Ask Slashdot: Can Bruce Schneier Be Trusted? 330
An anonymous reader writes "Security guru Bruce Schneier is, among other things, a world renowned cryptography expert, author of several popular books, and a second-order internet meme. He is also an outspoken critic of the NSA, in particular the massive NSA surveillance programs disclosed over the summer by Edward Snowden. Schneier has been involved in reviewing the leaked documents and has put in effort to determine which cryptosystems should still be considered safe. I'm a big fan of Bruce Schneier, but just to play devil's advocate, let's say, hypothetically, that Schneier is actually in cahoots with the NSA. Who better to reinstate public trust in weakened cryptosystems? As an exercise in security that Schneier himself may find interesting, what methods are available for proving (or at least affirming) that we can trust Bruce Schneier?"
Trust no one (Score:5, Insightful)
Re:Trust no one (Score:5, Insightful)
You have to trust someone, somewhere along the line.
Even the compiler can be compromised. Ken Thompson showed that.
Where I think "anonymous coward" is wrong is that he's implying the Bruce Schneier would NEED to be compromised by the NSA. He wouldn't.
There are two aspects to "crypto".
1. The math.
2. The implementation.
Bruce can validate that the math seems to be correct (or he can be compromised into saying that it seems to be correct) but it is the implementation that gets used.
So even if Bruce actually believed that the math was correct, the NSA could compromise the people/organisation/company that turned that math into a product that you would use.
And it is much easier to claim that a flawed implementation was an innocent mistake than to compromise EVERYONE who can understand the math behind it.
Re:Trust no one (Score:5, Informative)
"Even the compiler can be compromised. Ken Thompson showed that."
Well, double compiling techniques can be used to certify a compiler. (Though it actually assume that you have access to an other safe compiler, which is a little bit complicated, but doable)
http://arxiv.org/abs/1004.5534 [arxiv.org]
Can Bruce Schneier Be Trusted? (Score:5, Funny)
Why not? I have his SHA256 hash, right here, on this USB stick.
But wait! Am I sure I spelled "Schneierer" correctly?!?
Re: (Score:2)
Your fine and you're speeling is greate!
Re:Can Bruce Schneier Be Trusted? (Score:5, Insightful)
This could become a circus. If the NSA can get you to not trust Bruce, Then you couldn't trust any encryption system. If you trust none then you are just where the NSA want's you. Sometime we are going to have to pick someone we trust. Until proven otherwise, I trust Bruce.
Diverse Double-Compiling (trust but verify) (Score:5, Insightful)
Thanks for pointing out my Diverse Double-Compiling (DDC) paper!
My page on Fully Countering Trusting Trust through Diverse Double-Compiling (DDC) [dwheeler.com] has more details, including detailed material so you can duplicate the experiments and re-verify the proofs. Note that you do not have to take my word for it.
You have to trust some things. But you can work to independently verify those things, to determine if they're trustworthy. I don't always agree with Bruce Schneier, but after watching what's he's done for years, I've determined that he's quite trustworthy. This is the same way we decide if we should trust anyone or any thing. In short: "trust, but verify".
Re:Diverse Double-Compiling (trust but verify) (Score:5, Informative)
I've gotten a lot of hits, and that's a good thing. As I noted in another post [dwheeler.com], I got hit by reddit [reddit.com] earlier this year. In general people are becoming more interested in protecting and verifying build environments, as this post about Tor demonstrates [torproject.org].
So please take a look at my Fully Countering Trusting Trust through Diverse Double-Compiling (DDC) [dwheeler.com] page!
Bruce Schneier connection (Score:4, Informative)
Oh, and a Bruce Schneier connection: In 2006 Bruce wrote a summary of my ACSAC paper on diverse double-compiling (DDC). Bruce's article is simply titled Countering "Trusting Trust" [schneier.com].
Bruce completely understood the approach. He explained it very well in his blog, and he also did a nice job explaining its larger ramifications. His conclusions are still true: the "trusting trust" attack has actually gotten easier over time, because compilers have gotten increasingly complex, giving attackers more places to hide their attacks. Here's how you can use a simpler compiler -- that you can trust more -- to act as a watchdog on the more sophisticated and more complex compiler.
