Profile picture
Alec Muffett @AlecMuffett
, 10 tweets, 5 min read Read on Twitter
Clearly @schneierblog has forgotten ITAR, let alone the moves against PGP in the early 90s, HTTPS in the late 90s, Java crypto in the early 2000s, wire-speed crypto in the late 2000s, & E2E more recently. Sorry Bruce, you're wrong.
nytimes.com/2018/10/11/opi…
The usual excuse at this juncture is "No, not _that_ regulation, of course; that was bad regulation, but this would be _good_ regulation"; regrettably there's a scope-creep associated with all regulation, it rarely pans out that way.
Of course if you want to live in a world where not merely do you have to dismiss value-free "we collect cookies" popups to browse a site, but also where you have to individually check-out software extensions if you want to do so securely, then go ahead and invite regulation:
If you want a world where apps that are provided through the official Apple & Google stores are only those which support cryptography that is equipped with a "golden back-door key" for public safety, then go ahead an invite regulation: eff.org/deeplinks/2014…
If you want a world where software is export-controlled ("The concept was well-meant") because it, like all software, is inherently dual-use and can be used for either bad OR good, then go ahead and invite regulation: sector.ca/what-the-wasse…
Yes, totally, Bruce does make some reasonable observations which are, or should be, already enacted: your app should not kill people; and companies who lose all your data should be spankable:
But Bruce falls flat on his face in the last two paras, because (a) Security should NOT take precedence over everything else - otherwise we would ban skydiving, or eating oysters, or cycling in London.

We take risks. That's how life works. We mitigate them and punish failure.
And anyone who thinks that a regulated market under state definition yields innovation, has not looked at the recent history of the British rail industry.

tl;dr - as ever, do not regulate the form of software or speech; regulate instead the intent & ends for which it is used.
@threadreaderapp unroll, please
/cc @leotanczt who inadvertently pointed me at this.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Alec Muffett
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @AlecMuffett see all

Profile picture
justsecurity.org/62114/give-gho…
1/ Applying this idea to WhatsApp, it would mean that—upon receiving a court order—the company would be required to convert a 1-on-1 conversation into a group chat, with the government as the third member of the chat. But that’s not all.
2/ In WhatsApp’s UX, users can verify the security of a conversation by comparing “security codes” within the app. So for the ghost to work, there would have to be a way of forcing both users’ clients to lie to them by showing a falsified security code, ...
Read 39 tweets
Profile picture
THREAD: QUESTION FOR ALL SECURITY PEOPLE — in this day and age, would you buy a single-vendor IT security solution which advertised itself as "the gold standard" for data security protection?

Would you give that claim any credence whatsoever?
The infosec world has a long-established term for such glib claims: "Snake Oil" - this terminology goes back to the 1990s or earlier, for vendors who were selling sub-par cryptography as "military-grade" or other supposed but meaningless description interhack.net/people/cmcurti…
Particularly telling for "Snake Oil" are the words and phrases that are used to describe the security solution, process, or tool, its development, mechanism, or vendor:

* "Trust Us, We Know What We're Doing"
* "Unbreakability"
* "Military Grade"

interhack.net/people/cmcurti…
Read 27 tweets
Profile picture
@breenemachine @alexstamos 1/ Well, I've been doing this stuff to 30 years and still learn every day/week; that said, the generalities are several thousand years old and after a while you will see the same issues coming up in new clothes. But you can read around the topic in your own time. […]
@breenemachine @alexstamos 2/ Maybe half of the people I have worked with in infosec have been CS students. There is no barrier to entry. I have worked with chemists, physicists (me = astronomer), med students, linguists, performing arts students, english lit majors, and some have have no college degree.
@breenemachine @alexstamos 3/ There are 2x main paths to learning: 1 is to seek formal education - cyber-this, ethical-hacking-that - and it's fine. You'll learn, but if you only learn "security stuff" then you'll be a pentester, and I love pentesters but lord, we have enough already.
Read 17 tweets

Related threads

Profile picture
0/ On a day that marked the 10th anniversary of the #Bitcoin #blockchain, the #crypto ecosystem has been ripe with updates and releases.

