×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Academics Should Not Remain Silent On Government Hacking

Unknown Lamer posted about 4 months ago | from the too-busy-writing-papers dept.

Encryption 135

ananyo writes "The Guardian's technology editor, Charles Arthur, asks why researchers have remained largely silent in the wake of the revelation that the U.S. National Institute of Standards and Technology's standard for random numbers used for cryptography had been weakened by the NSA: 'The nature of the subversions sounds abstruse: the random-number generator, the 'Dual EC DRBG' standard, had been hacked by the NSA and the UK's GCHQ so that its output would not be as random as it should have been. That might not sound like much, but if you are trying to break an encrypted message, the knowledge that it is hundreds or thousands of times weaker than advertised is a great encouragement.' Arthur attributes the silence of UK academics, at least, to pressure from GCHQ. He goes on to say: 'For those who do care, White and Matthew Green, who teaches cryptography at Johns Hopkins University in Baltimore, Maryland, have embarked on an ambitious effort to clean up the mess — one that needs help. They have created a non-profit organization called OpenAudit.org, which aims to recruit experts to provide technical assistance for security projects in the public interest, especially open-source security software.'"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

135 comments

YOLO SWAG Buttcoins! (-1, Offtopic)

Anonymous Coward | about 4 months ago | (#45726497)

I only use Buttcoins: "The currency you shove up your butt".

Public interest (-1, Flamebait)

Anonymous Coward | about 4 months ago | (#45726507)

Even among academics, most people believe that these government activities are in the public interest.
Y'all are a minority. Deal with it.

Re:Public interest (0)

Anonymous Coward | about 4 months ago | (#45726681)

Most people are unintelligent, then?

They're living on the government teat. (0, Flamebait)

jcr (53032) | about 4 months ago | (#45726513)

American academia is lousy with left-wing sycophants, who know full well that their inflated salaries are supported by government interference in the student loan market, and taxpayer-supported direct funding. If more than a handful of them spoke up, they'd find out just how easily their overlords can snatch that titty away.

-jcr

Re:They're living on the government teat. (1, Informative)

Anonymous Coward | about 4 months ago | (#45726603)

Peddle your hatred of academia somewhere else. Most scientists live paycheck-to-paycheck with the constant uncertainty over funding caused by competitive bidding.

Re:They're living on the government teat. (0, Flamebait)

jcr (53032) | about 4 months ago | (#45726641)

your hatred of academia

Guess again. I want nothing more than to see academia liberated from government control. Today, US higher-ed institutions are fully in government thrall, just like all the universities in the Soviet Union.

-jcr

Re:They're living on the government teat. (0)

Anonymous Coward | about 4 months ago | (#45726999)

Well, if you want to see research done without government (public) funding, you should look at the private sector. However, they do their research for profit motives and not strictly academic. I think the funding system, although flawed, is not terrible. I would like to see more repetition so we can double-triple check research for quality. The publishing method is another story.

Re:They're living on the government teat. (5, Insightful)

macbeth66 (204889) | about 4 months ago | (#45727229)

Well, if you want to see research done without government (public) funding

He didn't say that. He said;

I want nothing more than to see academia liberated from government control

The idea behind public research, was to fund worthwhile research that would not otherwise get funding and then back off and let them do their ting without fear of reprisals. You know, independent. A noble ideal, that sadly, in this severely bifurcated society, is almost impossible.

So private control is fine? (0)

Anonymous Coward | about 4 months ago | (#45727651)

And why is government control wrong?

And surely if public funds were given to academia with no oversight, that would be decried as a huge scam, right?

Re:So private control is fine? (0)

macbeth66 (204889) | about 4 months ago | (#45727893)

There is a difference between over-sight in terms of how money is spend and that the research was done according to accepted practices versus threatening a researcher with reprisals if the results don't come out as desired.

Increasingly, IMHO, researchers are sactioned if the results are not in line with a particular ideology, even when the research was done properly. No, I am no longer in research, but my opinion was developed based on conversations I've had with associates still in the mill.

Re:They're living on the government teat. (1)

MightyMartian (840721) | about 4 months ago | (#45727169)

You do understand academia's purpose, right?

Re:They're living on the government teat. (0)

Anonymous Coward | about 4 months ago | (#45727745)

You do understand academia's purpose, right?

To provide a place for professors to get tenure positions, from which they may make snide remarks about society and then return to not actually living in the real world?

Re:They're living on the government teat. (1)

kelemvor4 (1980226) | about 4 months ago | (#45727759)

You do understand academia's purpose, right?

Of course. Co-ed porn!

Re:They're living on the government teat. (0)

Anonymous Coward | about 4 months ago | (#45728381)

You do understand academia's purpose, right?

Of course. Co-ed porn!

FTFY Co-ed human trafficking. I lost count of the number of married professors "dating" university undergraduate female students. Of course the girls wanted better grades (A/A+) in the course while the professors wanted a fresh four-year inventory of female flesh. Hell most of the female freshmeat were not even attractive IMO. I would love working in a setting where I could pursue my research interests but female students would be a distraction - once a woman is undressed she looses 99% of her appeal to me.

