Ask Slashdot: Can Bruce Schneier Be Trusted? 330
An anonymous reader writes "Security guru Bruce Schneier is, among other things, a world renowned cryptography expert, author of several popular books, and a second-order internet meme. He is also an outspoken critic of the NSA, in particular the massive NSA surveillance programs disclosed over the summer by Edward Snowden. Schneier has been involved in reviewing the leaked documents and has put in effort to determine which cryptosystems should still be considered safe. I'm a big fan of Bruce Schneier, but just to play devil's advocate, let's say, hypothetically, that Schneier is actually in cahoots with the NSA. Who better to reinstate public trust in weakened cryptosystems? As an exercise in security that Schneier himself may find interesting, what methods are available for proving (or at least affirming) that we can trust Bruce Schneier?"
Trust no one (Score:5, Insightful)
Easy (Score:5, Insightful)
and has put in effort to determine which cryptosystems should still be considered safe.
Have someone(s) double check his work.
We should be doing that anyway, even for someone who is 100% trusted.
Trust him to do what? (Score:5, Insightful)
If you're talking about absolute trust, i.e. "I trust him" = "I trust him to do anything", you should probably have your head examined.
Phrase your questions better and you will get more useful answers.
I'll trust Schneier ... (Score:4, Insightful)
Here you are an answer, which you might not like (Score:5, Insightful)
Problem: Paranoia
Solution: None
seriously? because SCIENCE! (Score:5, Insightful)
Bruce Schnier may be the front-line spokesperson for the security community, but that should be completely separate from his body of work in cryptography. At the bottom line, he's doing mathematics, and mathematical proofs can be reproduced and confirmed -- or debated and disproven -- by anyone else in any country with sufficient background to understand them.
He is not some guru spouting unprovable wisdom from a mountaintop, he is a member of a scientific community, and if he is able to earn and keep the respect of that community, then that's a pretty good indication that he knows what he's talking about.
Trust no one (Score:5, Insightful)
Re:Trust no one (Score:5, Insightful)
You have to trust someone, somewhere along the line.
Even the compiler can be compromised. Ken Thompson showed that.
Where I think "anonymous coward" is wrong is that he's implying the Bruce Schneier would NEED to be compromised by the NSA. He wouldn't.
There are two aspects to "crypto".
1. The math.
2. The implementation.
Bruce can validate that the math seems to be correct (or he can be compromised into saying that it seems to be correct) but it is the implementation that gets used.
So even if Bruce actually believed that the math was correct, the NSA could compromise the people/organisation/company that turned that math into a product that you would use.
And it is much easier to claim that a flawed implementation was an innocent mistake than to compromise EVERYONE who can understand the math behind it.
...and it's come to this, hasn't it? (Score:5, Insightful)
Anything is possible I suppose. To me, it was no surprise really. I do have to say that, having worked with individuals in the security community, the primary focus really is the safety of our way of life at the hands of those who would subvert it.
The problem comes when those of less character use the government apparatus for control, political or other purposes. It's the same reason police and military need to be kept separate - one enforces the rule of law, and one protects against enemies. When those lines are blurred, history has demonstrated repeatedly that individual rights suffer. The degree to which this happens is the degree of the moral compass of those at the helm of this extremely powerful surveillance apparatus.
I'm not sure how many true boy scouts are really left running the show up there, but I do know this: the more paranoid we get, the more we lose. All of this need not come to pass in this way. One of the most important things I learned in my time in this world was "trust, but verify" and it rings true today. You can still trust the message that Bruce Schneier has. We have to, for otherwise we will be consumed by our own paranoia. But to verify is probably the most important point. That's where openness and information sharing in the spirit of open source is paramount and what will lead us to the proper conclusion on this matter.
Re:Oh please (Score:2, Insightful)
Dude, Bruce Schneider doesn't even trust his own private keys. That should be a lesson to us all.
Re:I'll trust Schneier ... (Score:2, Insightful)
And how Al Queda won the war on terror.
He Would Agree (Score:4, Insightful)
This question is stupid. It would not matter if he was the most honest, intelligent, and experienced security expert in existence, he would tell you the same thing, do not trust him.
What about ourselves? (Score:4, Insightful)
Re:Trust no one (Score:2, Insightful)
Re:Just double the encryption (Score:2, Insightful)
If you develop your own crypto system and never share it with adverse parties that really want to show you up publicly - then
A.) Your system isn't secure
B.) You will have a false faith in the security of your system.
