Share this page!

iang Profile picture
Twitter logo
9 Nov, 8 tweets, 3 min read
ORF (media) in Austria report that 5 eyes Intelligence Community have convinced EU Council to secretly resolve for a total EU backdoor on end-to-end encryption.

(in German) fm4.orf.at/stories/300893…

Draft Resolution:

files.orf.at/vietnam2/files…
There’s some gems in this (drafty) resolution:

They’re going to steal money from the Recovery and Resilience Facility to “advance objectives” relating to cybersecurity.

How broken is that? 🧐 Do they know no shame?
The meeting of JHA Counsellors (Encryption) whatever they are also called out quantum encryption.

Does this mean

- they want to backdoor quantum encryption as well,

- pay off their academic advisors, OR

- they have no clue what they are talking about?

the bind moggles… 🤨
Oddly, they seem entirely aware that the European Court of Justice has ruled that strong protections including full encryption must be available when moving data outside the EU.

Setting up for ECJ to tell them they can’t have their cake and eat it too?
The problem with this statement - that it is essential to break encryption to fight various crimes - is that it is just not true.

The evidence that has been surfaced through court cases and the like has pointed out that encryption did not slow or hinder the investigation.
This untruth reveals that the real purpose of the breaking of encryption is for intelligence community (IC) mass surveillance. The reason we know this is that it has been the same pattern for 30 years (who remembers FBI's Louis Freeh?):

IC speaks through Justice ministries.
Section 6. Legal Framework plays the olive branch tactic of “cooperation” with industry that has so well failed in the past.

As there is no plausible solution that ensures the safety of customers, their only option is 1) legislate 2) force backdoors thus 3) Break the security.
As a simple argument - the call for a consistent framework ensures broad surveillance across EU.

Access to 30 countries’ backdoor farms by 30 “competent authorities”...

Can the EU guarantee lack of corruption in 30 police & intelligence agencies?

No. Fail.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with iang

iang Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @iang_fc

iang Profile picture
23 Oct
@Steve_Lockstep @joerosato @csuwildcat sorry, it’s 50 mins long, I don’t watch much video, so speaking from generalisms and hints:

As a term, PKI suffers the same problem as ‘identity’ - it means different things to different people. Consequently, as a sector, it’s totally unreliable as a term. It can mean...
@Steve_Lockstep @joerosato @csuwildcat Use of Public Key cryptography in a technical system - that’s the PK part dominating. OR

Infrastructure around PKs to make the PK do or mean something. OR

Identity system based on PKI, implying use of private key is proof of person. Or...
@Steve_Lockstep @joerosato @csuwildcat X.509-based PKI which locks in a particular technology *and* a set of meanings/doings which don’t work *and* a set of companies that extract rents for little benefit, which extraction works a treat.

So, 1st order question is, what is this person meaning when using the term PKI?
Read 10 tweets
iang Profile picture
21 Oct
OK Twitter is censoring the original link to that article which is on a web site called strategic hyphen culture dot org.
Here is the response if the website strategic hyphen culture dot org is included in the Tweet:
Here’s the part I wanted to highlight, which is important!

💥 "The prize that America truly seeks is to seize for itself over the coming decades, all global standards in leading-edge technology, and to deny them to China.” 👈 👆
Read 5 tweets
iang Profile picture
17 Aug
A rant on the USA Election. If you’re uninterested you know what to do.

zerohedge.com/political/aoc-…

As we move closer to November, it’s somewhat non-controversial to say this USA election is the most divisive in living memory. I at least can’t recall one as divisive. 1/34
Reasons are obvious but I want to point out one reason that isn’t obvious, it’s the “NEVER TALK ABOUT…” rule.



zerohedge.com/political/fec-…

I’ve in the past alluded to this - the opening of Pandora’s box in the 2016 USA election. 2/34
Few have picked up on it, so to save some 150 million or so American voters some angst, it’s worth surfacing. Here’s the QUESTION:

Who’s hacking the USA election?

zerohedge.com/political/durh…
3/34
Read 34 tweets
iang Profile picture
9 Feb
This is a great research attack on a SWIFT-using payment institution (likely a British bank allowing the research to be conducted).

But I was struck by how the architectural flaw leapt out and screamed HIT ME HERE! 1/
Here’s the flaw: SAC is a flag that says signature verification and RMA (Relationship Management Application) authorisation and verification was successful.

Let me say that more clearly: SAC says verification is done. 2/ Image
The flaw is this: the SAC isn’t the authorisation - it’s a flag saying there was an auth. Which means, in short SWIFT messages do not carry any role-based authorisations.

They might be authorised, but it’s like they slapped a sticker on to say that.

Not good enough. 3/17
Read 19 tweets
iang Profile picture
1 Jan
Thoughts on momentum accounting financialcryptography.com/mt/archives/00…

I see a connection between Ijiri’s momentum accounting and cryptographic receipts, both called triple entry, so I'll try and draw it out. 1/10
Ijiri's third entry is a derivative of two successive accounting entries, making it like momentum in physics. Therefore, he suggests, we could in effect use this 'calculus' technique on accounting records to predict the future direction of activity. 2/10

warrenhenke.com/writing/essays…
altho everyone wants to know the future, I am not comfortable with the notion that you can measure momentum by doing a 'calculus' over accounting records. As his third entry is derivative information, I suspect that its conceptual value (use) is limited by fraud / deception. 3/10
Read 11 tweets
iang Profile picture
15 Oct 18
10 years ago I annoyed the entire crypto-supply industry:

Hypothesis #1 -- The One True Cipher Suite

iang.org/ssl/h1_the_one… 1/7
The One True Cipher Suite was born of watching projects and groups wallow in the mire of complexity, as doubt caused teams to add multiple algorithms- a complexity that easily doubled the cost of the protocol with consequent knock-on effects & costs 2/7
The One True Cipher Suite was widely ridiculed in crypto and standards circles. Developers and standards groups like the IETF just could not let go of crypto agility. This sacred cow led the TLS group to field something like 200 standard suites 3/7
Read 7 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get email notifications when new thread is out from this Author!

Check out other threads from this Author!

Read all threads by @iang_fc