“Bizarrely the stubby pencil and piece of paper that you put your cross on in the ballot box is actually much more secure than anything which is electronic.”
Former MI6 Chief Sir John Sawers
“The approved systems have simply been shown to adequately resist whatever kinds of crypto-mathematical attacks we, with our finite resources and brains, have been able to think up. We are by no means certain that the [opponent] equivalent can do no better.”
David Boak’s (NSA)
Security expert Bruce Schneier — Chief Technology Officer of IBM Resilient, a fellow at Harvard’s Berkman Center, and a board member of EFF — just wrote a very short but highly important comment on the story of the CIA debacle in China. Follow us on Twitter: @INTEL_TODAY
RELATED POST: CIA Debacle in China — The Search for “PATIENT ZERO”
RELATED POST: The True Story of the CIA Debacle in China — UPDATE
RELATED POST: CIA Whistleblowers — “I, John Reidy, Declare…”
RELATED POST: Former CIA Jerry Lee Case — Why the Disinformation?
RELATED POST: On This Day — The Zimmermann Telegram (January 17 1917)
RELATED POST: On This Day — Enigma Machine Captured (May 9 1941)
After reminding his readers that a CIA intelligence network in China was exposed partly because of a computer security failure, Schneier concludes:
“People died because of that mistake. The moral — which is to go back to pre-computer systems in these high-risk sophisticated-adversary circumstances — is the right one, I think.”
The purpose of cryptography is to hide the meaning of a message for some period of time. If a military operation require acts of sabotage to be conducted before tomorrow 6:00 AM, it hardly matters if the messages are decoded in a week.
On the other hand, the identity of a spy must be protected for his entire life, and possibly forever. And who can guarantee that the codes used today will be safe in a decade?
Tech Icons: Claude Shannon
CIA’s Worst Failure in Recent History
CIA Network Exposed through Insecure Communications System — Schneier on Security
Think On These Things : Should Spies Use Cryptography?