to keep large amounts of value on a computer. Similarly, the phishing problem makes it difficult to have internet mediate relationships of economic value. The anonymity that gives protection against governments makes it alarmingly easy for people to pretend to be what they are not. And then we discovered that net centric anonymous or weakly nymous money was violently unpopular because of criminals flocking to it, provoking governments to shut it down.
Facing these problems, the cypherpunk movement collapsed. The remaining cypherpunks patiently studied solutions to these problems, and, by and large, solutions have been discovereds, though these solutions are not yet implemented, or the implementations are not yet widely adopted, perhaps not yet ready for wide adoption.
The problems that shut down the cypherpunk movement are
1. Cryptography is hard, cryptographic protocols that actually work are harder, and embedding those protocols invisibly in utilities that do useful things without the end user needing to know or think about cryptography considerably harder still: To solve this we need higher level tools which automatically apply known sound protocols to the particular case, so that good cryptography can be a routine and invisible part of good applications, without requiring as much thought as it now does.
2. Computer insecurity, trojans and malware: To solve this, we need to restrict programs using the powerbox software pattern
3. Phishing
4. Violently unpopular criminal misuse of net centered money