Re:They're living on the government teat. (0)

Anonymous Coward | about 4 months ago | (#45728611)

Have you ever considered that if a clothed woman has 100x the appeal of an unclothed one, and an unclothed one has 1/100 the appeal of a clothed woman, you might be gay? (Assuming you are male; if you're female, the confusion takes a different turn.) Not insulting you, just making a point. Maybe lying to yourself is the real issue at stake.

Re:They're living on the government teat. (0)

Anonymous Coward | about 4 months ago | (#45727799)

"You do understand academia's purpose, right?"

To teach. Research is secondary or even tertiary.

Fucking unbelievable (0)

Anonymous Coward | about 4 months ago | (#45727787)

Only in the US would someone compare government funding of higher education to the Soviet Union. You're not just crazy, you're basically broken on a fundamental level. Because a bunch of privileged land owners and slave holders couldn't possibly be wrong about anything 200 years into the future.

Re:Fucking unbelievable (1)

jcr (53032) | about 4 months ago | (#45728121)

Only in the US would someone compare government funding of higher education to the Soviet Union.

Both empires made academia serve their rulers. Are you seriously claiming otherwise?

-jcr

Re:Fucking unbelievable (0)

Anonymous Coward | about 4 months ago | (#45728185)

So, basically, you'd like to change the "rulers of academia" from elected officials to private corporations? Yeah, that'll work well...

Re:Fucking unbelievable (0)

Anonymous Coward | about 4 months ago | (#45728535)

Do you really think there's a difference?

Both can do it for magnanimous reasons and both can do it for teh evil power grabs.

Surely elected officials don't get automatic enlightened status because of a popularity contest?

Re:They're living on the government teat. (5, Funny)

Thanshin (1188877) | about 4 months ago | (#45726973)

Most scientists live paycheck-to-paycheck

Only an elite handful possess the secret to being dead inbetween paychecks.

"Vlad Dracul, PHD" Mondays on Fox.

Re:They're living on the government teat. (1)

Antipater (2053064) | about 4 months ago | (#45727109)

Pah! Fox stealing jokes again! A clear ripoff of NBC's Vladimir Acula, M.D., back in 2006.

Re:They're living on the government teat. (1, Insightful)

Desler (1608317) | about 4 months ago | (#45726649)

Yeah, keep attacking those "lefties" while the public continues to be robbed by the bankers and other corrupt businesses. People like you are what is wrong with this country by worrying more about the boogeymen "lefties" over the people who are really ruining this country.

Re:They're living on the government teat. (1)

jcr (53032) | about 4 months ago | (#45726699)

If you imagine that I'm a supporter of the cronyism that banks and other corporations consider business as usual, then you know absolutely nothing about me. Academia is the subject at hand, not banking.

-jcr

Re:They're living on the government teat. (0)

Desler (1608317) | about 4 months ago | (#45726949)

No the subject at hand is your ignoramus "us vs them" stupidity.

Re:They're living on the government teat. (0)

Anonymous Coward | about 4 months ago | (#45727845)

No the subject at hand is your ignoramus "us vs them" stupidity.

Ignoramus [reference.com] is a noun, not an adjective.

Ok (0)

Anonymous Coward | about 4 months ago | (#45727871)

It's alright for you to dismiss a whole group with some stupid 'lefties' tag - whatever the fuck that means today; to the 'left' of the tea party I suppose - but god forbid anyone make a generalization about your attitude. You're a dick.

Re:Ok (0)

jcr (53032) | about 4 months ago | (#45728095)

It's alright for you to dismiss a whole group with some stupid 'lefties' tag

Reading comprehension isn't your long suit. What I said is that American academia is lousy with lefties, not that it is composed entirely of lefties.

whatever the fuck that means today

It means people who advocate expanding governmental power over the economy.

-jcr

Re:They're living on the government teat. (0)

Anonymous Coward | about 4 months ago | (#45726781)

Yeah, keep attacking those "lefties" while the public continues to be robbed by the bankers and other corrupt businesses. People like you are what is wrong with this country by worrying more about the boogeymen "lefties" over the people who are really ruining this country.

And ignorance like yours that wants to point at a single side to find blame is what will keep the entire thing churning.

Perhaps for dessert a fresh round of genocide is in order...off to go thump a few bibles are you?

Re:They're living on the government teat. (1)

Desler (1608317) | about 4 months ago | (#45726911)

Where did I point to a single side? I mentioned neither political side because such a game only serves as a distraction.

Re:They're living on the government teat. (0)

Anonymous Coward | about 4 months ago | (#45727609)

keep attacking those "lefties"

'k.

'Neither' is a misnomer. There are more than two sides. What about 'fronties' and 'backies'? You insensitive slob!

Re:They're living on the government teat. (0)

Anonymous Coward | about 4 months ago | (#45727731)

Learn you a read good better.

Re:They're living on the government teat. (0)

fredprado (2569351) | about 4 months ago | (#45726855)

The bankers can only get away with their robbing because the government those leftist so much defend go to bed with them and always will.

