>From: Adam Shostack <[EMAIL PROTECTED]> >Sent: Dec 11, 2004 4:52 PM >Subject: Re: Blinky Rides Again: RCMP suspect al-Qaida messages
... >It seems consistent that Al Qaeda prefers being 'fish in the sea' to >standing out by use of crypto. Also, given the depth and breadth of >conspiracies they believe in, it seems that they might see all us >cryptographers as a massive deception technique to get them to use bad >crypto. (And hey, they're almost right! We love that they use bad >crypto.) They're going to have the same problems as the rest of us using strong cryptography--configuration and usability problems, key management hassles, incompatibilities between versions and programs, etc. They have to do this with no central authority, no single support line or person who can reliably start things up and help them, in a basically decentralized way. The cypherpunkish idea of a decentralized conspiracy using strong crypto only works if either the tools are a lot easier to use, or if the conspiracy is made up of cryptographically sophisticated people. AQ is presumably made up of people who know a lot about the Koran, and probably a lot about day-to-day operational security against the Pakistani or Indonesian secret police, but there's not much reason to think they are very sophisticated about cryptography. If you can't get most computer-literate people you know to use PGP to send you e-mail, how well is it going to work to do with a bunch of random jihadis? -John --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