Re:Bruce Schneier connection (Score:4, Insightful)
I picked up your paper on slashdot actually (and probably from one of your posts). But I had never realized that you (as in the author of the paper) was posting on slashdot. That's pretty cool.
What is interesting about diverse double compiling is that it is feasible by a large technically savvy entity (but difficult in practice).
I must say that the trusting trust problem has become huge in the recent years. We pretty much have to rely on somebody for compiling our software and not just compilers. Compiling your own firefox or chromium or vlc is close to being impossible. There are too many dependences or the build chain is too complicated. (A friend of mine run out of disk space compiling chromium...) But assuming that you trust debian (or anyother large entity with technical expertise), you can rely on debian to make sure trusting trust problems do not appear. (And provided writing a C compiler is a standard student project, it should be easy to get multiple compilers to make sure none is backdoored.)
Re: (Score:3)
No. You don't need a compiler you can trust to start with, merely one that you know hasn't been compromised by people colluding with those who may have compromised the first one.
E.g., you could take a C compiler written in, say, Algol and use it to compile the GCC C compiler. That would give you a full C compiler that you could trust. You can be pretty sure that whoever wrote the C compiler in Algol wasn't talking to the people who wrote GCC, so any tricks they slipped into the C compiler wouldn't be rec
Re:Trust no one (Score:5, Insightful)
the NSA could compromise the people/organisation/company that turned that math into a product that you would use.
An obvious solution to this would be two (or more) independent implementations. The implementations wouldn't even need to be done by trustworthy entities, just entities unlikely to cooperate. If the NSA does one implementation, China does another, Russia does a third, and they all produce identical output, then that would be good enough for me.
Re: (Score:2, Insightful)
You have to trust someone, somewhere along the line.
No. No you don't. You should always remain skeptical, consider motivation as well as message, and read between the lines. Think for yourself and check facts.
It is better to trust the math community (a large body of people of varying motives, hence less corruptible by a single source) than Schneier. It is even better to learn the math yourself. It's even better to kick down the doors of the NSA and demand answers. But that last one will probably get you shot or worse.
Re:Trust no one (Score:4, Insightful)
But from whom do you learn the math? A teacher? A textbook? Unless you derive it all yourself from base axioms, you do have to trust someone at some point. Math is logic, pure and simple: that's true, but it is subtle enough and complex enough, especially at the level of cryptography, that you could be taught something which is false and yet verifiable (i.e., internally consistent, but externally incorrect). And of course, beyond outright misinformation, there is the very real possibility that the math is sound but someone has discovered a technique for busting right through it.
But I think the more important point is that our entire society breaks down instantly without trust. Specialization is the basis for all of human advancement, and trust is the basis for specialization. You don't learn to build a car yourself, you trust an auto mfr to do it for you. You don't spend time growing or hunting your own food, you trust the food industry to provide you with safe and sufficient sustenance. If you didn't trust anyone, you'd spend all your own time and resource attending to your most basic needs.
The same goes for cryptography and software: everybody uses crypto these days (TLS, for instance), but the vast majority of people don't have any where close to the expertise to verify even the algorithms, let alone the implementations. Sure, we could have a society of crypto experts and everyone could independently verify every algorithm and every piece of code that they use. But whose going to build the the cars and grow the food?
Re: (Score:3, Funny)
But from whom do you learn the math? A teacher? A textbook? Unless you derive it all yourself from base axioms, you do have to trust someone at some point.
A proper math education starts from basic axioms. A teacher should merely guide a math student through derivation of that mathematical knowledge which is taught, all from base axioms. In my undergrad, math majors were required to take a course on the axiomatic foundation of math (set theory). The classes that depended on that built the foundations of algebra, analysis, etc. upon those same axioms. The subsequent built upon those results, etc.
One problem with crypto is that we've never seen a hardness
Re:Trust no one (Score:4, Informative)
You have to trust someone, somewhere along the line.
The open source movement (Down people! It's just an umbrella term, not an excuse to rage about the nuaned differences in licensing) recognized early on that the only way to create reasonably secure code is to publish it and let anyone look at it. Politics demands that for every group of people out there wanting power for a specific purpose, there's another group willing to sabotage them. As long as the code is a black box, the war between those groups will be won and fought or lost without anyone being the wiser -- unless the code is published.