Re:They're living on the government teat. (1)

Desler (1608317) | about 4 months ago | (#45726923)

Bush and Ronald Reagan were/are a lefties?

Re:They're living on the government teat. (1)

fredprado (2569351) | about 4 months ago | (#45727107)

As far as I know Reagan didn't defend more government, and he was the first to admit that governments are poor regulators. Bush was a demagogue and his position about basically anything changed with the wind.

Re:They're living on the government teat. (1)

Desler (1608317) | about 4 months ago | (#45727219)

You seem to have missed the point. You claimed thay bank bailouts were only done by lefties. Yet Reagan did a $160 billion bailout after the savings and loan collpase and Bush (with lots of non-lefty support) with TARP. Oh and shoulf we also ignore all the deficit spending by Reagan who within his own administration turned us into the biggest debtor and increased the debt as a percentage of GDP from 26.2 to 40.9%.

He may have claimed to be against what you say but his spending actions speak otherwise.

Re:They're living on the government teat. (1)

fredprado (2569351) | about 4 months ago | (#45727369)

Nope. I didn't claim such thing. I claimed that bank bailouts were made by governments. I also claimed that those who defend governments as an effective measure against bank or any corporate abuse, which are basically the left, are delusional.

Keep moving the posts (0)

Anonymous Coward | about 4 months ago | (#45727929)

It was the 'left' that wanted to bail out the banking sector? I suppose you'll be telling us next that those industry CEOs were communists. You're too dumb to hold more than one concept in your mind simultaneously.

Re:They're living on the government teat. (0)

Anonymous Coward | about 4 months ago | (#45728013)

You did blame "leftists" go reread your own comment.

Hey Fred, the coach just called and he wants you to put those goalposts back where you found them.

Re:They're living on the government teat. (0)

Anonymous Coward | about 4 months ago | (#45727827)

So wait; you're saying the lefties in Congress,etc dont support the 'bankers' and 'other' corrupt businesses?

LOL!!!! And you have the nerve preach about who and what's wrong in this country?

Re:They're living on the government teat. (1)

i kan reed (749298) | about 4 months ago | (#45726749)

American academia is lousy with left-wing sycophants, who know full well that their inflated salaries are supported by government interference in the student loan market, and taxpayer-supported direct funding. If more than a handful of them spoke up, they'd find out just how easily their overlords can snatch that titty away.

obnoxious as fuck signing of post removed

I don't think you quite get how tenure works.

Re:They're living on the government teat. (1)

Em Adespoton (792954) | about 4 months ago | (#45727599)

How it works, or how it's supposed to work?

It doesn't really matter if you've got tenure if you can't get the grant money to hire graduate students to do your research, and if your institution is actively encouraged to pursue studies that diverge from what your preliminary findings hint might be the real answer.

What ends up happening is that yes, you've still got tenure, and you end up getting saddled with a bunch of introductory first-year classes and no research funding or equipment. You also get your TA budget cut.

Tenure only means they aren't able to fire you without probable cause.

Plus, there's the huge number of people who do research specifically to get that coveted tenure at an institution -- and many (most?) will have no problem doing some "suggested" research to get to that position where they can start doing the research they actually want to do. Of course, there are usually fewer tenure slots than there are tenure track positions, so the result is that you get significantly more "suggested" research being done than hands-off objective research.

Oh, and it doesn't matter if you've got a tenured position if the government cuts off funding to your university. They'll find ways (like some of the ones mentioned above) to get you to leave.

Re:They're living on the government teat. (2)

lyapunov (241045) | about 4 months ago | (#45726809)

I don't agree with the ad hominem attacks or his logic, however he does have a point. The costs of education have greatly outstripped inflation, even at state institutions. When this happens, I guarantee that some people are bilking the system.

The bad part is that it is really going to damage the US in the long run. In our post industrial economy, intellectual ability will be the best export, and that future is being marginalized as the investment is growing out of the average person's reach.

Re:They're living on the government teat. (0)

Anonymous Coward | about 4 months ago | (#45726871)

Most people barely have any intellectual ability, and no amount of education (or, for most people, education isn't education, but rote memorization, as they have no ability to understand advanced concepts) will change that.

Re:They're living on the government teat. (4, Informative)

Anonymous Coward | about 4 months ago | (#45726873)

The costs of education have greatly outstripped inflation, even at state institutions.

I agree as far as private institutions go. Of public institutions, I've only looked into the University of California system in detail, and it's definitely not true there. If you take the total UC system budget and divided by total undergraduates, per-student cost of education has gone down by about 20% since the 1980s. Why, then, you might ask, has tuition gone up? Because per-student state funding for the UC system has gone down by 60%. Tuition hikes make up the gap between cost reduction (20%) and funding reduction (60%). They aren't covering any kind of cost increase.

Re:They're living on the government teat. (0)

swan5566 (1771176) | about 4 months ago | (#45726969)

I wouldn't draw too much from anything fiscally-related that comes out of California.

Re:They're living on the government teat. (0)

Anonymous Coward | about 4 months ago | (#45728167)

That's probably because you don't know what "tax donor state" means among other basic shit....

