[hidingfromherd]

Perhaps I'm being hard-headed here, but I don't understand the need to debate secure communications here, beyond the benefit of opening doubt in the minds of those ignorant of the underlying physical process.

This boils down to the fact (for me, and by proxy, my community) that I (and by proxy, my community) will not use insecure communication because someone or someones wants me to do so.

Shake your fist, rattle your sabres, put me in your sights, it will not change my (and by proxy, my community's) resolve.

And if I (and by proxy, my community) is to be prosecuted for using secure channels, then I (and by proxy, my community) will resort to steganography. Exact circumstances aside, there's no getting around the effects of a dedicated mind and an overwhelming power (of math) on my communications' transit.

The only means by which a paternal element can mediate the policies of my interactions would be to mediate the interface by which I (and by proxy, my community) communicate (in this case -- electronic/digital computer<->human), and enforce this with vigilant, and economically costly violence.

This matter-of-factness is similar to that in traffic stop interaction situation. I'm not happy that men with guns can systematically stop my transit, search my belongings, and steal my assets (at least in Texas), with ex post facto logic applied to the inherent justice, and I have no way of stopping this. The exact circumstances aside, there's no getting around the effects of a dedicated mind and an overwhelming power on my transit.

So I work around it, I try not to get stopped, and I deal with it when I do get stopped. I don't shake my fist or pout, beyond the benefit of opening doubt in the minds of those ignorant of the underlying physical process.

[mindslight]

While I agree with what you've said, the problem is that the sheer majority of people are using defective-by-design webcrapps. In fact, this is what has reopened this "debate" - TLAs got used to firehose access that companies no longer want to provide because it hurts their image.

So we, as a society, are in a situation where say 95% of people's software choices are being decided politically! If they're nudged into [continuing] using backdoored software, then criminalizing the remaining few is pretty easy to do, even if it's only through lazily-enforced laws like RIPA.

But as I said I do agree with you ideologically and have to hope that as people get a clue the pendulum will swing back to secure decentralized solutions. Because even if our holy leaders dismantled the NSA (et al) tomorrow, it's only a matter of time until the same electronic panopticon catches up with us via the private sector through eg insurance policies and aggressive price discrimination.

[adrtessier]

> But as I said I do agree with you ideologically and have to hope that as people get a clue the pendulum will swing back to secure decentralized solutions.

As technology progresses, eventually at some point those in power of that panopticon can actually grab the pendulum before it swings back. That's what you really have to be afraid of: if the surveillance programs get enough of a head start on the people recognizing their own government is watching their every move, they can cause enough havoc behind the scenes that whatever the people end up getting mad amount they can give up for PR, and just continue as usual with any and all of the other programs they didn't figure out.

It's debatable where that point is. I don't think we are quite there yet, but I expect we'll get there in our median lifetimes unless the American people do more than privacy slacktivism.

[mindslight]

I was referring to the pendulum of centralized-decentralized computing, not a general pendulum of people wanting totalitarianism/freedom.

FWIW I'm more worried about what becomes societally normal than what the government prescribes. In that sense, we need freedom-preserving software more to show people what is possible and give them alternatives, rather than to simply hide ourselves from abusive brother.

[dredmorbius]

There are vast tracts of the world which cannot simply thumb their noses at government requests. Including the systems and communications concerning you, your possessions (home theft by database access and/or impersonation fraud is a thing), and intra- and inter-business communications on matters concerning you.

You and your data trail are far larger than the few direct stones you cast.

And unless and until widespread encrypted comms are the default and assumed for all, only a very, very small subset of all online comms will be encrypted.

I've been fighting this battle myself for going on 20 years. I'd like to start seeing some fucking results, beyond "HTTPS Everywhere" browser plugins installed by a small subset of users.