Then, regardless of individual motive, you're on one of either two sides: Publish or don't. If you publish, there's a big risk of being identified if you try anything and in covert operations anonymity is better than bulletproof armor. Nobody's going to risk having their real identity linked to a subversion attempt. So that leaves not publishing -- keeping potential exploits to yourself. This is what the NSA and other intelligence communities are doing.
When you play that game, however, you're stuck in an arms race where every participant is fighting a war on two fronts -- they can exploit the holes in the enemy's systems, but because the enemy uses a lot of the same technology, they can turn around and do the same to you... which means every weapon is 'single use' against hard targets. But I guess that's how the NSA likes it; As long as you have tons of money to waste, those with the most gold have the most power. It's direct proportionality.
Actively maintained open source though allows people to build reasonably secure systems without a big investment -- anyone can incrementally improve it. So if you aren't the NSA (ie, second place and below)... it makes sense to contribute to projects like Linux and build your security around them. The NSA has been 'caught' (as much as anyone can be caught in cyberwarfare -- attributation is a bitch, anyone who has researched it knows this) several times trying and failing to create exploits in Linux. This tells me that the cost of finding a linux exploit is now at least equal to that of its closed-source competitors, and may even be higher -- otherwise why risk exposure?
Any once you find a linux exploit, you're still on the clock -- this isn't like closed source. New people are constantly looking at code, even old code, and could discover your hard-won exploit and close it. Basically, if you're not a "top 10" government and you want security... use open source.
Re: (Score:3)
'The open source movement (Down people! It's just an umbrella term, not an excuse to rage about the nuaned differences in licensing) recognized early on that the only way to create reasonably secure code is to publish it and let anyone look at it. '
To make the claim that linux has been never been intentionally weakened in security, you need to know that every single security vulnerability in Linux (to take one example) was due to carelessness, not intended action.
Certainly - some classes of backdoor are tri
Linux backdoor of 2003 & Underhanded C Contest (Score:5, Interesting)
To make the claim that linux has been never been intentionally weakened in security, you need to know that every single security vulnerability in Linux (to take one example) was due to carelessness, not intended action.
Certainly - some classes of backdoor are trivially obvious 'if(sourceip==NSA)' - but others can be subtle logic errors.
You mean like this attempt in 2003? [slashdot.org]
Personally, I'm not longer all that impressed by the IOCCC. [ioccc.org] Don't get me wrong, some of the code submitted there shows utterly insane levels of skill. However, the above is an excellent example of a good submission for the Underhanded C Contest [xcott.com], which is an excellent teaching tool for discovering exploits as well as for learning about subtle bugs that may drive you utterly mad trying to find.
Re:Trust no one (Score:5, Insightful)
If you were the NSA, wouldn't you plant stories in places like Slashdot suggesting that you can't trust the people who are fighting to protect you from the NSA?
Which Slashdot editor is so nearsighted that they couldn't see this obvious FUD?
Re: (Score:3)
Bruce probably doesn't want you to trust him implicitly. You should always keep your wits and take actions to make sure you're not being taken advantage of. I read a while ago about a guy who tricked his son into running into a mirror and was flamed for not wanting his son to trust me: but trusting someone can be dangerous. The lesson is to not let yourself get into a position where you're trusting someone else and not protecting yourself.
Re: (Score:3)
That slashdot has topics which question sacred cows and widely-held beliefs is a good thing. If the site parroted one and only one viewpoint, then I'd be worried that there was some higher force manipulating it. The fact that contrary viewpoints are presented and moderated up is what tells me it's a functioning system of free expression.
Re: (Score:3)
Re:Trust no one (Score:5, Interesting)
And now, folks, it's time for "Who do you trust!" Hubba, hubba, hubba! Money, money, money! Who do you trust? Me? I'm giving away free money. And where is the Batman? HE'S AT HOME WASHING HIS TIGHTS!
So do you trust the Joker, or the Batman?
Re: (Score:3)
Neither. Did you not hear what GP said? Don't trust clowns.
Re:Trust no one (Score:5, Funny)
Well, if you know your comic-book history, you'd know that Batman had a homosexual relationship with Robin and was shown in the comics in bed [comicvine.com] with him.
If there's anything one learns from applying for a security clearance or worldwide politics in general, it's that nobody trusts homosexuals. I trust the Joker. Not only is he not a homosexual, and therefore trustworthy, but a proven innovator with plenty of experience thinking outside the box. I trust the Joker. Not Batman, as Robin has too much filthy blackmail on him.
