[liberationtech] Cryptography super-group creates unbreakable encryption

[Miles Fidelman]

Adam Fisk wrote:
> but there are many other factors at play, including the resources and 
> expertise an organization is able to devote to the problem. Apple, for 
> example, has an overall great security track record, with most of that 
> code closed source. 

Umm.... last time I looked, most of the guts, and the attack surface, of 
MacOS are NOT closed source, they're derived from BSD unix and the code 
is mostly open source.  The proprietary stuff is a relatively thin layer 
on top of that.

Having said that, if you want to look at folks with LOTS of money and 
expertise to apply - and a pretty good track - look at NSA.

Then again, it's pretty hard to tell about the security provided by 
closed source systems - are they really secure, or is it a matter of 
security by obscurity (think of those NSA chips that are designed to 
self-destruct if you try to dissect them), and the various crypto 
systems that have been compromised because human beings stole crypto 
boxes from embassies.   One of the real problems with closed-source 
systems is that you create a target of opportunity - compromise the 
organization behind the technology and you can either identify 
vulnerabilities, or insert them surreptitiously.

Miles Fidelman

-- 
In theory, there is no difference between theory and practice.
In practice, there is.   .... Yogi Berra