Re:They're living on the government teat. (0)

Anonymous Coward | about 4 months ago | (#45727209)

Universities can't rely on funding levels to stay the same per student in order to keep their prices in line. How often do Universities shrink in order to stay cost effective? (You know, like most companies do in negative economic climates) Also, check out the endowment sizes on your major Universities. It's criminal. University of California's endowment is over 80 BILLION dollars. Much of that is for pensions, etc, but just a few % return on that could subsidize - if not pay for - the tuition for the poorest students if not most students. Don't cry for Universities.. they are some of the biggest and richest operations in the country.

Re:They're living on the government teat. (0)

Bartles (1198017) | about 4 months ago | (#45727841)

I love how you seem to think that increasing state funding is a cost reduction. That's so cute.

Re:They're living on the government teat. (5, Insightful)

dkleinsc (563838) | about 4 months ago | (#45727173)

When this happens, I guarantee that some people are bilking the system.

We also know that whoever it is isn't the faculty: If you adjust for inflation, the change in faculty salaries over the last 5 years is somewhere between 0 and -5%.

The costs that have been going up dramatically include:
- Buildings, specifically the kinds of buildings that help sell a college to potential students like gyms and newer dorms that are more like living off campus rather than a small room to yourself + a roommate.
- Administration and student services. For example,
- Athletics, which are in some schools a huge business. In many states, the highest paid government employee is the head coach of the state university's football team (e.g. Ohio State's Urban Meyer rakes in $4.3 million a year, approximately 30 times the salary of the governor).

Also quite relevant for publicly funded institutions is that public funding for those institutions has been dropping like a rock.

Re:They're living on the government teat. (2)

dkleinsc (563838) | about 4 months ago | (#45727187)

- Administration and student services. For example,

Oops - For example, writing tutors to ensure you finish your sentence before you hit "Submit".

Actually, where I was going with that is that a lot of schools have doubled or tripled the number of Deans of Students, counselors, Student Affairs staff, and so on.

Re:They're living on the government teat. (0)

Anonymous Coward | about 4 months ago | (#45728545)

I don't agree with the ad hominem attacks or his logic, however he does have a point. The costs of education have greatly outstripped inflation, even at state institutions. When this happens, I guarantee that some people are bilking the system.

Law schools in the United States of Amerika are beginning to feel the effects as fewer post-undergraduate applicants are applying to law school, fewer are taking the LSAT much to the chagrin of the Law School Admission Council, the majority of freshly graduated lawyers are not securing employment in the legal profession. This is touching every law school from T-1 on down the academic food chain. Law school should cost no more than USD2500.00 per year including textbooks; a USD10000.00 student loan at graduation would be much easier to manage and allow bar admitted attorneys / lawyers / barristers / solicitors to work in areas of law which benefit society.

Re:They're living on the government teat. (1)

Anonymous Coward | about 4 months ago | (#45726839)

No wonder you get no respect from academia, you earned none spouting Republican victimstance fantasies.

Re:They're living on the government teat. (1)

gwstuff (2067112) | about 4 months ago | (#45726841)

"lousy with left-wing sycophants" - This gives away your position on the spectrum of politics and insolence, rather than saying something about the people you refer to.
"inflated salaries are supported by government interference in the student loan market" - Nearly every academic I know takes at least a 25% salary cut by not being in the industry but being in academia. Good academic hires in the industry are prized and usually lofted to high positions. Academic positions prerequisite a PhD, for which in the US the drop out rate is 50% on an average.

Re:They're living on the government teat. (0)

Anonymous Coward | about 4 months ago | (#45726879)

Inflated salaries in academia? Seriously? I think you just can't get over the fact that there aren't enough right wing sycophants to suit you among the ranks of the best educated. Did you really think your post had anything to say about anything other than your own prejudices and fears and misapprehensions ?

Re:They're living on the government teat. (1)

Kookus (653170) | about 4 months ago | (#45726905)

Yeah, making it harder for students to get loans is really going to work in their favor :)
Based on the population attending college, and the population who has attended in the United States, you're looking at something like 20% of the U.S. could be impacted by those types of actions.
http://en.wikipedia.org/wiki/Higher_education_in_the_United_States [wikipedia.org]

Good luck getting re-elected.

Re:They're living on the government teat. (5, Interesting)

Petron (1771156) | about 4 months ago | (#45727355)

Actually, it would.

The problem comes from bankruptcy laws. Banks were having a fit because students would get loans, and when they graduate, declare bankruptcy and have the loans forgiven. The showboat case for this was people graduating as medical doctors, declaring bankruptcy, then getting a high paying job. Banks went to the government to 'fix' this problem and the fix was: Student loans are immune to bankruptcy. If you get a student loan, you will pay it back, even if that means you will have your McPaycheck garnished.

This now means that banks have little to no risk to their loans. Why would they refuse any loan? If the student is successful or not, either way, they get paid. A kid that gets straight D's in school and wants to major in "Classical Nintendo" Sure! Here's money with a nice interest rate.

Now we have banks giving money anybody who wants it, demand for higher education goes up. When demand goes up and supply stays the same... prices go up. Prices go up? Get a loan!

