[CryptoParty] Steer Clear of TeleTrust

Samuel Carlisle samuelcarlisle at gmail.com
Thu Jul 18 23:38:52 GMT 2013 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 19/07/13 00:29, Hauke Laging wrote:
> Am Do 18.07.2013, 23:54:19 schrieb Samuel Carlisle:
>> @Hauke and others, have you now seen the reaction on twitter and
>> also IRC to this offer from of funding? Do you still think we
>> should put something on the wiki to advertise this? I really hope
>> not...
> 
> I was not in IRC. I am not a friend of twitter. I don't think that
> a rdidiculously low text size limit is a positive factor for the
> quality of an analysis or an argument.

Hauke,
I politely remind you that it is your choice alone to not be on
Twitter to join that debate and to see, first hand, this information,
just as it is your choice not to be on IRC (same applies- the debate
already happened in two places already).

There were many voices in that discussion and the conclusion
was a clear consensus: Cryptoparty would be well advised to steer
clear of any association with TeleTrust.

> 
> I did not suggest to advertise Teletrust on the web site but "to
> have a positive list of offers which most of us would be willing to
> accept".
> 
>> I think it is abundantly clear that TeleTrust are associated
>> with Microsoft, RIM, BND, (and the list only gets worse... feel
>> free to dig more) so these guys are *not* really friends of
>> Cryptoparty- read some of the comments and guidance coming from
>> twitter:
> 
> I don't get the point. SELinux is from the NSA. Where are the
> people who refuse to use it for that reason, how many are they? I
> do not think they are interested in that but even if US and UK
> government decided to spend money for supporting Cryptoparties it
> would IMHO be stupid not to take it.

Whoever takes money from whoever else... they must choose- just decide
that for yourself and not on behalf of "us" and don't call the result
a Cryptoparty please.

The value of money is a question of its target not of its source.

So you are saying that the end justifies the means? I do not believe
in that in this case because it would be selling out... sorry.

Assessing the source is
> political debate. I just read on this list that the Cryptoparty
> community should stay away from political debate.
> 
> Assume the BND itself would teach the public about crypto. Would
> that be good or bad?

SRSLY? the BND?

"Now GCHQ and the NSA will grab all your emails, browser traffic,
skype calls, phone calls and text message by default... and we are
their strategic partner so they share information with us, and us with
them, but don't worry if you use these tools we cannot get yours in
plain text straight away..."

Or is it possible that this depends on what exactly they would teach
> and what not (like with every Cryptoparty)?

It depends if Microsoft server 2008 "securty feature foobar" or
Libelle is on the syllabus really now doesn't it? Does the tool being
taught empower people or enslave them?

> 
> 
>> @qbi @samthetechie Some groups received emails from TeleTrusT
>> saying stuff like "we give you money if you don't focus on Open
>> Source".
> 
> I would not accept that. But that is quite different from what I
> heard of them. The proposal itself seems ridiculous to me. Who
> would expect Cryptoparty people to accept that?
> 
> 
>> @qbi @samthetechie If TeleTrusT wants to make something useful
>> they should do some funding of crypto OSS (i.e. by paying Werner
>> or others)
> 
> So who can explain to me why and how the Cryptoparty idea (or
> single events) could be damaged by support with the "wrong" money
> BUT GnuPG

- -GNUpg is an established project with an established community and
supporting structures.
- -It is a tool so can be neutral and yet also dual-use.
- -Cryptoparty needs to have a sincere voice and be a movement
*strictly* by and for the people. If we compromise on that even 1%
then we have lost integrity and impartiality IMO.

couldn't? Is
> Werner a morally higher person than us? Can we be bought but he
> can't? Or is he more clever than us so that he would realize that
> someone tries to buy him but we wouldn't? I am not going to think
> that low on myself.
> 
> 
>> @qbi @fukami @samthetechie I'm not entirely sure you'd want an 
>> organisation with MS and RIM being member sponsoring
>> cryptopartys
> 
> Without having a single argument everyone is for my part to believe
> whatever he wants to. I just hope that emotion alone does not have
> a big influence on others.
> 
> 
>> The conclusion seems to be that TeleTrust can not be involved at
>> the parties to sponse any drinks or have adverts or anything
> 
> The first thing I added to the discussion was that I think spending
> money for drinks is a bad idea anyway. I don't think that the
> events themselves have a money problem at all.