-- Ethanol-fueled
I trust Cat Woman, and if she is homosexual that would be so hot.
Re: (Score:2, Insightful)
Re:Trust no one (Score:5, Insightful)
Applying the mantra of open source to the underlying mathematics: Learn the mathematics of cryptography yourself to find the bugs within the mathematics. Don't place your trust in any person other than yourself.
Which is why I always x-ray the concrete and perform a full metallurgical analysis on the structural steel before I drive across one of those government-built bridges. Sure, I had to do a four-year engineering degree, but it was worth it.
Seriously, "trust no one, and validate everything from first principles" breaks down very quickly if you try to apply it to any but the narrowest portion of your life. Figuring out workable and robust ways to evaluate trustworthiness of other parties is a damn useful (and equally damn difficult) problem.
Re:Trust no one (Score:5, Insightful)
Applying the mantra of open source to the underlying mathematics: Learn the mathematics of cryptography yourself to find the bugs within the mathematics. Don't place your trust in any person other than yourself. Especially don't worship some brand-name as a god who, as diviner-intercessor, is your sole information-provider on the subject.
Care to point me to the "mathematics" of AES? How about SHA-2? For that matter, will studying the mathematics of RSA make it clear why a chosen ciphertext attack renders RSA with PKCS#1 v1.5 padding vulnerable, and how using Optimal Asymmetric Encryption Padding instead addresses the issue?
Seriously, the above is laughable advice. Oh, by all means learn crypto if you're interested, it's a fascinating subject -- one which you can easily devote your entire lifetime to, though you'll have to pick a sub-specialty if you really want deep understanding of the sort that will let you meaningfully evaluate the security of some real-world elements.
The reality is that you must rely on someone else. Even serious academic cryptography researchers make no claims to be able to fully understand anything outside their narrow area of focus, and they're also quick to point out that even when the theory is great, implementations may contain subtle defects which are extremely hard to find. The "open source" mantra is indeed exactly what we need, but your average developer -- bright though he or she may be -- simply doesn't have the background needed to contribute very effectively, and it doesn't make sense for everyone to invest the time needed to acquire that much background.
Instead, what we need is what we have: An open security research community. It could be bigger, of course, and I'd encourage anyone who has an interest in this stuff to get involved. And I'd also encourage everyone else to become more informed. But expecting to be able to make a significant contribution to improving security with just a little math is misguided.
Re:Trust no one (Score:5, Informative)
That's a huge jump, and a red flag for a shitty argument. As you wrote it, yes it is misguided. You don't have to make a significant contribution, just understand what's already out there. And it's way more than "a little math".
Yes. That was simple, wasn't it?
Actually, no. Simply understanding the mathematics will not make it clear. Understanding the math, then having it pointed out, or reading Bleichenbacher's paper, will make it clear. But merely learning the math will not... else it wouldn't have taken decades for someone to discover that problem.
The MD5 collision was an algorithm based on math.
No, it wasn't/isn't. MD5, like all modern hash functions, are based on repeated mixing. It can be modeled mathematically, but it's not "based" on math in any meaningful sense.
But the basic statistical analyses which show whether something may be vulnerable, is all math.
Yes, statistics is math. Do the stats for me and tell me if SHA-256 is vulnerable, would you?
The math for AES can be found on the wikipedia.
The algorithm can. Block ciphers aren't really based in any meaningful sense on mathematics either. Mathematical tools are used to model them and look for weaknesses... but there's also a healthy dose of good "intuition" that goes into cipher design.
The current choices for Dual ECC were proven suspect by math.
Partly. The concern derives as much from observation of process as from the math.
The advice is not laughable in context- trust no one. And, it's not impossible to learn this stuff, you can either choose to or choose not to.
I've spent a big part of the last 20+ years learning it (among other things; I'm not a researcher and crypto is only part of my job), and I work with a bunch of other people who've devoted their whole lives to it. And you know what? If you ask them if anything is good, they'll immediately start looking for research papers to find out... because there is no realistic option but to trust the work that others have done, and which has been peer reviewed and vetted.
Don't trust the researchers - verify it yourself. That's not original research, it's just common sense (for the paranoid).
