Eben Moglen and I Talk about the NSA
Last week, Eben Moglen and I had a conversation about NSA surveillance. Audio and video are online.
EDITED TO ADD: The site seems to be down, so here’s a YouTube link.
Comments
Dilbert • December 20, 2013 8:03 AM
Looks like the site has been /Schneiered 😉
jackson • December 20, 2013 8:32 AM
Is there such a thing as Intellectual Communism? What does it look like?
John • December 20, 2013 8:34 AM
Use the torrent, and prune it to only get the ogg, VLC has no issues with it.
Fredrik • December 20, 2013 12:37 PM
http://www.softwarefreedom.org is entirely unresponsive now. A torrent/magnet link would be appreciated.
unimportant • December 20, 2013 2:21 PM
I share the opinion that Snowden’s revelations are authentic. I am in doubt whether humanity can withstand surveillance: The last attempts resulted in revolutions, but the ultimate fight for humanity is right now when we have to deal with high tech surveillance which was not available in former times. Aggressive surveillance affects our conscious behavior until we are humanoid robots. The constant surveillance of every transaction and instant cruel punishment without considering the contexts will unconsciously force us into the allowed thought patterns (to that of the average consumer).
DB • December 20, 2013 3:18 PM
I have non-technical friends who no longer carry their cellphones around with them everywhere they go. They now sometimes leave them at home when they go out, because of government releases and admissions that it’s tracking everything you do and everywhere you go.
I have another friend who sat his son down and lectured him about the dangers of searching on the internet nowadays for things, when his son was researching different guns online.
I have also tried using cash a bit more instead of plastic every time I buy things… it’s not as hard as you might think…
This mass surveillance is already altering the behavior of society already on a mass scale. The differences may seem subtile now, but it will get worse before it gets better I think.
Bob Robertson • December 20, 2013 3:34 PM
4:30 ET, still down. Silly people, better a slow server than no server at all.
Simplify your web pages! Static HTML.
unimportant • December 20, 2013 3:59 PM
@DB, trying to hide is not solving the problem if at least the majority of people are surveilled, because the system can identify you as unobservable and punish you accordingly after a surveilled transaction. And the rules are not necessarily published because this would address only your conscious behavior and not train you unconsciously.
unconsciously • December 20, 2013 6:16 PM
maybe you should get this guy to host your videos:
http://wipkip.nikhef.nl/events/
seems to have a lot with large files
Sam • December 21, 2013 2:19 PM
Does anyone else wonder if AES extensions built into the Intel chips and the Apple chips have similar weaknesses built into by the NSA? A pseudo clipper chip?
A bad random number generator?
WaytoomanyUIDs • December 21, 2013 7:15 PM
@ Sam:
Bruce Schneier says in the talk (at about 34 minutes) that OpenBSD no longer trust the hardware random number generator on Intel chips because Intel are known to co-operate with the NSA and a researcher recently published a theoretical method of creating an effectively undetectable backdoor in a hardware RNG.
I am not a security researcher, but IMHO If OpenBSD think sommething is dodgy, it probably is.
Carl 'SAI' Mitchell • December 23, 2013 2:40 PM
@Sam
We can’t know for sure. We do know they provide the same output for a given input, (so unless there’s a problem with AES the output is fine) but we don’t know if they allow a side-channel attack.
@WaytoomanyUIDs
OpenBSD NEVER trusted the RDRAND generator alone, and always mixed it with other sources. FreeBSD is the distro that just changed. Linux also never trusted RDRAND alone. No one should ever trust a single random source, but should instead combine sources with something like the Fortuna algorithm.
Nick P • December 23, 2013 3:37 PM
@ Carl
“No one should ever trust a single random source, but should instead combine sources with something like the Fortuna algorithm. ”
I’ll add this is always a good idea even if one isn’t worried about subversion. RNG’s, esp black box units, might experience any number of faults in their lifetime. Redundancy is very justified here due to importance of quality randomness and how quick/easy it is to gather data from many sources into a pool.
Bob Robertson • December 30, 2013 12:52 PM
Great talk, Bruce. Thanks for doing it.
Karellen • December 31, 2013 10:22 AM
In the Q&A, someone asked a question about the Underhanded C Contest, and you countered that if someone wrote code suitable for the Obfuscated C Contest then it would be rejected and/or rewritten.
Note that these are different contests, and the one that the questioner was talking about specifically is: “The goal of the contest is to write code that is as readable, clear, innocent and straightforward as possible, and yet it must fail to perform at its apparent function. To be more specific, it should do something subtly evil.” – somewhat in the manner of the 2003 attempt to backdoor the [Linux] kernel.
Subscribe to comments on this entry
Leave a comment
Sidebar photo of Bruce Schneier by Joe MacInnis.
Curious • December 20, 2013 7:52 AM
I am having difficulty loading the webpage and when I did so earlier I was unable to download either the mp3 or ogg file. (ca 1400 central european time 20. Dec).