On Sat, 18 Mar 2017 13:54:05 -0400 Rich Kulawiec <rsk@gsp.org> wrote:
On Thu, Mar 16, 2017 at 08:10:03PM +0100, Norbert Bollow wrote:
Even if not every device is secure, the difficulty, and likely cost, for an attacker to snoop on the communications is much greater for an encrypted mailing list is than for a non-encrypted one.
The difficulty is greater -- but not by much. Attackers have long since become extremely proficient at installing keystroke loggers and extracting credentials in order to compromise many other forms of communication. It's only an incremental, low-cost step for them to extend those techniques to encrypted mailing lists.
Now I'll grant that this is unlikely to happen immediately (except for intelligence agencies, who will be ready for this before it's deployed in the field). But one of the things that we've seen over and over again is that once attackers decide that a particular target (or kind of target) has value, they'll focus on it with surprisingly rapidity.
That is true, if the attacker already knows whose communications they want to snoop on. However one of the main benefit of using encrypted communications is in the area of making it much more expensive and politically risky for the attacker to determine which targets have value.
In the absence of encryption, that can be achieved by means of mass surveillance anywhere between the communications endpoints followed by (possibly AI-based) pattern analysis, at near-zero incremental cost and near-zero incremental risk per additional group that is subjected to such surveillance for reasons of its communications being possibly of interest to the attacker.
Greetings, Norbert