That's not what the researchers do. But you're smarter and more paranoid than they are. Gotcha.
Re:Trust no one (Score:4, Interesting)
Trust might be too strong of a word, but you do need to defer to authority if you interact with society at all. I don't think it is possible to be an expert in everything that you use or interact with on a daily basis and - unless you eschew medical care - you will defer to someone with a medical education at several times in your life. So no, you don't need to trust Schneier or anyone else in cryptography. But your only alternatives are to not use it at all for the purpose you were considering or become educated enough in the field to make your own judgements.
Back on topic, even if you don't trust that the encryption won't frustrate the NSA, it is probably fine for most people's business purposes.
Comment removed (Score:4, Funny)
Re:Trust no one (Score:4, Interesting)
The fundamental problem is that as the size of your data set increases linearly, the number of false positives increases exponentially. More computers will not fix this because humans can't be reduced to a series of if/then statements, the computer will either miss gobs of important info or spit so many false positives at you to be worthless. It takes annalists to sift through data making connections and with this data deluge their scarce time and effort is wasted chasing dead ends.
How ineffective is mass surveillance? The Soviet Union and Warsaw pact nations back in the day could not stop the illegal drug trade operating within their borders despite trying as hard as they could to do so. Think about that, nations where you need to apply for a frigin passport to go to the town 10 miles over for a weekend could not interdict and stop the illegal drug trade even while monitoring a massive portion of the population.
What kept the population under control at this time was the government controlling the information the population received. Do you think the North Korean government would last 10 minutes if everyone there was suddenly made aware of living standards outside their country? Likewise in the Soviet Block, people there only had vague rumors of the living standards of the west that could easily be disregarded as exaggeration or propaganda.
Intelligence needs to be focused. Casting a bigger net doesn't do you any good when doing so gets you more bycatch than fish. Sure the intelligence agencies love it because it gets them big budgets, but it doesn't make them more effective. If anything, it makes them LESS effective.
Re:Trust no one (Score:5, Insightful)
Hrmmm... You have a great point... More computers won't make the job easier... Smarter computers will...
Look at Watson... Specifically designed to measure the value of information in both directions and use these values real time as it sorts through massive amounts of data...
Areas where humans were thought to be the only solution, here comes Watson...
Law, medical diagnostics, computer software troubleshooting, etc...
These are all areas where Watson will soon dominate...
We can only hope the Utah data center will NOT have IBM as one of the contractors...
Re: (Score:3)
Just because a computer can compete on Jeopardy and do a decent job of recommending cancer treatments, which are all double checked by humans BTW, does not mean it won't spew garbage when given terabytes of new data every day. Real intelligence is non-algorithmic, a computer will never be be to match it, only perform a crude simulation of it.
Re: (Score:3)
Here is a link that will explain it in better detail.
http://www.wired.com/opinion/2013/02/big-data-means-big-errors-people/ [wired.com]
Just like bankers who own a free option — where they make the profits and transfer losses to others – researchers have the ability to pick whatever statistics confirm their beliefs (or show good results) and then ditch the rest.
Big-data researchers have the option to stop doing their research once they have the right result. In options language: The researcher gets the “upside” and truth gets the “downside.” It makes him antifragile, that is, capable of benefiting from complexity and uncertainty — and at the expense of others.
But beyond that, big data means anyone can find fake statistical relationships, since the spurious rises to the surface. This is because in large data sets, large deviations are vastly more attributable to variance (or noise) than to information (or signal). It’s a property of sampling: In real life there is no cherry-picking, but on the researcher’s computer, there is. Large deviations are likely to be bogus.
Re: (Score:3)
Just double the encryption (Score:5, Funny)
Re:Just double the encryption (Score:4, Informative)
This is why we need a "+2 insightful AND funny" category, dammit.
One-time pad (Score:2)
Well, if you XOR with a good random one-time pad, I don't think that anyone can break your encryption ever, not even with a quantum computer.
The ROT13 is just unnecessary fluff.
--PM
Re: (Score:2)
I use 2ROT13.
Re: (Score:3)
Chained-XOR (say, XOR-ing with the key byte sequence -and- the preceding file bytes in the last XOR-ing round, with an arbitrary key length) is actually quite secure.
IIRC, it is one of the techniques that automatically qualified an algorithm as an unexportable "munition".
