> It seems like these days I can't eat breakfast without reading about some new encryption app that will (supposedly) revolutionize our communications -- while making tyrannical regimes fall like cheap confetti.
The point that my post was driving at is that simply having a great usable and secure encrypted chat application is meaningless in the face of a nation state adversary. The resources that they have available, and the approach that they take to unmasking people is not dependant on being able to read the content of their messages.
Using "Super Crypto Chat 5000" to protect your message content doesn't buy you anything if you're the only person using it, and you have access to information that would place you in a pool of suspects.
As we're now seeing with the Snowden documents, this is exactly how the national security forces see encrypted messages. They pay more attention to them, and they look at who is sending them to whom.
Finally, while a more accurate title might be "Clandestine Operative Tradecraft is Complex and Error Prone in the Face of Nation State Level Adversaries" that isn't really pithy.
of course they want to read the messages and it helps them tremendously, that isn't necessary for them to be effective as a security force.
Just wanted to take the time to ask: If you want anglophones to read up on operational security, and perhaps adhere to such tenets as prescribed in your articles, why are all of your sites plaintext and not secure?
Another tidbit is that they mostly seem to be listed under a subdomain of your namesake, meaning that a person perusing your blogs would still reveal that they were reading your work, even over a secure connection, since the subdomain is communicated in plaintext to resolve the dns lookup.
When writing about paranoia at the nation state scale, these details become important, because you're ostensibly educating english-speaking users on the black art of skull duggery.
A subdomain is a good way to ups fame, but it would be slightly better to engage in forbidden discussions of this sort, with a free blog platform that offers HTTPS service, and urls identified by solely the /uri?query=string, with respect to the domain, since the non-domain portion of the URL is wrapped in SSL's encryption.
;) ...otherwise, maybe some nation state now has a list of readers borrowing subversive literature from the public library, no? And so many of them showing ycombinator as their referrer! What a seedy little hotbed of intelligencia!
What makes you think those are "political" "feelings"?
> While I do think the title lacks specificity to the topic, I don't think it's incorrect or misleading.
I just changed my mind and I think the same thing as you do.