It's a self-feeding model that all started with crony-capitalism. Banks and Government got in bed together. Now I don't blame the banks for complaining... it is a problem. If I lent off a ton of money for students to become doctors, and they kept stiffing me, I'd be pissed. But the Government gave the Banks too sweet of a deal. They gave them a win-win.

What if the banks had a 10 year probation window on student loan bankruptcies instead? If a student declares bankruptcy, the loan is put on hold for 10 years with no interest. If during that 10 year time, the student finds a job that could may payments, the loan sticks. If they can't after 10 years, the loan is forgiven. Banks are protected from those "evil doctors" getting hefty loans then dumping them... Students are protected from not being able to find a job afterwards. The loan (and cost of the education) must reflect the job that is received in the end. Students with poor grades, and majors that aren't in demand are less likely to get loans, as they are now risky to the bank. All of this should lower costs of education.

Re:They're living on the government teat. (0)

Anonymous Coward | about 4 months ago | (#45728133)

Interesting ideas Petron but the net result would be it would be harder to get money for college/more expensive.

I think we should create financial instruments SOLELY for the purpose of funding educations, not for profitability.

Re:They're living on the government teat. (2)

Wookact (2804191) | about 4 months ago | (#45728261)

Interesting, you solution seems relatively fair, and reasonable. Prediction it will ever be implemented: 0.05%

Government Student Loans (0)

Anonymous Coward | about 4 months ago | (#45728897)

Great attempt at bashing banks, BUT

Just about ALL student loans in the US are run by the government (in the 95% range). Its part of Obamacare, the interest in those loans were needed to get the numbers on the CBO report to show it reduced the deficit when it passed. (Let me guess, you didn't read the bill)

Its near impossible to get a student loan from a bank now. The rules were changed when the government started taking over the loans years ago because the government does not do with less money.

Re:They're living on the government teat. (0)

Anonymous Coward | about 4 months ago | (#45728399)

Most of the people in college don't need to be in college to begin with. College/university isn't for losers, and yet colleges and universities are lowering their standards to let in trash that would never have been let in before.

Re:They're living on the government teat. (0)

Anonymous Coward | about 4 months ago | (#45726917)

Jcr what's it like waking up an angry, uneducated Republican faggot every morning?

Re:They're living on the government teat. (0)

Anonymous Coward | about 4 months ago | (#45727037)

colossal faggot detected

Re:They're living on the government teat. (0)

Anonymous Coward | about 4 months ago | (#45727147)

Wow. The hate. You must have punched them right in their cognitive dissonance.

Hah. Capcha: pitier

Mod Parent Up (0)

Anonymous Coward | about 4 months ago | (#45727269)

Academics are firmly ensconced in the cocoon of big government. They won't bite the hand that feeds them.

Also, look at all the creepy admiration on the left for the likes of Che Guevara, Hugo Chavez, etc. Those on the far left have no objection at all to a police state, they merely insist that they should be the ones running it.

Re:Mod Parent Up (0)

Anonymous Coward | about 4 months ago | (#45728021)

You're a coward alright.

Don't bite the hand that feeds you (-1, Flamebait)

Terry95 (2690775) | about 4 months ago | (#45726607)

Want to bet the NSA Hoover didn't pull in ALL the evidence that global warming / climate change is an out and out fraud - complete with names, dates, and DOLLAR Amounts? Seriously if they can hack North Korean nuclear weapons data I think they can stumble upon a global conspiracy by thousands of ass hats that all think they are too smart to get caught.

KNOCK !! KNOCK !! (-1)

Anonymous Coward | about 4 months ago | (#45726679)

Who is it ??

NSA !!

NSA who ??

(BAM !!) (POW !!) (SPLAT x 2 !!)

aww shit new mac pro goes on sale tomorrow (-1)

Anonymous Coward | about 4 months ago | (#45726885)

any of you unemployed linux scrubs getting one? hah, i didn't think so. stay poor, nerds.

Re:aww shit new mac pro goes on sale tomorrow (0)

Anonymous Coward | about 4 months ago | (#45726961)

Unemployed and linux are rarely used together, considering how much of the internet runs on it.

Make sure to wear a helmet and goggles (0)

Anonymous Coward | about 4 months ago | (#45728195)

So you don't cut yourself or have your eye out with those rounded edges.

No face (0)

Anonymous Coward | about 4 months ago | (#45727057)

The problem is there is no face to this monster. Who do you speak out against? Targeting a political figure only targets you for the opposite radical wing's slander and can be career suicide at certain Universities. (Just read other comments on this thread) The beast in Washington DC has a life of its own regardless of who is in charge anymore.

What would most of us do? (1)

GodfatherofSoul (174979) | about 4 months ago | (#45727087)

The government can put a heck of a lot of pressure on an individual for not cooperating. Everything from being blacklisted to jailed on spurious charges. Truthfully, I don't think I would have said a word once they started turning the thumb screws; metaphorically or otherwise.

Re:What would most of us do? (3, Insightful)

CanHasDIY (1672858) | about 4 months ago | (#45727843)

So, I guess now would be an appropriate time to take that whole "Land of the Free, Home of the Brave" part out of the Pledge?

