[liberationtech] Deconstructing the security risks narrative of Haystack
Greg Broiles
gbroiles at gmail.com
Fri Sep 17 15:17:22 PDT 2010
On Fri, Sep 17, 2010 at 2:35 PM, Daniel Colascione
<dan.colascione at gmail.com> wrote:
[...]
>
> B: the test program, having been detected, represented a risk to life
> and limb in the hands of anyone found with it.
>
> If A and B are true, then it follows that the program is highly dangerous.
>
> Now the argument rests on B, the idea that being detected with the
> CRC's test program is worse than being caught with another
> circumvention tool. [...]
This is incomplete - the program might also be highly dangerous if the
"test program" (which I will henceforth call "Bullseye", since it is
apparently Not Haystack) were equally dangerous to a possesor/user as
another circumvention tool (or even perhaps less dangerous), but the
user(s) selected Bullseye because it was advertised as being
undetectable.
While the possession or use of a circumvention tool may or may not be
literally illegal, it is also possible that its use in a particular
circumstance might be very risky. It might be relatively low-risk for
an otherwise unknown college student to use a circumvention tool; but
it might be very risky for a government employee, other "insider", or
a high-profile person to be identified as a circumvention tool user,
especially if that tool is closely identified with the support of a
foreign and hostile government.
Existing circumvention tools which are understood to be
traceable/identifiable allow the user to make their own decisions
about risk given what they know about their particular circumstances.
A circumvention tool whose traceability profile is significantly worse
than what's publicly disclosed may indeed create special danger for
its users, who might have chosen not to use a circumvention tool if
they knew their use would be easily detected and/or logged.
--
Greg Broiles, JD, LLM Tax, EA
gbroiles at gmail.com (Lists only. Not for confidential communications.)
Legacy Planning Law Group
San Jose, CA
California Estate Planning Blog: http://www.estateplanblog.com
Certified Specialist- Estate Planning, Trust & Probate Law, California
Board of Legal Specialization
More information about the liberationtech
mailing list