[Mailman-Developers] Encrypted lists predictable difficulties and implementation needs

Norbert Bollow nb at bollow.ch
Sun Mar 19 13:14:22 EDT 2017


On Sat, 18 Mar 2017 13:54:05 -0400
Rich Kulawiec <rsk at gsp.org> wrote:

> On Thu, Mar 16, 2017 at 08:10:03PM +0100, Norbert Bollow wrote:
> > Even if not every device is secure, the difficulty, and likely cost,
> > for an attacker to snoop on the communications is much greater for
> > an encrypted mailing list is than for a non-encrypted one.
> 
> The difficulty is greater -- but not by much.  Attackers have long
> since become extremely proficient at installing keystroke loggers
> and extracting credentials in order to compromise many other forms
> of communication.  It's only an incremental, low-cost step for them
> to extend those techniques to encrypted mailing lists.
> 
> Now I'll grant that this is unlikely to happen immediately (except
> for intelligence agencies, who will be ready for this before it's
> deployed in the field).  But one of the things that we've seen over
> and over again is that once attackers decide that a particular
> target (or kind of target) has value, they'll focus on it with
> surprisingly rapidity.

That is true, if the attacker already knows whose communications they
want to snoop on. However one of the main benefit of using encrypted
communications is in the area of making it much more expensive and
politically risky for the attacker to determine which targets have
value.

In the absence of encryption, that can be achieved by means of mass
surveillance anywhere between the communications endpoints followed by
(possibly AI-based) pattern analysis, at near-zero incremental cost and
near-zero incremental risk per additional group that is subjected to
such surveillance for reasons of its communications being possibly of
interest to the attacker.

Greetings,
Norbert


More information about the Mailman-Developers mailing list