Grants. (Period) (3, Interesting)

xxxJonBoyxxx (565205) | about 4 months ago | (#45727103)

>> why researchers have remained largely silent in the wake of the revelation that (US gov does bad thing)

Just follow the money to...federal research grants. Even if an individual professor decided to rock the boat, their local university would do their best to shut them up.

Related: http://www.aipg.org/students/pdf/So%20you%20want%20to%20be%20a%20professor.pdf [aipg.org]
George D. Klein - former professor: " A professor is viewed as a profit center by university administrators...Faculty members will survive as
a professor if she/he is awarded lots of grants with lots of over-head for the university coffers..."

Also: http://www.academicmatters.ca/2012/11/the-quiet-campus-the-anatomy-of-dissent-at-canadian-universities/ [academicmatters.ca]
 

Maybe because the Guardian has surprisingly little (1)

Electricity Likes Me (1098643) | about 4 months ago | (#45727139)

Given that no documents have been released showing that the NSA intentionally weakened Dual_EC_DRBG other then Bruce Schnier swearing up and down he totally saw it (he may be a good cryptographer, how good is he at reading and understanding internal memos of an intelligence agency? Why have these memos not been released, even in a redacted form if they contain other sensitive info?)

Everyone already knew it was weak. The NIST specification notes (circumspectly) that there's a possible weakness and outlines means to fix it (by generating new factors for it). What exactly does the Guardian think academics should be doing?

Re:Maybe because the Guardian has surprisingly lit (4, Informative)

crymeph0 (682581) | about 4 months ago | (#45728183)

This NSA document [nytimes.com] published at the NYT states explicitly that the NSA is attempting to "Influence policies, standards and specifications" for public key encryption, and given that the project described in that same document is about expanding the NSA's access to data, rather than increasing the security of that data, this proves that the NSA is working to weaken, not enhance, public key crypto. That NSA document doesn't specifically mention DUAL EC DRBG, but this NYT story [nytimes.com] does say that the Snowden documents somewhere list DUAL EC DRBG as one backdoored technology.

Of course DUAL EC DRBG is only one algorithm. How many other algorithms has NSA contributed to? At this point, they're all suspect, because it's obvious now that the NSA is more worried about decrypting communications it intercepts rather than protecting any communications transmitted. So what academics should be doing is independently vetting all widely used encryption technology, starting with anything the NSA is known to be involved with, even peripherally. That is a tall order, and it used to be tin-foil-hat thinking, but like a police officer caught lying under oath causing decades worth of court cases to be thoroughly redone or thrown out, there is no alternative if we want to be sure that nothing else got through.

IFIP has issued a statement on the issue (1)

dreixel (1338237) | about 4 months ago | (#45727211)

IFIP [ifip.org] has issued a statement [ifip.org] on the issue. Excerpt:
There is reason to believe that major practical pillars of trust in the Internet, e.g. the trustworthiness of relevant communication nodes and the security of cryptographic implementations in the web such as SSL, are being intentionally weakened in a systematic way at the behest of government organizations and other major actors in the field. This is endangering and undermining the fabric of the Internet and the Information Society, and contradicts the claim of those actors to be trusted with e.g. sensitive personal information. Moreover, any deliberately introduced weakening or backdoor is equally exploitable by (ostensibly) legitimate and illegitimate third parties alike.

Possible reason (1)

multimediavt (965608) | about 4 months ago | (#45727243)

One possible reason for the silence is that academic researchers get most of their money from the Government, and certainly cryptographers are funded through the three letter agencies (DoD, DHS, CIA, NSA, etc.). Why on Earth would they speak up and potentially ruin their academic careers? You can be outspoken when you are high-profile and have already made full Professor and have a comfortable life. If you're an assistant or associate professor, you're not rocking the boat too much if you want to keep going. Get on the bad side of a funding agency and you can kiss a fruitful career good bye in academic research.

Re:Possible reason (1)

IWannaBeAnAC (653701) | about 4 months ago | (#45727359)

DoD, DHS, CIA, NSA, etc will all require that you keep your research secret. They do fund cryptographers, but they are all in-house and not part of the academic community.

Academics should never be silent. (0)

Anonymous Coward | about 4 months ago | (#45727333)

Is there anything academics should be silent on?
Really. Who goes around saying "Fuck that! We don't need educated, researched opinion on that subject!" .. Oh yeah. Politicians. Those exist. :p

Is the open-audit link really related? (1)

Rich (9681) | about 4 months ago | (#45727351)

The open-audit link seems to be to a piece of software that is unrelated to the text of the summary. Rather than being anything related to people willing to help audit software, it's actually a tool for auditing your network.

In addition, whilst it does seem to be GPL, you need to provide a name, and email to download it.

