[jdev] Protecting IM From Big Brother
dave at cridland.net
Tue Nov 27 11:17:59 CST 2007
On Tue Nov 27 16:19:38 2007, Alexey Nezhdanov wrote:
> Not just these two. XMPP have specification for pgp usage on top of
> xmpp, I use it sometimes with Psi client and I am sure that at
> least some other clients support it as well.
And there's ESessions, and S/MIME, and XTLS... The problem isn't so
much encrypting the traffic, which is simple enough, it's all the
other additional properties. ESessions and OTR are both geared very
heavily toward IM, whereas S/MIME and PGP both leverage existing
cryptography designed for email and deploy it on IM, and finally XTLS
treats chat sessions like connections, and does TLS over them.
(That's SSLv4, in effect).
> I'll explain it for the others who are less familiar with
> encryption: both methods (OTR and PGP) are the end-to-end
> encryptions. Big brother will never waste his resources to crack
> these unless you are highly wanted criminal (and even in this case
> it will be not too easy for him to crack it).
Well, you can - if you really want - calculate the computing power
required to decrypt all XMPP messages. Note that you have to be able
to decrypt them in near-real-time, at least, you need to decrypt as
fast as you intercept, which amounts to more or less the same thing I
Now, I don't know how much computing resource NSA, or GCHQ, actually,
have, but we can do another calculation, too - we can translate the
MIPs into Watts of electrical power, based on the power consumption
of the individual CPUs required for this MIPpage.
Then divide by 2*10^8. This magical figure will then tell you how
many power stations will need to be fairly close by Fort Meade. (Or
Cheltenham, for the Brits).
(Of course, I'm assuming a 200MW reactor, here, as I can't really be
bothered to look up what wattage a nuclear power station can generate
Once all this is done, simply count the power stations in the target
area (Google Maps, or simply go and look - you can certainly drive
around the Doughnut in Cheltenham).
Now, if you see a vast array of power stations - big complexes with
vast cooling towers, you can't miss them - conveniently located
within a useful range of the big brother of your choice, then hold
onto your tinfoil hats and grab your one-time pads, because it's the
only chance you have. (And, please note, that's one-time pads
generated very carefully.)
Alternately, if you happen to notice that cooling towers are, in
fact, conspicuous only by their absence in leafy Cheltenham, then you
can simply reuse your tinfoil hat as a convenient bowl to hold your
crisps in while you watch the lotto on telly purely to see if you've
one. (The latter not being a hint to use it as the source for your
one-time pad, of course, since that would be foolish in the extreme,
Of course, if you're a fully paid up member of the black helicopter
spotting brigade, then you'll refute such arguments as being the
ravings of an evil spook. But then, you'll also note that it's too
late, because I've infiltrated you now.
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at jabber.org
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
More information about the JDev