If you don't already understand this, that's fine, but it means you shouldn't be giving out advice about crypto systems, as either you haven't actually done any research into the history of crypto OR you want to mislead people.
Re:Trust no one (Score:5, Insightful)
the NSA could compromise the people/organisation/company that turned that math into a product that you would use.
An obvious solution to this would be two (or more) independent implementations. The implementations wouldn't even need to be done by trustworthy entities, just entities unlikely to cooperate. If the NSA does one implementation, China does another, Russia does a third, and they all produce identical output, then that would be good enough for me.
Re:Trust no one (Score:2, Insightful)
You have to trust someone, somewhere along the line.
No. No you don't. You should always remain skeptical, consider motivation as well as message, and read between the lines. Think for yourself and check facts.
It is better to trust the math community (a large body of people of varying motives, hence less corruptible by a single source) than Schneier. It is even better to learn the math yourself. It's even better to kick down the doors of the NSA and demand answers. But that last one will probably get you shot or worse.
Diverse Double-Compiling (trust but verify) (Score:5, Insightful)
Thanks for pointing out my Diverse Double-Compiling (DDC) paper!
My page on Fully Countering Trusting Trust through Diverse Double-Compiling (DDC) [dwheeler.com] has more details, including detailed material so you can duplicate the experiments and re-verify the proofs. Note that you do not have to take my word for it.
You have to trust some things. But you can work to independently verify those things, to determine if they're trustworthy. I don't always agree with Bruce Schneier, but after watching what's he's done for years, I've determined that he's quite trustworthy. This is the same way we decide if we should trust anyone or any thing. In short: "trust, but verify".
Re:Just double the encryption (Score:2, Insightful)
Blah blah blah, of course I understand cryptosystems. [...] If party C can't figure out how a message was encoded, they can't exploit gaps in that encoding to extract your message.
This statement proves that you do not, in fact, understand cryptosystems.
Re:Trust no one (Score:4, Insightful)
But from whom do you learn the math? A teacher? A textbook? Unless you derive it all yourself from base axioms, you do have to trust someone at some point. Math is logic, pure and simple: that's true, but it is subtle enough and complex enough, especially at the level of cryptography, that you could be taught something which is false and yet verifiable (i.e., internally consistent, but externally incorrect). And of course, beyond outright misinformation, there is the very real possibility that the math is sound but someone has discovered a technique for busting right through it.
But I think the more important point is that our entire society breaks down instantly without trust. Specialization is the basis for all of human advancement, and trust is the basis for specialization. You don't learn to build a car yourself, you trust an auto mfr to do it for you. You don't spend time growing or hunting your own food, you trust the food industry to provide you with safe and sufficient sustenance. If you didn't trust anyone, you'd spend all your own time and resource attending to your most basic needs.
The same goes for cryptography and software: everybody uses crypto these days (TLS, for instance), but the vast majority of people don't have any where close to the expertise to verify even the algorithms, let alone the implementations. Sure, we could have a society of crypto experts and everyone could independently verify every algorithm and every piece of code that they use. But whose going to build the the cars and grow the food?
Re:Trust no one (Score:5, Insightful)
Applying the mantra of open source to the underlying mathematics: Learn the mathematics of cryptography yourself to find the bugs within the mathematics. Don't place your trust in any person other than yourself.
Which is why I always x-ray the concrete and perform a full metallurgical analysis on the structural steel before I drive across one of those government-built bridges. Sure, I had to do a four-year engineering degree, but it was worth it.
Seriously, "trust no one, and validate everything from first principles" breaks down very quickly if you try to apply it to any but the narrowest portion of your life. Figuring out workable and robust ways to evaluate trustworthiness of other parties is a damn useful (and equally damn difficult) problem.
Re:Trust no one (Score:2, Insightful)
No. Bodhammer has it right. Trust no one person. If you must trust because you lack skill, do not trust a single cryptographer, trust the community.
Re:Trust no one (Score:5, Insightful)
Applying the mantra of open source to the underlying mathematics: Learn the mathematics of cryptography yourself to find the bugs within the mathematics. Don't place your trust in any person other than yourself. Especially don't worship some brand-name as a god who, as diviner-intercessor, is your sole information-provider on the subject.
Care to point me to the "mathematics" of AES? How about SHA-2? For that matter, will studying the mathematics of RSA make it clear why a chosen ciphertext attack renders RSA with PKCS#1 v1.5 padding vulnerable, and how using Optimal Asymmetric Encryption Padding instead addresses the issue?