Re:Is the open-audit link really related? (0)

Anonymous Coward | about 4 months ago | (#45727439)

this is obviously a mistake.

also, openaudit.org in the article but open-audit.org in the url.
openaudit.org is for sale: http://domainnamesales.com/domain/openaudit.org

google reveals nothing on an open-audit.org from Kenneth White and Matthew Green.

either the article was prematurely submitted before DNS changes happened AND the article submitter made a very inconvenient typo, or we iz trolled lol
 

What do you think "chilling effect" means? (4, Insightful)

WOOFYGOOFY (1334993) | about 4 months ago | (#45727719)

Every single one of us has felt the hesitation to speak out agianst what the NSA is doing lest be experience some sort of retaliation, typically being mechanically put on a "list" what is used in other contexts for other decisions. The most basic one is getting on the "no fly list" but one imagines that other lists exist also, for instance, the "do not fund research" list.

THAT'S what a chilling effect is. It's a self perpetuating thing, because the more dissent is stifled, the more the faux consensous becomes reality, the more license the chillers see themselves as having been given by society.

I'll never forget the CIA film of Saddam Hussein assembling Anyone Who's Anyone In Iraq into an auditorium then calling out names of individuals, who , when they appropriately stood up having been addressed, were escorted away by security personnel to their summary executions.

As soon as the luminaries understood what was happening, they all stood and started to applaud this monster, chanting his name, swearing fidelity at the top of their lungs, hoping that such would make it less likely that they would ever appear on any such list and, if their name was on The List, they might somehow induce a last minute change of mind.

That's the chilling effect of compiling lists of people and assigning them properties- "enemy", "hub", "individual of special concern should X Y or Z be happening".

Every single one of us, whether we admit it or not, has felt a pause, a fear, the need to calculate and perhaps somehow soften or even self censor what we're saying WRT the government and the NSA for fear of such lists and their possible future consequences.

This is one of the most insidious and well documented effects of surveillance and no one is immune, and- and this is significant- they know it.

This is why the ability to spy on anyone all the time without anyone outside of people you command, or who fear you, knowing what you're doing has to go. This is why total transparency into who does what when why for how long without a scintilla of exception needs to be implemented into the spy agencies. We need spies and spying because we have real enemies who really want to do unspeakably evil things and will given the chance. We have to stop those people. In order to achieve that, we need to stop the spy agencies using the spy agencies to undermine their own democracy however inadvertently. If they were capable of doing this, then they wouldn't have hounded Binney and Drake and Kiriakou ; they would have listened to them.

http://dissenter.firedoglake.com/2013/08/07/imprisoned-cia-whistleblower-john-kiriakou-totality-of-punishment-is-not-limited-to-a-prison-sentence/ [firedoglake.com]

Right now, the biggest threat to the continued effectiveness of our spy agencies is the culture which has ascended and become the dominant one in the those spy agencies.

 

Re:What do you think "chilling effect" means? (0)

Anonymous Coward | about 4 months ago | (#45728859)

Agreed.
This is one reason why folks with guns don't particularly want to end up on a list like this.

Re:What do you think "chilling effect" means? (1)

WOOFYGOOFY (1334993) | about 4 months ago | (#45728997)

Right exactly. I am a white hot full on liberal across the board , you name it, but I fully acknowledge people's right to have guns and by guns I mean a gun capable of inspiring respect.

  I totally acknowledge that this is a practical need. In parts of this huge country your nearest neighbor is a mile away or many more. Moreover the police aren't there to protect you in the moment, they're there to keep order through the post-hoc punishment of crime. Those are two different things.

It's also a legitimate psychological need. People DO feel like there's a freedom which can not be easily violated just because they're armed and this is expressed in the 2nd amendment and reflects the intent of the 2nd amendment. The fact is that this is a felt need, a value, a perspective, and a non-trivial one which deserves respect The demographic running up the "death by gun" numbers are in criminal possession of those weapons already, and even banning all guns wouldn't change that- they'd still have guns or "other".

I have to say, also, that guns rights people have nothing to fear from assault weapons bans -and history proves this point- if there ever is a demand for such, they'll be plentiful. Very.

And yes there is an ongoing human tragedy cost that we pay on an ongoing basis, but the alternative is worse at the extremes and solutions to accidental or stolen gun violence will be found in near future technology.

It is true that guns don't kill people, people kill people. Yes that is true.

My perspective.

Elliptical Curve Patents (0)

Anonymous Coward | about 4 months ago | (#45727721)

Interesting, as I remember a little while ago there was a Canadian Company that had some serious research/experts/patents on Elliptical Curve Encryption Technology (allegedly un-breakable), being scooped up by some Alphabet-Goobermint-Agency?
Imagine that.

"Yes Academics..." (4, Insightful)

GameboyRMH (1153867) | about 4 months ago | (#45727903)

"Tell us how you feel. If you have any criticisms you've been bottling up, then please write about them in journals, or better yet discuss them with your friends over an electronic communications medium. We'd hate to go unaware of any people with 'interesting' viewpoints." - The NSA.

Not silent. (3, Interesting)

Anonymous Coward | about 4 months ago | (#45728173)

Not silent: drafting. Planning. Analysing. Discussing. Coding. Working.