Yes I agree with you and I am very glad that you concluded the same
way. I am just futher reinforcing to you now that more of the
community has been discussing this proposal and I am reporting back to
you with this information.

> This is even more true now that Cryptoparty is a recognized label.
> 
> 
>> could indirectly (and very very effectively) support #cryptoparty
>> by simply donating to OTR:
>> http://www.cypherpunks.ca/otr/donate.php GNUpg:
>> http://www.gnupg.org/misc/donations.en.html … Tor: 
>> https://www.torproject.org/donate/donate
> 
> Sure they could. But to my knowledge none of these projects is in a
> phase of unclear success whereas I hear statements like "In two
> months the Cryptoparty hype can be over".

Among many others I have been a part of the movement since its inception
(~September last year) so I am not sure where this two months comes
from, but if you are referring to the swimming shark of the media / news
cycle to drop it then that does not matter to me.

> 
> None of those projects will make the permanent success of the
> Cryptoparty movement more probable by getting better itself.
> 
> For all I know the amount of money they can spend is limited
> anyway. So the practical solution is: Those who believe that money
> from a disliked source should be avoided simply avoid it. Don't ask
> for it and refuse it if offered.

No, it is way more serious than that- it is not just "take it if you
want it". I think if you would accept money from such a company in the
name of cryptoparty, given what people who care about our movement
think and warned about vis. association with
those companies then you put yourself on the wrong side of the debate
and I think you should not therefore call yourself a Cryptoparty.

Reminder: there are different contexts in this debate so lets just be
careful we do not blur or confuse them:

1) Context: in hacker news / subculture atm is Ohm2013 + Fox IT debacle
2) Public Revelations about NSA Prism feeding DefCon + NSA not welcome
3) In Germany it is the pirates election and also anger towards prism
and tempora projects affecting German citizens.

> 
> But if you want to criticize others for behaving differently then I
> would strongly demand something that looks like an argument instead
> of pure emotion.
> 
> 
> CU
> 
> Hauke
> 
> 
> 
> _______________________________________________ CryptoParty mailing
> list CryptoParty at kuix.de 
> https://kuix.de/mailman/listinfo/cryptoparty


- -- 
Samuel Carlisle BEng (Hons) Dunelm MIET
pgp: 0x54828CAA
fingerprint: 9E01 D8A4 CFEB ED72 B0D2 70D7 1D57 A297 5482 8CAA
twitter: @samthetechie



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJR6HyLAAoJEB1XopdUgoyqReUH/0zfjj5b1pdZLBtTYqJ/G7cJ
4TO5gwoWQYRxZvfQkCToxwZxk9u/znDxvcKx4dy0wDV6y0ABKS+sb90riHl5NSKQ
E+liXzDXaxu1t+6K8NkEuzh58YIr1KA0NEX+XOsP7v9x5rMI9FNQdBN5YMvxlbaQ
6O1spqdPQwa7Tdb0H9zH8TrjqsCgrMmKQpOuskd5tKgNPXeKT+US5MIuBaMFk9e+
CQX4riV+L+c4Dw1H+0SSWuNasOtcJplKA+Ck3KrVg0XsClUktAOaKMBfpi8PzuYc
l0nWcM0RVdjX/QZpumPAUeX489aY5aHmoRwLcQM8tuqZadhJfWQBrCcZgMTfzOw=
=xw7/
-----END PGP SIGNATURE-----

More information about the global mailing list