Re: (Score:3)
Whats funny about that is, I am pretty sure I suggested XOR in CBC mode to someone recently as a joke. Didn't even realize I was suggesting they use unexportable munitions :)
Re: (Score:2)
I do the same, I ROT13 and XOR the resulting text with itself. Completely unbreakable, and as a bonus, the encripted text compresses pretty well.
Re: (Score:2, Insightful)
If you develop your own crypto system and never share it with adverse parties that really want to show you up publicly - then
A.) Your system isn't secure
B.) You will have a false faith in the security of your system.
If you don't already understand this, that's fine, but it means you shouldn't be giving out advice about crypto systems, as either you haven't actually done any research into the history of crypto OR you want to mislead people.
Re: (Score:3)
Blah blah blah, of course I understand cryptosystems. But the fact of the matter is, you shouldn't inherently trust that the system itself is secure. If party C can't figure out how a message was encoded, they can't exploit gaps in that encoding to extract your message. There's no ifs ands or buts about that.
The fact is that people with the will and money to crack RSA can, given just a public key and a ciphertext. You can talk about the theory of interception all day, but the practice is all that matter
Re: (Score:2, Insightful)
Blah blah blah, of course I understand cryptosystems. [...] If party C can't figure out how a message was encoded, they can't exploit gaps in that encoding to extract your message.
This statement proves that you do not, in fact, understand cryptosystems.
Re: (Score:2)
This assumes your adversaries only have the encrypted message. If they have your code, nothing but the math is going to save you.
Re: (Score:3)
There are *large* *families* of attacks that are higly paralelizable and automated that will break any combination of, e.g. XOR+substitution. It won't even *notice* you layered two levels, it will break both at the same time as it goes because it is actually attacking the composite transformation.
You missed the part where he ran it through the 'industry standard' encryption as well.
Don't fucking try to cook your own cypher. Just use the correct chain mode for what you need, one of the highly studied block c
Comment removed (Score:5, Funny)
Re: (Score:2)
Re:witch (Score:5, Funny)
I am absolutely certain that Bruce Schneier weighs the same as a duck.
Re: (Score:2)
As long as they're both in salt water...
Easy (Score:5, Insightful)
and has put in effort to determine which cryptosystems should still be considered safe.
Have someone(s) double check his work.
We should be doing that anyway, even for someone who is 100% trusted.
Re: (Score:2)
If they're 100% trusted we should then have it notarized that they wrote every document that their name is attached to.
Re: (Score:2)
Re: (Score:3)
and who do you trust to double check his work?
I will never trust ... (Score:5, Funny)
... Anonymous Coward. There are some very suspicious posts he makes. And besides, he seems to never sleep.
He's pretty up front about... (Score:2, Troll)
...not trusting and simply relying upon his evaluations and pointing out that you need to think for yourself.
Not a very positive trait for the NSA irrespective of their goals.
Trust him to do what? (Score:5, Insightful)
If you're talking about absolute trust, i.e. "I trust him" = "I trust him to do anything", you should probably have your head examined.
Phrase your questions better and you will get more useful answers.
Oh please (Score:4, Informative)
If we can't trust old Bruce, we're all screwed. Though possibly we are anyway. But if he's an asset, he's pretty well disguised.
Re: (Score:2, Insightful)
Dude, Bruce Schneider doesn't even trust his own private keys. That should be a lesson to us all.
I'll trust Schneier ... (Score:4, Insightful)
Re: (Score:2, Insightful)
And how Al Queda won the war on terror.
Re: (Score:2)
Not really. Because after the first few false claims, I would no longer trust him. Or anyone else playing that game for that matter.
Tinfoil hats over here! (Score:2)
I've got exactly what you need [urbandictionary.com]! Tinfoil hats are cheap [amazon.co.uk]. They are easy, to make too, it takes less than two [youtube.com] minutes. Don't believe the MIT study [theatlantic.com] that debunks the time honored tinfoil hat, it's a government conspiracy you know!
