undefined | Better HN

0 pointsmtgx10y ago0 comments

Is there anything state actors can't break into? There will always be vulnerabilities to fix. Apple's and other companies' hope is not to fall too many steps behind the state actors.

0 comments

lallysingh10y ago

PGP worked well enough for Snowden, right?

cookiecaper10y ago

Snowden had the element of surprise. They weren't actively trying to monitor his comms because they didn't know he was a risk until after the leaks. If the state wants to decrypt your messages badly enough, they have resources that they can devote to that (as well as multiple side channels that are probably easier than forcibly decrypting, including the infamous "beat with a wrench" trick). It's not trivial to defeat strong encryption, but it is doable given sufficient interest.

marvin10y ago

Is there any evidence that any actor in the world is (in general) capable of figuring out the contents of e.g. an AES-encrypted message with the key unknown, assuming good opsec and a good implementation? I agree with your statement that state-level actors have strong capabilities, but this seems like a blanket statement which is likely untrue.

5 more replies

woodman10y ago

> It's not trivial to defeat strong encryption, but it is doable given sufficient interest.

That is as wrong as saying that, given enough effort, you can make 1 + 1 = 3. Cryptography deals with unimaginably large numbers, to the point that for some algorithms and keylengths an exhaustive bruteforce attack would require more energy than exists in the universe.

1 more reply

j / k navigate · click thread line to collapse