nanog mailing list archives
Re: PGP/SSL/TLS really as secure as one thinks?
From: Matthew Petach <mpetach () netflight com>
Date: Mon, 10 Jun 2013 07:39:43 -0700
On Fri, Jun 7, 2013 at 8:25 AM, Joe Abley <jabley () hopcount ca> wrote:
On 2013-06-07, at 11:14, Jeroen Massar <jeroen () massar ch> wrote:On 2013-06-07 06:50, Dan White wrote: [..] A nice 'it is Friday' kind of thought....OpenPGP and other end-to-end protocols protect against all nefarious actors, including state entities.If you can't trust the entities where your data is flowing through because you are unsure if and where they are tapping you, why do you trust any of the crypto out there that is allowed to exist? :)Defence in depth. PGP-encrypt your transport stream and send it over TLS with client- and server-side certificate validation with a restricted CA list on each endpoint. Using IPSec. Through tor. With the plain-text littered with code words that are meaningless except to your intended recipient, taken from a pre-shared (in-person) code book that changes every day. Then your facebook sessions will be secure.
I was most of the way there, except I couldn't figure out how to get a pre-shared codebook to all 5,000 of my facebook friends with minimal overhead... And then it hit me...DIANETICS! Thanks to you, L. Ron Hubbard, my code distribution challenges are a thing of the past. Just keep churning out the endless volumes, and the rotating cypher-key system will last for decades! Matt (for the humour-impaired: ;-P )
Current thread:
- Re: PRISM: NSA/FBI Internet data mining project, (continued)
- Re: PRISM: NSA/FBI Internet data mining project William Herrin (Jun 21)
- Re: PRISM: NSA/FBI Internet data mining project Phil Fagan (Jun 21)
- Re: PRISM: NSA/FBI Internet data mining project Warren Bailey (Jun 21)
- Re: PRISM: NSA/FBI Internet data mining project Phil Fagan (Jun 21)
- Re: PRISM: NSA/FBI Internet data mining project Warren Bailey (Jun 21)
- Re: PRISM: NSA/FBI Internet data mining project Owen DeLong (Jun 21)
- PGP/SSL/TLS really as secure as one thinks? Jeroen Massar (Jun 07)
- Re: PGP/SSL/TLS really as secure as one thinks? Leo Bicknell (Jun 07)
- Re: PGP/SSL/TLS really as secure as one thinks? David Walker (Jun 07)
- Re: PGP/SSL/TLS really as secure as one thinks? Joe Abley (Jun 10)
- Re: PGP/SSL/TLS really as secure as one thinks? Matthew Petach (Jun 10)
- Re: PRISM: NSA/FBI Internet data mining project Måns Nilsson (Jun 06)
- Re: PRISM: NSA/FBI Internet data mining project Jimmy Hess (Jun 08)
- Re: PRISM: NSA/FBI Internet data mining project Matthew Petach (Jun 08)
- Re: PRISM: NSA/FBI Internet data mining project Jay Ashworth (Jun 08)
- Re: PRISM: NSA/FBI Internet data mining project Tom Taylor (Jun 09)
- Re: PRISM: NSA/FBI Internet data mining project Mike Jones (Jun 08)
- Re: PRISM: NSA/FBI Internet data mining project Warren Bailey (Jun 08)
- Re: PRISM: NSA/FBI Internet data mining project Eugen Leitl (Jun 07)
- RE: PRISM: NSA/FBI Internet data mining project Alex Rubenstein (Jun 07)
- RE: PRISM: NSA/FBI Internet data mining project Adam Vitkovsky (Jun 10)