[LAU] How can we convert money to fixing bugs in software?

Paul Davis paul at linuxaudiosystems.com
Sat Aug 4 13:06:33 UTC 2012

On Fri, Aug 3, 2012 at 6:45 PM, Patrick Shirkey
<pshirkey at boosthardware.com>wrote:

[ .... ]

Patrick, you missed the key point that Fons made:

> > Image for a second that the USA government would know a method
> > to factor any product of two large primes. Then it would have
> > to to consider the possibility that
> >
> > * another goverment would find out the same, giving it access
> >   to most of the financial and economic infrastructure of the
> >   USA,

Do you understand the scope of this risk? Do you understand how much
sensitive data is exchanged even just within the US government using
encryption based on factoring primes? Do you seriously believe that even
the US government would expose so much of its own communications, not to
mention that of corporations that prop the country up, just in order to be
able to decrypt *other* organizations' and people's communications?

and remember that governments actually don't have the largest incentive to
solve this particular math puzzle - they derive no income from the
existence or absence of encryption, only some leverage. criminal
organizations, on the other hand, have both the money and the incentive,
and if it was even imaginable that someone has solved prime factoring, then
i'd have to put money on it coming from such an organization rather than a

whether or not you want to be more or less paranoid about that possibility
i leave for you to decide.

> >
> > * or some private researcher finds it, goes public and all hell
> >   breaks loose.
> >
> The threat of death is quite a powerful motivator to keep things quiet on
> that front.  You gonna be the one who releases "that" algorithm?

this is paranoia beyond belief. the release of PGP by phil zimmerman
basically handed anyone around the world the ability to encrypt their
communication in a way that (at that time, without doubt) it could not be
decrypted. AFAIK, phil is still with us (despite certainly having had some,
ahem, interesting interactions with the US government after they classified
his work as a weapon). what zimmerman did is at least as problematic for
any government as the discovery of a prime factoring technique. the damage
to existing encryption systems would be total and instant once such a
technique was published. we already know that once it was published it
would never vanish from the net. killing the publisher/researcher would
accomplish precisely nothing.

> > In either case the damage would be on scale that even good old
> > O.B.L. couldn't dream of.
> >
> A CIA cutout created to allow the US to justify perpetual war?
> > Keeping such a thing secret for any time would be the most stupid
> > and irresponsible thing one could imagine. No USA government,
> > democratic, republican or neocon would ever do that.
> >
> Of coure not. The governments of this world are run by nice people who
> only want whats best for all of us right?
> > What would happen if someone finds such a method and has any
> > good sense would be that in a matter of months all RSA based
> > cryptography would disappear from all  systems that have any
> > strategic signficance. And that wouldn't go unnoticed.
> >
> >
> It's been known in some communities for a while. Nothing has changed so
> far. Apparently the status quo is quite acceptable.
> >> We are all exposed on the internet ;-)
> >
> > Most people just expose themselves. For example I wonder why
> > the owner of a business with 'subsidiaries' and 'partners'
> > (enough to keep one busy I'd think) is wasting his time trying
> > to make some petty money with a commercial website on Linux
> > audio. I can only assume that Boost Hardware Ltd. is going
> > all fours up, don't need to read your emails for that.
> >
> My company hasn't done bad from Linux over the past 14 years. Now I have
> decided to step up the pace and generate some real income. You're welcome
> to join me for the ride but I'll leave that decision up to you.
> If you continue to feel threatened by the possibility then you're just
> shooting yourself in the foot which is coincidentally one your your strong
> points so I am not surprised by this statement or your desire to run me
> out of town as you have done it before to other people who only wanted to
> be useful too.
> --
> Patrick Shirkey
> Boost Hardware Ltd
> _______________________________________________
> Linux-audio-user mailing list
> Linux-audio-user at lists.linuxaudio.org
> http://lists.linuxaudio.org/listinfo/linux-audio-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxaudio.org/pipermail/linux-audio-user/attachments/20120804/c59b0a7d/attachment.html>

More information about the Linux-audio-user mailing list