<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<img alt="<img>"
src="cid:part1.02010203.06050100@immunityinc.com" height="393"
width="525"> <img alt="<img>"
src="cid:part2.01010800.03020202@immunityinc.com" height="391"
width="524"><br>
<br>
Mike Rogers, Michael Daniel (seen above with Natalie Black his
counterpart from the UK), and <a
href="https://twitter.com/daveaitel/status/590958031736741888">John
Carlin </a>all offered slightly different views of what the
Government would like to see when it comes to security, and in
specific cryptographic policy, at RSA 2015. Of all of them, John
Carlin was the most forward in his views, which mirror the FBI
director's pro-key-escrow position and talking points exactly (to
the point of being boring). For him, like many of these people, the
goal is to connect with tame reporters (David Sanger was there and
particularly chummy). My discussions with one of the head CNN
reporters in the space who was there indicated that the
Administration's push for crypto control is falling a bit flat.
Partially because you cannot on one hand say "We know nothing about
technology" and then on the other hand say "Why can't we have this?
We want it! Why can't we have WHAT WE WANT!" Violet Blue called it "<a
href="http://www.zdnet.com/article/the-dhs-brings-its-infantile-cyber-fantasy-world-to-rsa-2015/">infantile</a>"
and that's the perfect word to describe it, as someone who has a
three year old and carefully stalked all the Government panels and
keynotes at RSAC. This year's USG message SHOULD have been "<i>We
are going to regain your trust</i>". It wasn't and that makes
everything harder.<br>
<br>
Michael Daniel, who sits most closely to the President on these
things, offered a wide array of scripted feel good platitudes about
training and cooperation with Natalie Black, who said that of course
she "concurred" with all of them, but in a much nicer accent. On
this list, you may probably most remember Michael Rogers for his
Heartbleed blog post on whitehouse.gov, but he's a good bellwether
for what the White House is thinking on this issues. I pressed him
on it after the talk and he indicated that they're not looking for
rush through a forced solution here, just because the DoJ has their
panties in a twist. <br>
<br>
The most fireworks came during the Google vs Congressman Mike Rogers
panel (see above). Richard Salgado pointed out some things about the
SCOTUS cases which the FBI are relying on to do their metadata
collection in the first place: i.e. that there's nothing in the case
to say that the content of your email is not covered by the same
ruling. Frankly, he is a ridiculously good lawyer and was in fine
form and clearly has been directed to yield <a
href="http://www.engadget.com/2015/03/02/android-lollipop-automatic-encryption/">not
an inch of space</a> to the Government when it comes to crypto
policy. I hope they put that panel online because it was the best
entertainment at the whole RSAC . <br>
<br>
-dave<br>
<br>
<br>
<br>
</body>
</html>