Hacker News new | past | comments | ask | show | jobs | submit login

>But if you encrypt your traffic on IP and then switch out to unencrypted PSTN then that's completely useless as you'd risk drawing unnecessary attention to your plaintext.

So the solution you suggest is to try to hide in plain sight? Good luck with that.




Why would you think that? Am I really that unclear?

If I had to venture a suggestion it would be to encrypt your data end-to-end.


lol. Right, because my mom's rotary phone will work like that.

That's the "comprehensive reform" argument weaselly politicians use. Ex. Chuck Schumer works for the banking industry. The banking industry needs reform after financial crisis. Chuck blocks banking reform by demanding "comprehensive reform" and refuses to implement partial measures that would help/start the reform process. He claims he's strongly in favor of reform. So much he's unwilling to compromise for partial measures. As such, he votes against all measures of reform. Sure Chuck, we all believe you really want to reform the banks that paid for your elections.

If end to PSTN can make it more expensive for the NSA to collect, then it's good, even if it isn't foolproof.

If the default config for apache were to generate self signed certificates, you would say, that's useless, because MITM. I would say, that's great, because now NSA is forced to MITM if they want to snoop. It increases the expense for the attacker, making their ability to snoop more limited.


> Right, because my mom's rotary phone will work like that.

No it doesn't. That's why you shouldn't market products with the claim to make secure calls to her.

There are product to encrypt PSTN calls. These products needs to be used at both ends to be effective.

> If end to PSTN can make it more expensive for the NSA to collect, then it's good,

It doesn't, that's the point. You can count on the whole SS7 being compromised, all the time. It's where these agencies came from.

> If the default config for apache were to generate self signed certificates, you would say, that's useless, because MITM.

Again words in my mouth. I believe it is in fact the default in the major distributions, and it isn't "useless". This has absolutely nothing to do with the PSTN so I won't discuss this particular straw man further.


>I believe it is in fact the default in the major distributions

I have never once seen apache generate a self signed cert and default to http off for all connections. But sure, you didn't say that. I was simply drawing a parallel argument to what you were saying about PSTNs.

So let me make one more logical fallacy since the article clearly isn't providing enough info to prove either of our arguments.

Appeal to authority: Who should I trust dude? You, random internet poster, or Phil Zimmermann? I'm going with the guy who invented PGP and has a reputation and track record on encryption. Through his actions, he has built lots of trust/cred. You have not. If he has started a company, is delivering this as a product, and marketing that aspect as a feature, he clearly believes that it offers some benefit over a fully unencrypted line.

I'm willing to give that man the benefit of the doubt. You on the other hand could be working for the NSA and trying to derail interest in his product for all I know. Oops, that was two logical fallacies.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: