throwaway654329's comments

This is one reason why political crimes are treated with different considerations under international treaties and in the day to day norms of states. The right to asylum, for example, in one country to avoid prosecution in another country exists, and it is regularly exercised.

America regularly support people who are charged with normal crimes that have obvious political undertones, as they should. This is an unmitigated good.

Example: https://en.wikipedia.org/wiki/Chen_Guangcheng

Other popular examples exist. These cases are also often very polarizing for the people of the country who is claimed to have been the victim of some political crime.

Note the definition of political crime ( https://www.merriam-webster.com/dictionary/political%20crime ) exactly makes the link: “political offenses … exclude any possibility of extradition.”

What makes up a political crime? By definition it can be subjective but some entire categories are usually included.

On the one hand, Assange is considered by many to be a journalist doing journalistic things, while others argue he committed espionage doing political things as some kind of spy. Prosecution for either is usually considered a political persecution worthy of asylum.

Ecuador granted Assange political asylum because of the U.S. investigation into Assange for his publications that were in the public interest.

That’s a great project, thank you for the link. Take my upvote stranger.

Okay, I’m happy to disengage as well. Thank you for your time and also for your insight.

You could also take the word of a person from deep inside the Obama administration: https://greenwald.substack.com/p/ben-rhodes-book-proves-obam...

> … I didn't acknowledge the majesty of the argument I had been confronted with.

Gee, thanks, I think. Sorry to say we don’t agree on your summary of my comment.

> Filippo Valsorda wrote a tweet that included a meme from "It's Always Sunny In Philadelphia"

From this, we already have serious disagreements. It’s part of a series of tweets amplified by others. It isn’t a single tweet in isolation even when we only look at the direct author. We do agree on the source of the clip, though I think you weren’t familiar with the background of the subject parodied in the clip as I raised it. Perhaps you do not believe it or perhaps you think that the parody somehow erases what was parodied originally. Reasonable people can read it many ways.

> That meme is a parody of "A Beautiful Mind"

There are many memes with text included, though this was a video, and it seems clearly a parody of Nash from that film. Here is one example meme that I did not create: https://me.me/i/mathematician-john-nash-during-a-schizophren...

> John Nash was mentally ill

Yep. The implication of using such a meme to punch down is mirrored in the words of the related tweets calling him a conspiracy theorist. This wasn’t as you tried to say, a single tweet, it’s presented in a context that is harsh, and condemning.

> John Nash was virulently anti-semitic

Maybe, it’s unclear if it was a byproduct of his mental illness or a sincerely held belief. It’s a third rail, regardless. I won’t hold a mentally ill person accountable for stuff they say during an episode, and I also won’t use it as a joke.

> Ergo, Filippo Valsorda is both bigoted against the mentally ill, and also an anti-semite.

This isn’t my claim. My claim is that it’s completely inappropriate on many levels to post not only that meme but to use it in tandem with direct personal attacks on Bernstein. This seems especially relevant in a thread supposedly about damaging behavior of other people in the community.

I would prefer you don’t cover for mental health stigmatization or antisemitic dog whistling even a tiny bit, especially if it was not intended. Painting me as crazy for my analysis is shitty. You asked me to bring some light and then attack me for sharing my actual thoughts. You didn’t acknowledge my insight about Jewish names, either. Was that news to you? Dismissively omitting anything about that insight is weird.

Please leave no room for ambiguity here, it is a very dangerous time in the world, and in America, especially after the Tree of Life murders. There are many many other examples of terrible stuff like that - and anything that even remotely smells like that must be immediately challenged in my view. No doubt this personal context makes myself and others extra sensitive. That is exactly why I explained my understanding of the meaning.

I am happy to provide an analysis of Homer Simpson memes in context if it can help us break the ice and not end this thread on hard or hateful terms.

You said this up thread and I find it incorrect:

> If you RTFA you'd know it pertains to bribery, not coercion

By quoting the article it seems the text directly contradicts your summary as being too narrow. General coercion is also be included as part of the concerns raised by TFA. He isn’t just talking about NSA giving a person a sack of money.

Meanwhile in this thread and on Twitter, many people are indeed doing the things you say that nobody is doing.

We almost all use Bernstein’s crypto — some as mere users, others as developers, etc. I’m not sure what that brings to the discussion.

I’m glad we agree that his work to gather more information is a public good.

> I didn't even notice a "punching down about mental health" thing. You wrote a long comment, I skimmed it.

That tracks, okay. It’s the weekend and I’m a nobody on the internet. Thank you for talk the time to continue to engage with me.

> Your allegation that Filippo and Matt Green are antisemitic is ludicrous.

That isn’t an allegation that I am making, you are misunderstanding and misrepresenting my statements. My comment even disclaimed that this probably isn’t intentional, merely that it is one read of that meme. My core point is this: posting that meme is unhelpful in a thread about Bernstein’s supposedly harmful behavior. Maybe you think it’s a funny joke, I don’t.

Either way - funny joke or not - it certainly isn’t a healthy discourse for “the community” to call someone names and to dismiss them as some kind of unhinged conspiracy theorist.

> I didn't say Bernstein had his ass handed to him.

Indeed, I did not claim to quote you there. I am characterizing your words into what I understand as your point. Let’s call this “the sore loser discourse” - it is repeated in this thread by others. It seems to be implied by my read when you say: “…he opted to participate in was corrupted by dint of not prioritizing his own designs.” I preemptively acknowledge that I may have misunderstood you.

What do you mean to convey by “dint of not” roughy? Don’t SPHINCS+ (Standardized in round three) and Classic McEliece (still in the running) count as prioritizing his designs? Also, what is wrong with participating in this standardization process? He seems to be unhappy with NIST before, and during the process, and with ample cause. By participating, it’s clear he has learned more and by winning parts of the competition, he’s not a sore loser.

If he wasn’t a part of this competition, people would probably dismiss his criticism as simply being outside. It’s harder to dismiss him if he is part of it, and even harder when his submissions win. It isn’t a clean sweep, but it’s lifetime achievement levels for some people to have a hand in just one such algorithm, selected in such a process. He has a hand in several remaining submissions as far as I understand the process and the submissions.

> I said that he wrote thousands and thousands of words about his reasons to mistrust NIST (not just here but elsewhere, and often),

So you note he has been saying these things for a long time. On that we agree.

> but still participated in the PQC contest,

You go on to note that he then participated in the process. He is documented in his attempts to use the process tools to raise specific issues and to try to have them settled by NIST as promised, with transparency. NIST has failed to bring that transparency.

Confusingly (to me anyway) your next statement continues with a contradiction:

> raising these concerns only at its conclusion

Which is it? Was he constantly raising these issues or only raising them at the end (of round three)?

Alternatively I could read this as “at its (the blog post) conclusion” which would be extremely confusing. I presume this isn’t what you meant but if so, okay, I am really missing the point.

What do I mean? Iran-Contra, Watergate, or a 9/11 report style report, like levels of investigation. Given how widely read the BULLRUN stories were, it’s not credible to suggest the details aren’t important.

The American people deserve to know who picked up the phone or held a meeting to make this happen. Who was present, who at NIST knew what, and so on. Who internally had objections and indeed who set the policy in the first place. What whistleblower protections were in place and why didn’t the IG have involvement in public? Why did we have to learn about this from Snowden?

NSA has a dual mandate, on that I hope we can agree. It’s my understanding that part of their job is to secure things and that part of their job is to break stuff.

NIST has no such dual mandate, heads should roll at NIST. We probably agree that NSA probably won’t be accountable in any meaningful sense, but NIST must be - we are stuck with them. Not trusting them isn’t an option for anyone who files their taxes or banks or does any number of other regulated activities that require using NIST standards.

To quote the article:

At the risk of belaboring the obvious: An attacker won't have to say "Oops, researcher X is working in public and has just found an attack; can we suppress this somehow?" if the attacker had the common sense to hire X years earlier, meaning that X isn't working in public. People arguing that there can't be sabotage because submission teams can't be bribed are completely missing the point.

He goes on to say: I coined the phrase "post-quantum cryptography" in 2003. It's not hard to imagine that the NSA/IDA post-quantum attack team was already hard at work before that, that they're years ahead of the public in finding attacks, and that NSA has been pushing NISTPQC to select algorithms that NSA secretly knows how to break.

Does this seem unreasonable, and if so, why?

He also remarks: Could such a weakness also be exploited by other large-scale attackers? Best bet is that the answer is yes. Would this possibility stop NSA from pushing for the weakness? Of course not.

Doesn’t sound to me like he only has concerns about bribery. Corruption of the standards to NSA’s benefit is one overarching issue. It’s not the only one, he has concerns about non-American capabilities as well.

The are many methods for the NSA to achieve a win.

Ridiculing people for worrying about this is totally lame and is harmful to the community.

To suggest a few dozen humans are beyond reproach from attack by the most powerful adversaries to ever exist is extremely naive at best. However that literally isn’t even a core point as Bernstein notes clearly.

One trivial example implied by the blog post: Such corruption could be involved in the non-transparent decision making process at NIST.

Regarding Dual_EC: we still lack a lot of information about how this decision was made internally at NIST. That’s a core point: transparency was promised in the wake of discovered sabotage and it hasn’t arrived.

It can be everybody involved. It should include NIST based on the history alone.

Some of the commentary on this topic is by people who also denied DUAL_EC until (correctly) conceding that it was actually a backdoor, actually deployed, and that it is embarrassing for both NSA and NIST.

This sometimes looks like reactionary denialism. It’s a safe position that forces others to do a lot of work, it seems good faith with some people and not so much with others.

Your augment that the selection doesn’t pick his designs doesn’t square with SPHINCS+ winning, and with others remaining in the running. His former PhD student won with Kyber. Bernstein did very well here and you’re misleading people by suggesting he had his ass handed to him.

He has published (and it is linked from the blog) his views on how to run cryptographic contests before their recent selection finished (late). His comments are not simply the result of the round three announcement.

As to the offensive meme, I note that you don’t even dispute the punching down about mental health. Gross.

Bernstein is a German-Jewish name. These names were given and in some cases forced on people in history to give a signal to others, usually negative. This is a hint, not a fact of his beliefs. My understanding is that he does come from a Jewish family. I won’t presume to speak for Bernstein’s beliefs, just that I see something obviously tense and probably wrong.

It’s your choice to not care to comment about the antisemitic connotations that I raised. My point was that for some people this is impossible to not see. It is highly offensive given the context. Now I understand that you refuse to do so when shown. Also extremely gross.

I am definitely not in that place. We clearly disagree on a few points.

The issues raised in the blog post aren’t just about NIST mishandling the FOIA. By reducing it to the lawsuit, this is already a bad faith engagement.

The blog post is primarily about the history of NSA sabotage as well as contemporary efforts, including (NIST’s) failures to stop this sabotage. Finally it finishes the recent history by raising that there are mishandling issues in the pq-crypto competition. The lawsuit is at the end of a long chronological text with the goal of finding more information to extend the facts that we know. This is a noble goal, and it’s hard to accept any argument that the past in this area hasn’t been troubled.

Weirdly there is an assumption made immediately by Filippo, made without basis in fact: he supposes Bernstein somehow lost the contest and that this is his motivation for action. Bernstein hasn’t lost, though some structured lattices have won. He still has submitted material in the running as far as I understand things. None the less we see that Filippo tells us the deepest internal motivations of Bernstein, though we don’t learn how he learned these personal secrets. This is simply not reasonable. Maybe it could be phrased as a question but then the rhetorical tool of denying questions as a valid form of engagement would start to fade away.

Back to the core of the tweets: One of the two says he hopes he wins the suit, the other says he’s doing it wrong. We could read that as they’re both hoping he wins, and yet… it’s hard to believe when the rhetoric centers around Bernstein’s supposedly harmful rhetoric in the blog post and lawsuit as being harmful to the community at large.

Bernstein isn’t attacking a singular person as Filippo is attacking Bernstein. Filippo even includes a meme to drive home the personal nature of the attacks.

For me personally, I used to find this meme funny until I learned the history of the meme. This strikes me as blind spot, my very own once. The context and history of that meme and that scene is dark.

So then, here is some light for you: This meme is a parody from a comedy. In turn it is a parody of a famous scene from a film portraying John Nash. It’s about a very famous mentally ill mathematician. Nash in this scene is the iconic, quintessential conspiracy theorist insane person once considered a genius. Nash is drawing connections that aren’t there and that aren’t reasonable. He was deeply mentally ill at that point in his life. That is a brutal thing to say in itself about anyone, but… it gets worse.

Nash was also famously a virulent antisemitic in some of his psychological breaks and outbursts. I don’t hold him responsible for his ravings as he was a paranoid schizophrenic, but wow I would not throw up that specific meme at a (Jewish) mathematician while implying he’s a crazy conspiracy theorist. It’s some really gross mental health hate mixed with ambiguity about the rest. It could be funny in some contexts, I suppose, but not this one.

So in summary: that is a gross meme to post in a series of ad-hominem tweet attacks calling (obviously Jewish family name) Bernstein a conspiracy theorist, saying he is making obviously crazy, baseless connections. The root of his concern is not insane and ignoring the history of sabotage in this area by NSA is unreasonable.

I assume this meme subtext is a mistake and it wasn’t intended as antisemitic. Still after processing the mental health punching down part of the meme, I had trouble assuming good faith about any of it. Talk about harmful rhetoric in the community.

I also note that they attack him in a number of other bad faith ways which make me lose my assumption of good faith generally about their well wishing on his lawsuit being successfully.

Meanwhile, I don’t take Bernstein on faith. I find his arguments and points in the blog post convincing. I find his history of work in the public interest convincing. I don’t care about popularity contests or personal competition. Meanwhile you say you’re not following the contest.

Corruption of NIST and other related parties isn’t just possible, we know it has happened. We should be extra vigilant that it doesn’t repeat. FOIA is a weak mechanism but it’s something. Has any corruption or sabotage happened here? We don’t know yet, and more important NIST have promised transparency that they haven’t delivered. A promise is a good start but it’s not sufficient.

