Dennis Fisher talks with cryptographer Bruce Schneier about the revelations of the NSA’s capabilities to subvert and weaken cryptographic algorithms, security products and standards, and what it will take to help defeat these capabilities.

Download: digital_underground_125.mp3

Subscribe to the Digital Underground podcast on 

Categories: Critical Infrastructure, Cryptography, Podcasts, Privacy

Comment (1)

  1. Deramin
    1

    “…That’s the amazing thing of this: it validates all the paranoia. And I think in some ways that’s the biggest harm. That when we know the NSA is doing these sorts of things, we now no longer know what to trust. We can’t trust anything. It’s possible that they’ve only done this to half the protocols on the Internet. But which half? How do you know? You don’t. If a company says, ‘Well, it’s not us,’ you can’t trust them.The CEO who says it might not know. The company itself might not know. So it’s this lack of knowledge, this lack of certainty, that will fuel all this speculation. And since the NSA is no longer trusted, they can’t say, ‘No, no, here’s the real truth,’ because we’ll never believe them. We’re kind of stuck in a very, very bad situation.”

    That is the very best explanation of how insidious this behavior is and why it is so evil. The actions the NSA has taken, however well meaning, have created a situation that is at least as evil and harmful as the one which they were trying to prevent.

    As far as trust goes, a great security teacher I studied under was fond of saying, “Trust is like virginity. You only lose it once.”

Comments are closed.