There's a lot more to it than Dual_EC_DRBG: that's just the most obvious, neon-sign "HEY LOOK AT ME I'M A BACKDOOR" backdoor. Funding document leaked by Snowden specifically states public key algorithms. I can match that directly: The NIST/SecP curves were generated by Jerry Solinas of the NSA from SHA-1 hashes with no known source. Yeah, they're totally dodgy, although not perhaps in the obvious ways (it may be that they're specified in ways that make them excruciatingly hard to implement correctly without fucking up: timing attacks; random source; curve point validation; perhaps unknown attacks associated with discriminants? NSA do have a head-start on EC). ECDSA and DSA too; the big hole is very simply that pesky random number thing - as Sony know to their cost. Makes me wonder about a couple of other things too.

djb and Tanja Lange are working on new algorithms to replace them, which are 100% non-NSA and actually also really really fast. http://safecurves.cr.yp.to/ - EdDSA with Ed25519 (aka Curve25519 - same Montgomery curve, more efficient/useful Twisted Edwards representation) and/or Curve3617 (pure Edwards, 414-bit size, 200-bit security) are absolutely top contenders to replace ECDSA and ECDHE and are better in every single way. Tanja's even come up with a way to turn encode curve points, on the safecurves, in a way that the output looks truly random, if we need that (explicitly stated use case: censorship/protocol fingerprinting evasion, could see uses in other areas too).

AES-128-GCM seems okay, if you have hardware implementations, but has difficulties running in O(1) free of timing attacks in software. ChaCha20_Poly1305 is a djb ciphersuite proposed by Adam Langley which does much better - it's a replacement for RC4 (which is definitely 100% no contest broken in realtime by Nation State Adversaries, we're quite sure about that now) and is probably a better AEAD, to be honest, than GCM, in my opinion. Live on Google servers, and in Chrome dev builds, right now. Draft in consideration. ChaCha20's Salsa20's successor, an eSTREAM finalist; ChaCha20 was used to build the SHA-3 finalist BLAKE and got a lot of cryptanalytic attention through that. Best attack (truncated differential cryptanalysis) 6 of 20 rounds, surprisingly simple ARX construct easy to analyse with no nasty surprises, fast as hell especially with any kind of SIMD, great differential and linear resistance: can't say fairer than that!

These are among the algorithms we're going to use to rebuild all this. We have trust models to fix, too, which are closer to the root of the Big Problem - more transparent auditing, pinning with DANE and DNSSEC, there's a lot of possible things we could do to harden all that, and we're going to do all that. And the protocols can be improved significantly too, and we're working on that: things like encrypting the ClientHello from the very beginning WILL be part of TLS 1.3, flying pigs be damned.

We have a lot of work ahead of us rebuilding all this, and it's going to take a long time. Needs to be done very carefully, openly, and transparently. Feel free to come and help (if you know what the fuck you're doing).

I'm not pulling my punches. (I haven't so far, as you might see if you look me up.) I want to make sure the right choices are made for the right reasons, and GCHQ and NSA can kiss my ass. As engineers, we try to be non-political, but that doesn't mean we can't be really pissed at literally being double-crossed and lied to, and attacked by the people (ostensibly) whose job it is to protect us. I am very, very bitterly angry with them for fucking up their COMSEC mission to further their SIGINT mission: it's nothing less than a billion-dollar funded betrayal of national and international security, from a technical perspective, and one that we have to go and fix - because they won't, and we could never trust them to anyway.

We're not silent. We're busy. Other people can talk about political ramifications. We'll work to solve the technical ones. We'll meet in the middle. /akr

dual standard? (1)

slew (2918) | about 4 months ago | (#45728403)

So should academics use the same research and release standards with security bugs/exploits as government "hacks"?

The general consensus is that researchers that find vulnerabilities in commercial software at least notify the vendor and give them a chance to mitigate the problem before releasing a potential attack blue-print to the universe. Should researchers notify government entities before releasing their research on their "hacks", or are they to treat the government as a black-hat?

It's an interesting choice either way... One way you are colluding the other way you apparently might be considered a traitor (or hero depending on your politics).

They didn't! (2)

GrievousMistake (880829) | about 4 months ago | (#45728485)

What a non-story. The flaws in Dual EC DRBG were widely published shortly after release.

The backdoor was first published by Dan Shumow and Niels Ferguson [cr.yp.to] in August 2007.

Bruce Schneier [wired.com] wrote the same year:

My recommendation, if you're in need of a random-number generator, is not to use Dual_EC_DRBG under any circumstances. If you have to use something in SP 800-90, use CTR_DRBG or Hash_DRBG.

This was common knowledge if you had more than a passing interest in cryptography. I think TFA is mistaken when it says that it didn't get enough attention. The reason academics didn't take it more seriously is that it was seen as so obvious, it was mostly harmless shenanigans.

You would only use it in a serious cryptographic product if you were an incompetent crackhead, or if the NSA had stuffed your ass full of money.

Incidentally, RSA, the large security firm, shipped it in a serious cryptographic product for years and years.

Meine Reaktion:Scherbius2014 (0)

Anonymous Coward | about 4 months ago | (#45728957)

For German-speaking people, here is my C++-coded Middle-Finger to General Clapper:

http://scherbius2014.de

And no, I won't bother to translate it into English, as English obviously is a language of oppression these days.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...