NIST have slipped their own deadlines, they have been silent in concerning ways, and they’re still failing to provide critical details about the last round of NSA sabotage that directly involved NIST standardization.

One says he’s doing it wrong. The other says he hopes that he wins, of course!

Meanwhile they go on to attack Bernstein, mischaracterize his writing, completely dismiss his historical analysis, mock him with memes as a conspiracy theorist, and to top it off they question his internal motivations (which they somehow know) as some kind of a sore loser which is demonstrably false.

The plot twist for the last point: he is still in the running for round four and his former PhD students did win major parts of round three.

Yes, he appears to be unreasonably dismissive of the blindly obvious history and the current situation.

As an aside, this tracks with his choice of employers - at least one of which was a known and documented NSA collaborator (as well as a victim, irony of irony) before he took the job with them.

As Upton Sinclair remarked: “It is difficult to get a man to understand something when his salary depends upon his not understanding it.”

Joining Google after Snowden revealed PRISM and BULLRUN, as well as MUSCULAR, is almost too rich to believe, Meanwhile he asserts and dismisses Bernstein as a conspiracy theorist. It’s a classic bad faith ad-hominem coincidence theory.

Dismissing this lawsuit as a conspiracy theory is embarrassing for both of them.

There is ample evidence to document malfeasance by the involved parties, and it’s reasonable to ask NIST to follow public law.

You’re making a lot of assumptions and guesses to imply they helped overall when we know they weakened DES by reducing the key size such that it was practically breakable as a hobby project. At the time of DES creation, Hellman remarked that this was a bad enough problem to fix it by raising the key size. NSA and IBM and others ignored the cryptographers who were not compromised. Any benefit against DC attacks seems clearly like a hedge against DES being replaced sooner and against known adversary capabilities. When did the Russians learn that technique? Probably before the public did, I would wager.

The longer DES stays, the longer NSA retain their capabilities. Any design changes made by NSA are for their benefit first. That’s the primary lesson from my perspective.

> there was a substantial effort to weaken cryptography, decades before 9/11.

Yes, agreed. Everyone should dig up their favorite programs and discuss them openly.

Regarding Simon and Speck: one simple answer is that the complicated attacks may exist and simple attacks certainly exist for smaller block and smaller key sizes.

However, it’s really not necessary to have a backdoor in ARX designs directly when they’re using key sizes such as 64, 72, 96, 128, 144, 192 or 256 bits with block sizes of 32, 48, 64, 96 or 128 bits. Especially so if quantum computers arrive while these ciphers are still deployed. Their largest block sizes are the smallest available for other block ciphers. The three smallest block sizes listed are laughable.

They have larger key sizes specified on the upper end. Consider that if the smaller keys are “good enough for NSA” - it will be used and exploited in practice. Not all bits are equal either. Simon’s or Spec’s 128 bits are doubtfully as strong as AES’s 128 bits, certainly with half the bits for the block size. It also doesn’t inspire confidence that AES had rounds removed and that the AES 256 block size is… 128 bits. Suite A cryptography probably doesn’t include a lot of 32 bit block sizes. Indeed BATON supposedly bottoms out at 96 bits. One block size for me, another for thee?

In a conversation with an author of Speck at FSE 2015, he stated that for some systems only a few minutes of confidentiality was really required. This was said openly!

This is consistent in my view with NSA again intentionally pushing crypto that can be broken in certain conditions to their benefit. This can probably be practically exploited though brute force with their computational resources.

Many symmetric cryptographers literally laugh at the NSA designs and at their attempts at papers justifying their designs.

Regarding NIST curves, the safe curves project shows that implementing them safely is difficult. That doesn’t seem like an accident to me, but perhaps I am too cynical? Side channels are probably enough for targeted breaks. NIST standardization of ECC designs don’t need to be exploited in ways that cryptographers respect - it just needs to work for NSA’s needs.

NSA doesn’t want NOBUS, they’re not a person.

NSA leadership has policies to propose and promote the NOBUS dream. Even with Dual_EC_DRBG, the claims of NOBUS were incredibly arrogant. Just ask Juniper and OPM how that NOBUS business worked out. The NSA leadership wants privileged access and data at nearly any cost. The leadership additionally want you to believe that they want NOBUS for special, even exceptional cases. In reality they want bulk data, and they want it even if the NOBUS promises can fail open.

Don’t believe the hype, security is hard enough, NOBUS relies on so many assumptions that it’s a comedy. We know about Snowden because he went public, does anyone think we, the public, would learn if important keys were compromised to their backdoors? It seems extremely doubtful that even the IG would learn, even if NSA themselves could discover it in all cases.