Bingology - The Blog of Aaron 'BingoBoingo' Rogier

ADD7A9A28F85E5EF1F51904F309BB8D7F3251143
About | Contact | PGP Public Key | Archive
« ATC Trading September 2014 Statement
Collaborations »

Negative Security: Your Local PD Selling Holes Like A Cheap Pimp

Recently there as been quite a bit of outrage theater over the fact that iOS 8 has some form of encryption enabled by default. Let us ignore that iOS 8 encryption as inspired a bunch of panic theater without introducing any security at all. Oh, you ask what is "panic theater?" well let me show you.

Panic theater is why neither you nor your descendants will ever have good things. It's closest relative is security theater, also know as the reason why you take a plastic shiv through American Airports when you value your knee space. At least security theater offers measure that almost improve security. Panic theater on the other hand tries to get you to actively embrace insecurity. Is your local police department offering you a software download to "protect your children" while the software actually makes the product of your seed more vulnerable to pedophiles? If you live in the United States and trust your local county mounties for software recommendations this could actually be the case.

So there exists a piece of commercial computer software known as ComputerCop. The market for this piece of software is not end users, but local and county police departments that then offer the software to end users with their own logos substituted in. You local 5-0 gives the developers money, the developers give the 5-0 their own branded version of the program, and who needs a Heartbleed or Shell Shock because this software includes little more than a keylogger which exists to send you and your children's keystrokes across the Internet completely unencrypted. The Chicoms, Kim Jung Un, that creepy fucker with half a mustache... This police branded software makes you passwords and any other information you pass through a keyboard fair game for the whole bunch of the malefactors.

Problems like this never happen in isolation though. Eric Holder wants to open a war against consumer electronics using any encryption at all, even though the devices spurring this declaration have so many fucking side channels that even Barney Fife could not fuck up the process of seizing a device and keeping its contents available to law enforcement.1 Eric Holder and every other mother fucker who has decided to rally around encryption now is cribbing around the exact same "think of the children" playbook they did in the 1990's when the battle was over key escrow. How about instead of thinking about computing hardware we turn our attention to the actual problem in the war on pedophiles, the children.

First off, pedophiles are rare. Rarer than abortion if you base your measure using the number of protesters each phenomena generates.

Second, pedophiles have a clear target they desire and that target is not general purpose computing devices. Oh no. What the pedophile wants is children.

So how about instead of trying to put controls on computers, let us put the controls around the pedophile's actual targets... the children. Digital Rights Management while it has failed the music and film industries could undergo a new Renaissance among parents who want nothing more than to keep their children from falling victim to Pedobear or their Parish priest. The potential mechanisms that could be leveraged are endless. Imagine an explosive collar around a child's neck that detonates when a pervert tries to snap their picture without the parents explicitly allowing the picture. Instead of years of therapy and victimization to relive the child without pain to themself offers the aspiring pervert decades of nightmares when the alarm fires in their collar.

Is this an extreme solution? Well it isn't as extreme as handing over your information to the local police, hearing a thump in the night, and still finding a pervert firmly inside of your beloved spawn. Sure it won't be too late to end the pervert's ability to walk among the living with your trusted Remingtom 870 shotgun in 12 gauge with 3 1/2" magnum shells leaded with depleted uranium, but... it will be too late to avoid the years of therapy. Why not just destroy the object of the pervert's desire while they are still scouting targets?

  1. Note that iOS 8 devices generate their keys based on a short PIN and a value stored in hardware. Since the non-PIN value is stored in hardware... unless the hardware has a self destruct function the encryption keys are going to be exactly as weak as the weak PIN codes. [↩]

This entry was posted on Thursday, October 2nd, 2014 at 12:39 a.m. and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “Negative Security: Your Local PD Selling Holes Like A Cheap Pimp”

  1. Keeping Bitcoin is a Hard Problem says:
    October 2, 2014 at 11:18 p.m.

    […] police actively demand you compromise your security in the name of the children. Not necessarily your own children mind you, but the idea of children in the abstract. Because what […]

    Reply

Leave a Reply

Click here to cancel reply.

 

It's still a pleasure to read bb prose. Both well researched and well written...

- Mircea Popescu

Recent Posts

  • Uruguay-SSR And The Hallucinated Seige
  • Introducing "The Montevideo Standard"
  • Qntra: A Plan For Action
  • A Homework Assignment From Diana_Coman: Trawling Ancient PMs Seeking What Worked For Early Qntra And Where I'm At On Scripting A Conversion Engine
  • Outreach Automation: A Call For Bids
  • Week 6 2020 Review - With Some Reflections On The Subject Of Feedback And Encountering Bots Blogging For Bots Nest
  • Photos From The Archives - January 20, 2011
  • Week 5 2020 Review - A Start To A Start
  • An Onramp For Contributing To Qntra - On Qntra
  • Week 4 2020 Review - Turning To Qntra

Recent Comments

  • Joe on Sports Team Fandoms as a Model Organism for Understanding Discourse
  • Alaskan Thunder Fuck on That One Agricultural Product And Uruguay
  • Aaron 'BingoBoingo' Rogier on Qntra: A Plan For Action
  • Aaron 'BingoBoingo' Rogier on Some FG Samples And Test Results
  • Mohammed nawar on Some FG Samples And Test Results
  • BetrugsRuehrerVow on Ceviche Theory And Practice
  • Aaron 'BingoBoingo' Rogier on Introducing "The Montevideo Standard"

Feeds

  • Posts RSS
  • Comments RSS


Tip Jar: 15eVXAW7k8uKc5moDFUSc9Y3jmHFAenNXo