Mike Dilger ☑️ on Nostr: Long ago the US government wanted to put a "clipper chip" in everybody's computer. ...
Long ago the US government wanted to put a "clipper chip" in everybody's computer. This chip would encrypted traffic (wasn't common at the time) but witih a backdoor so that law enforcement could see your data.
Later NIST recommended Dual_EC_DRBG encryption that suspiciously could have been constructed with a backdoor, and later evidence from Snowden indicated that it probably did have this backdoor.
Also the P curves (P-224, P-256, and P-384) were constructed with numbers that are unexplained and could weaken the algorithm if you know the secret of how those numbers were chosen.
Chrome and Firefox do not support ed25519 in TLS, but they do support the P-curves.
I suspect TLS isn't secure against the NSA unless both sides are using algorithms that the NSA can't break, which in the browser HTTP world is hardly possible.
ed25519 isn't the only algorithm with nothing up it's sleeve (
https://en.wikipedia.org/wiki/Nothing-up-my-sleeve_number) but it has become the most popular and is quite efficient.
In the rust world, if you control both endpoints, you can use a more trustworthy TLS like
https://github.com/mikedilger/alt-tls If you don't control both endpoints, the TLS will probably fail to negotiate a secure algorithm.
The EU initiative Going Dark has now been launched by the EU Commission. They call it ProtectEU.
It’s a rebranding of Chat Control. New name. Same old propaganda.
The EU Commission’s goal is to “access encrypted data in a lawful manner, safeguarding cybersecurity and fundamental rights.”
Read the full release from the Commission here:
https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A52025PC0148
Published at
2025-04-07 00:46:43Event JSON
{
"id": "0a8f44d66aa2ceb06000cea92283b9e086677872ed0e76e3624a24035b2a93be",
"pubkey": "ee11a5dff40c19a555f41fe42b48f00e618c91225622ae37b6c2bb67b76c4e49",
"created_at": 1743986803,
"kind": 1,
"tags": [
[
"q",
"f4bc054e36e9e4faa671cd189a011e6fd2217415975c265a6aa2df92adfe39a8"
]
],
"content": "Long ago the US government wanted to put a \"clipper chip\" in everybody's computer. This chip would encrypted traffic (wasn't common at the time) but witih a backdoor so that law enforcement could see your data.\n\nLater NIST recommended Dual_EC_DRBG encryption that suspiciously could have been constructed with a backdoor, and later evidence from Snowden indicated that it probably did have this backdoor.\n\nAlso the P curves (P-224, P-256, and P-384) were constructed with numbers that are unexplained and could weaken the algorithm if you know the secret of how those numbers were chosen.\n\nChrome and Firefox do not support ed25519 in TLS, but they do support the P-curves.\n\nI suspect TLS isn't secure against the NSA unless both sides are using algorithms that the NSA can't break, which in the browser HTTP world is hardly possible.\n\ned25519 isn't the only algorithm with nothing up it's sleeve (https://en.wikipedia.org/wiki/Nothing-up-my-sleeve_number) but it has become the most popular and is quite efficient.\n\nIn the rust world, if you control both endpoints, you can use a more trustworthy TLS like https://github.com/mikedilger/alt-tls If you don't control both endpoints, the TLS will probably fail to negotiate a secure algorithm.\n\nnostr:nevent1qqs0f0q9fcmwne865ecu6xy6qy0xl53pws2ewhpxtf429huj4hlrn2qfuvutz",
"sig": "1f8342f962bcbc88145c4d10a998d3100eaedd0eb173ed77c863c6d2bdf16455f4a66806b33f8edd36fd08c6cd9281d5911ced14091f2fc906ff05a43ff762f0"
}