Below, I've pieced together a 15-part thread filled with developments from the past day or two. Hope it proves helpful!
1/⌛️ #Mimblewimble-based privacy #cryptocurrency BEAM (@BEAMprivacy) is scheduled to launch on mainnet today at 14:00 GMT!

The wait is over! Find out all about the release in the following announcement. medium.com/beam-mw/beam-t…
2/ 🗣️ @NEOErikZhang (Co-Founder & Core Developer, @NEO_Blockchain) shared that NEO's developers are on the verge of completing a slew of improvements re its dBFT consensus algorithm.

A release before next month's #NEOdevcon2019, perhaps?
Read 17 tweets
Profile picture
0/ A massive 24 hours in the world of #crypto and #blockchain.

To help you stay on top of it all, I've put together this thread. Just doing my bit to make your day a bit easier!
1/ 👾 @TRONFoundation [ $TRX ] revealed it will be establishing a #blockchain game fund dubbed #TRONArcade. Up to $100M committed for use over the next 3 years!

Click through to learn more about #TRON's plans to build out the blockchain game ecosystem. medium.com/tron-foundatio…
2/ 🧸 U.K.-based @CryptoKaijuIO, a startup offering designer vinyl toys that are traceable on the #Ethereum #blockchain as an NFT, has officially launched.

The first kaiju, Genesis, is now selling for $55. Check it out! cryptokaiju.io/product/genesi…
Read 24 tweets
Profile picture
D'accord, vous l'avez bien cherché : je vais vous faire une histoire toute illustrée et chatoyante du #wax, ce tissu que (selon ce que #RokhayaDiallo a dit au #Feministival) les « blanches » n'auraient pas le droit de porter sans culpabiliser

[thread] ⤵️
3, 2, 1 : petit voyage dans le temps et nous voilà en 1637, quand la Compagnie néerlandaise des Indes occidentales s'empara du port d'Elmina sur la Côte d'Or (aujourd'hui #Ghana), détenu depuis 1471 par les Portugais.
À Elmina il n'y avait pas de wax, mais de l'or, de la maniguette et des esclaves, beaucoup d'esclaves.
Les puissants Ashantis, qui gardaient le contrôle sur l’intérieur des terres, vendent aux hollandais leurs prisonniers, surtout d'ethnie Fanti.
Read 23 tweets
Profile picture
"World After Capital: Limits of Capitalism" worldaftercaptial.com via @albertwenger
original link didn't work, this one does: continuations.com/post/175471097…
Capitalism is a social construct, and as with all social constructs, it too will evolve or be replaced over time.
Read 8 tweets
Profile picture
[THREAD] Best podcast episodes on #Crypto #Blockchain #ICO #Token #Bitcoin economy in 2017 (ranked randomly) + bonus: best overall podcast episode waiting at the end!
1) The quiet master of cryptocurrency w/ @NickSzabo4 & hosted by @tferriss: overcast.fm/+KebvPT3c8
2) Why crypto tokens matter w/ @cdixon & @FEhrsam hosted by @a16z: overcast.fm/+BlzGAkAKA
Read 16 tweets
Profile picture
Allez, petit thread inspiré par ça, tellement c'est plein de banalités, encore trop répandues. #Réalisme
Commençons par "Le réalisme est un courant de pensée politique qui affirme que les considérations idéologiques ou morales ne doivent pas...
intervenir dans l'action diplomatique." C'est historiquement faux. Raymond Aron a un long développement sur l'importance de la morale.
Read 30 tweets

Trending hashtags

#mimblewimble #Bitcoin #renewable #LelandIngrahamKeyser #Ethereum #LightningNetwork #ERC20 #bigoted #blockchain #IOTA #stablecoin #TCDisrupt #HuobiOTC #crypto #ETHLend #Amazon #Poloniex #YouTube #BUIDL #cryptocurrency #internet #buidl #Augur #HyperledgerFabric #CryptoTuesday

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!