[Joeboy]

> I hate to break it to you, but this is not going to keep you safe from a state-level adversary.

I don't really like this kind of anti-crypto argument. At this point I think making normal communications between normal people less embarrassingly mass-snoopable is a very worthy goal. For the time being, people who really, really have something to hide need to be extra careful (as has always been the case).

Which is not to say I'm feeling particularly enthusiastic about this device.

[pjc50]

This line of reasoning is sound; it's better than the current situation, and it's likely to work for a while as a minority solution to unsurveilled communications.

For a discussion of the _huge_ value of _international_ telecommunications, which can't be replicated by in-person communication, I reccomend "Talking to Vula" by the ANC (who were considered a terrorist group in many countries for a long time): http://www.anc.org.za/show.php?id=4693

[malandrew]

Ditto.

At the end of the day, state actors all have finite resources. If we continuously tell people to not bother with crypto at all, then we are being self-defeating.

Right now targeting those that use crypto is like shooting fish in a barrel. So few people are using crypto regularly, that they are incredibly easy to single out. If everyone used crypto, the amount it would cost state actors to find and further investigate individuals would quickly overwhelm the current resources of those state actors.

Obviously people using these devices need to know they aren't foolproof and only use them for casual secrets that at most implicate, but not provide solid proof of activities considered subversive by a state actor.

Making the cost of dragnet mass surveillance phishing expeditions prohibitively expensive should be goal number one right now in the crypto community. State actors commit the crime of violating everyone's privacy because it is so incredibly easy and cheap to do so.

I don't know how much it currently costs for state intelligence agencies to investigate an individual, but whatever it is now, I would hope the the price were one to two orders of magnitude more expensive than it currently is and be at least in the 7 figure range. If someone really is a terrorist bent on causing lots of damage and killing civilians, it is trivial to justify spending 7 figures on surveilling that individual. The benefit of making it super expensive to surveil everyone, is that these state agencies can no longer casually surveil those it shouldn't be, such as American lawyers doing work protected by attorney client privilege [0].

At the end of the day, although state actors have deep pockets, they are bounded to some degree by market factors like what activities they can legitimately justify given the cost of surveillance and the the amount of talent they have available.

[0] http://www.nytimes.com/2014/02/16/us/eavesdropping-ensnared-...

[lmg643]

I think the problem with a device like this is that the kind of person who would be interested to use this just may be precisely the kind of person that the NSA would like to keep tabs on, just in case. Enough so, that an NSA worried about the Snowden leaks could theoretically come up with this idea as a way to corral folks trying to escape the "conventional" channels. Particularly with an ex-Navy Seal as CEO (no longer trusts the US government?), what's to say that there isn't some other vulnerability built into the core of this device. “Just because you're paranoid doesn't mean they aren't after you”. ― Joseph Heller

[Consultant32452]

I would like to think that the business folks that purchased Blackberry devices for the security mechanisms would be interested in a device like this now that it's been made clear that Blackberry was compromised. Of course if someone really wants you, they're going to get your data. But a device like this might be (imho) a good solution for most business level data protection of the sort people thought they would be getting from Blackberry.

[Nrsolis]

It's not anti-crypto. It's PRO-tradecraft.

Introducing technology into a system can WEAKEN your security. Knowing that is almost 90% of the battle.

[Joeboy]

I think you're focusing on people who are under a specific, clear and present surveillance threat. Different arguments apply to those people to the majority of people who "value their privacy" in a more nebulous sense.

[maxerickson]

If you put * on both sides of some text, you get polite emphasis.

[wmf]

making normal communications between normal people less embarrassingly mass-snoopable is a very worthy goal.

Too bad an unsubsidized special-purpose phone will only address a tiny fraction of normal people.