Don't worry, there are support groups [meetup.com] for conspiracy theorists! Now I know like any number of other conspiracy theories those pesky facts might get in the way [popularmechanics.com]. However, learn from Joseph Goebbels [psywarrior.com] and don't ever let logic, facts or reality get in your way. I know you look like a raving l
When all hats are tinfoil (Score:2)
Here you are an answer, which you might not like (Score:5, Insightful)
Problem: Paranoia
Solution: None
Re: (Score:2)
Well, you can always just trust the computer. The computer is your friend.
seriously? because SCIENCE! (Score:5, Insightful)
Bruce Schnier may be the front-line spokesperson for the security community, but that should be completely separate from his body of work in cryptography. At the bottom line, he's doing mathematics, and mathematical proofs can be reproduced and confirmed -- or debated and disproven -- by anyone else in any country with sufficient background to understand them.
He is not some guru spouting unprovable wisdom from a mountaintop, he is a member of a scientific community, and if he is able to earn and keep the respect of that community, then that's a pretty good indication that he knows what he's talking about.
Re: (Score:2)
There is something else. Bruce Schneier is a public figure in the cryptography area. Scientist need to fight for money and a large part of it comes from reputation and fame. If Bruce said something that appear wrong to security researchers, they would speak up, just to be "the one that knows better".
Re: (Score:3)
I think misinformation in mathematics can be easily detected. Not only is math universal, it's also impossible to launch satellites or go to the moon without it. We would've noticed AND corrected any deliberate diversion of the sciences.
See if you can build a bridge out of him (Score:3, Funny)
SubjectsInCommentsAreStupid (Score:2, Funny)
Just be sure to have enough matches!
Re:SubjectsInCommentsAreStupid (Score:5, Funny)
Let the whitch hunt begin!
Whitch hunt would that be?
Logically retarded (Score:5, Interesting)
Has Schneier given us bad advice? So far, so good it seems.
Has Schneier been a vocal critic of the NSA? Yes.
Has Schneier been on this file for a really long time? Yes.
Do you have any evidence that he's in cahoots with the cryptofascists? No.
So, all you have is a speculation to tear down the reputation of one of the good guys, a thought experiment, based on no evidence, but one that has real world consequences of spreading fear, uncertainty and doubt regarding someone who is fighting the good fight.
Therefore, I would humbly suggest that I could and do logically conclude that YOU are a tool of the NSA, not Schneier, and furthermore, I have more evidence than you do: Your suggestion to consider Schneier as less than reliable based on zero evidence.
Re: (Score:3, Insightful)
1. They are playing devil's advocate, not to tear down someone's reputation, but actually to question it in order to put it on a more solid foundation. That is not self defeating, but rather a typical method of proof by dialogue.
2. Your argument seems to be based on deflecting the claims back on the questioner. That doesn't answer the original question about Scheier. Also, your evidence against the writer of the summary is circumstantial.
3. If anyone actually has any evidence against Schneier's trustwort
Trust no one (Score:5, Insightful)
Re: (Score:3)
Seriously. The mere act of trusting someone will eventually lead to that person betraying said trust. Trusting someone puts them in a position of power, and power corrupts. You can't trust anyone.
That's a very good statement. I trust you completely.
Learn to Judge by yourself / dont just trust (Score:3)
Hi,
read his papers check the hints within, its even possible for non crypt-math geeks to get a background understanding, because
there are many more out there. Work out differences in their argumentation, dont just think because there is a citation it can be trusted, check what`s
behind a citation.
Wikipedia is the best entry point for you.
Check Argumentation on a logical level, and question the argumentation, especially if it fits the known problems till know, when it remains true, you have a good chance that its really true.
Trust cannot be proved (Score:2)
It's a subjective measure, based on long experience with someone and someone's writings. It's much easier to assess trust from personal contacts, but even then you can get thoroughly disappointed - just think of some types of failed marriages as an example.
The question is why would you personally have to trust Bruce Schneier? I don't have to, in order to enjoy his books and blog posts and make up my own mind. Has he recently asked you to hand over the masterpassword for you computer?
Regarding business with
...and it's come to this, hasn't it? (Score:5, Insightful)
Anything is possible I suppose. To me, it was no surprise really. I do have to say that, having worked with individuals in the security community, the primary focus really is the safety of our way of life at the hands of those who would subvert it.
The problem comes when those of less character use the government apparatus for control, political or other purposes. It's the same reason police and military need to be kept separate - one enforces the rule of law, and one protects against enemies. When those lines are blurred, history has demonstrated repeatedly that individual rights suffer. The degree to which this happens is the degree of the moral compass of those at the helm of this extremely powerful surveillance apparatus.
