Deniability

Robert J. Hansen rjh at sixdemonbag.org
Wed Mar 23 03:34:27 CET 2011


On 3/22/2011 10:16 PM, dan at geer.org wrote:
> Personally, I do think privacy and security are a zero sum
> game in the main, i.e., I agree with Ed Giorgio's commentary
> in the New Yorker ("The Spymaster," January 21, 2008) to that
> effect.

I think the best counterargument to this is that it's very easy to come
up with massive invasions of privacy that really do little to nothing
for our security.  The airport security examples more or less write
themselves...

My own dark suspicion is that what we have always thought of as
"privacy" is nothing more than an inefficiency in information exchange.
 So long as information exchange has a certain cost threshold, it's not
worth my time or effort to share information about you.  As that cost
threshold diminishes, so too does our privacy.  If it cost a penny to
leave a YouTube comment, Rebecca Black would have twelve people
scattered across the world who had said something bad about her.  Since
it's free, though... well, she has no privacy anymore, and I feel very
sorry for her.

If I'm right, then the only way to restore privacy is to raise the price
of information transfer in some way.  OpenPGP can be thought of as this:
to recover a message the attacker has to undertake actions that involve
at least some measure of expense.



More information about the Gnupg-users mailing list