Seriously, the above is laughable advice. Oh, by all means learn crypto if you're interested, it's a fascinating subject -- one which you can easily devote your entire lifetime to, though you'll have to pick a sub-specialty if you really want deep understanding of the sort that will let you meaningfully evaluate the security of some real-world elements.
The reality is that you must rely on someone else. Even serious academic cryptography researchers make no claims to be able to fully understand anything outside their narrow area of focus, and they're also quick to point out that even when the theory is great, implementations may contain subtle defects which are extremely hard to find. The "open source" mantra is indeed exactly what we need, but your average developer -- bright though he or she may be -- simply doesn't have the background needed to contribute very effectively, and it doesn't make sense for everyone to invest the time needed to acquire that much background.
Instead, what we need is what we have: An open security research community. It could be bigger, of course, and I'd encourage anyone who has an interest in this stuff to get involved. And I'd also encourage everyone else to become more informed. But expecting to be able to make a significant contribution to improving security with just a little math is misguided.
Re:Logically retarded (Score:3, Insightful)
1. They are playing devil's advocate, not to tear down someone's reputation, but actually to question it in order to put it on a more solid foundation. That is not self defeating, but rather a typical method of proof by dialogue.
2. Your argument seems to be based on deflecting the claims back on the questioner. That doesn't answer the original question about Scheier. Also, your evidence against the writer of the summary is circumstantial.
3. If anyone actually has any evidence against Schneier's trustworthiness, they can present it here. I have seen other Slashdot articles produce just such informed criticism. Therefore this is not a waste of time. The original poster doesn't have to do all the work, you know.
4. One could use similar reasoning to claim that NSA is doing good work.
* Has the NSA visibly harmed America?
* Has the NSA been a vocal critic of America's enemies?
* Has the NSA been on the job for a really long time?
* Do we have any evidence that the NSA is favoring our enemies?
Conclusion: trust the NSA. Isn't that rather shallow reasoning, to put your trust in someone or something merely on the basis of appearances?
Re:Logically retarded (Score:2, Insightful)
Therefore, I would humbly suggest that I could and do logically conclude that YOU are a tool of the NSA, not Schneier, and furthermore, I have more evidence than you do: Your suggestion to consider Schneier as less than reliable based on zero evidence.
Valid point: Me and my question would be another cute way for the NSA to influence society. I can't completely discount the possibility that I'm a sleeper agent, myself.
But just to clarify, I had no intention of discrediting the man, this is strictly a thought experiment, not even conjecture or speculation. I do not mean to suggest that Schneier actually is untrustworthy or working for the NSA. If nothing else, this question has highlighted what may be a flaw in your own security model: you assume that he hasn't "given us bad advice", but you really have no way of knowing that.
Re:Trust no one (Score:5, Insightful)
If you were the NSA, wouldn't you plant stories in places like Slashdot suggesting that you can't trust the people who are fighting to protect you from the NSA?
Which Slashdot editor is so nearsighted that they couldn't see this obvious FUD?
Re:Trust no one (Score:5, Insightful)
Hrmmm... You have a great point... More computers won't make the job easier... Smarter computers will...
Look at Watson... Specifically designed to measure the value of information in both directions and use these values real time as it sorts through massive amounts of data...
Areas where humans were thought to be the only solution, here comes Watson...
Law, medical diagnostics, computer software troubleshooting, etc...
These are all areas where Watson will soon dominate...
We can only hope the Utah data center will NOT have IBM as one of the contractors...
Re:Can Bruce Schneier Be Trusted? (Score:5, Insightful)
This could become a circus. If the NSA can get you to not trust Bruce, Then you couldn't trust any encryption system. If you trust none then you are just where the NSA want's you. Sometime we are going to have to pick someone we trust. Until proven otherwise, I trust Bruce.
Re:Bruce Schneier connection (Score:4, Insightful)
I picked up your paper on slashdot actually (and probably from one of your posts). But I had never realized that you (as in the author of the paper) was posting on slashdot. That's pretty cool.
What is interesting about diverse double compiling is that it is feasible by a large technically savvy entity (but difficult in practice).
I must say that the trusting trust problem has become huge in the recent years. We pretty much have to rely on somebody for compiling our software and not just compilers. Compiling your own firefox or chromium or vlc is close to being impossible. There are too many dependences or the build chain is too complicated. (A friend of mine run out of disk space compiling chromium...) But assuming that you trust debian (or anyother large entity with technical expertise), you can rely on debian to make sure trusting trust problems do not appear. (And provided writing a C compiler is a standard student project, it should be easy to get multiple compilers to make sure none is backdoored.)