I'm not sure how many true boy scouts are really left running the show up there, but I do know this: the more paranoid we get, the more we lose. All of this need not come to pass in this way. One of the most important things I learned in my time in this world was "trust, but verify" and it rings true today. You can still trust the message that Bruce Schneier has. We have to, for otherwise we will be consumed by our own paranoia. But to verify is probably the most important point. That's where openness and information sharing in the spirit of open source is paramount and what will lead us to the proper conclusion on this matter.
Why? (Score:5, Funny)
He Would Agree (Score:4, Insightful)
This question is stupid. It would not matter if he was the most honest, intelligent, and experienced security expert in existence, he would tell you the same thing, do not trust him.
What about ourselves? (Score:4, Insightful)
538 (Score:2)
As an exercise in security that Schneier himself may find interesting, what methods are available for proving (or at least affirming) that we can trust Bruce Schneier?
What's good for the goose is good for the gander. [xkcd.com]
The Schneier AI: (Score:3)
He's really version 2.0 of a long term general intelligence project running on a supercomputer at Fort Meade.
Version 1.0 was called Henry Spencer and was developed in Canada.
(The original graphics version now used for videos of him started out as Max Headroom. This demonstrates yet again, it's much easier to improve on the presentation than the underlying system.)
Re: (Score:2)
Hold on ... (Score:2)
There's two reasons to potentially not trust Bruce Schneier -- he's in cahoots with the NSA (and by "cahoots" I mean involved in a conspiracy to somehow impact you) or he's biased against the NSA, in which case his opinions are equally untrustworthy.
It doesn't matter why someone's opinion isn't neutral -- its just as invalid to blindly trust it if that opinion matches yours or not. In fact, its probably worse to blindly trust it if it happens to match yours because you already have a bias.
The test (Score:2)
though Bruce's lack of a proper martleman beard will probably count against him.
Tinfoil hat time (Score:2)
Here is where we can even add a layer of lead to our tinfoil hats. What is to say that the NSA doesn't have working quantum computers? Thus almost any system that is susceptible to any sort of quantum math such as factoring is quite simply dead as far as the NSA is concerned.
This last is an important cons
How did this drivel (Score:2)
have a Bruce Battle Royale (Score:2)
Put Schneier in a ring with Bruce Wayne, Bruce Willis, and Bruce Lee. See who survives.
Re: (Score:3)
"Put Schneier in a ring with Bruce Wayne, Bruce Willis, and Bruce Lee. See who survives."
Obviously the answer is no one. Lee is already dead, and he will still kill all the others before they can make it over the rope.
Trust But Verify (Score:2)
No (Score:2)
Tyr: Trust no one
Prince: Can I trust you?
Tyr (incredulous): No!
We can trust Bruce...to say perfectly safe things (Score:2)
Trusting US Persons? (Score:3)
Bruce Schneier (Score:5, Interesting)
A little history here... (Score:3)
One of the early projects that Schneier lead, precipitated by the Y2K date crisis, was a security evaluation of old COBOL system (code-named "ZEBRA") that was still being used by a certain un-named U.S. Government agency.
This mainframe software had not been maintained for some years, except by patching the binary image; no online version of the source code was available. It would be too hard to audit that way, so they decided to upload the original code (from paper), recompile, diff against the binaries, and eventually reconstruct accurate source code for the Y2K bugs and security issues.
Schneier's group decided to use OCR. The source code had been "line printed" [wikipedia.org] on "greenbar" paper, where alternate lines have a light green background stripes for contrast. The problem was that OCR scanners of the day were designed only for black-and-white, and would get confused by the green stripes, and sometimes mis-scan some letters and numbers [slashdot.org], making this source code unreliable. This required them to manually read and type in corrections, to about half the code!
Bruce Schneier is an outspoken critic of agencies like the DHS and the TSA, but he has been a consultant for the Government in the past. And as you can see from the above story, he was originally an early proponent of scanners, and only in more recent years has spoken out against them [schneier.com]. So it is quite reasonable to ask if Bruce Schneier has ever changed his stripes [snopes.com].
Re: Learn math (Score:5, Informative)
You know he's designed several ciphers, right? Blowfish, Twofish, perhaps you've heard of them? Twofish was an AES finalist. If that doesn't give him credentials, what does?