clandestine world peek out of the book. Countries like France ask detailed
tech questions, borrow or buy a couple of units for ?evaluation,? and then
disappear again. Did they break the encryption? Did they just want to see what
their adversaries were using? No one at Datotek knew.

Kinch ?carried the key generator logic diagrams and schematics? with him -- even
today, it?s good practice not to rely on their secrecy for security -- but the
details seem laughably insecure: four linear shift registers of 29, 23, 13, and
7 bits, variable stepping, and a small nonlinear final transformation. The NSA
probably used this as a challenge to its new hires. But Datotek didn?t know
that, at the time.

Kinch writes: ?The strength of the cryptography had to be accepted on trust and
only on trust.? Yes, but it?s so, so weird to read about it in practice. Kinch
demonstrated the security of his telephone encryptors by hooking a pair of them
up and having people listen to the encrypted voice. It?s rather like
demonstrating the safety of a food additive by showing that someone doesn?t
immediately fall over dead after eating it. (In one absolutely bizarre anecdote,
an Argentine sergeant with a ?hearing defect? could understand the scrambled
analog voice. Datotek fixed its security, but only offered the upgrade to the
Argentines, because no one else complained. As I said, no one knew anything.)

In his postscript, he writes that even if the NSA could break Datotek?s
products, they were ?vastly superior to what [his customers] had used
previously.? Given that the previous devices were electromechanical rotor
machines, and that his primary competition was a CIA-run operation, he?s
probably right. But even today, we know nothing about any other country?s
cryptanalytic capabilities during those decades.

A lot of this book has a ?you had to be there? vibe. And it?s mostly tone-deaf.
There is no real acknowledgment of the human-rights-abusing countries on
Datotek?s customer list, and how their products might have assisted those
governments. But it?s a fascinating artifact of an era before commercial
cryptography went mainstream, before academic cryptography became approved for
US classified data, before those of us outside the triple fences of the NSA
understood the mathematics of cryptography.

This book review originally appeared in AFIO.

** *** ***** ******* *********** *************

The Role of Humans in an AI-Powered World

[2025.11.14] As AI capabilities grow, we must delineate the roles that should
remain exclusively human. The line seems to be between fact-based decisions and
judgment-based decisions.

For example, in a medical context, if an AI was demonstrably better at reading a
test result and diagnosing cancer than a human, you would take the AI in a
second. You want the more accurate tool. But justice is harder because justice
is inherently a human quality in a way that ?Is this tumor cancerous?? is not.
That?s a fact-based question. ?What?s the right thing to do here?? is a
human-based question.

Chess provides a useful analogy for this evolution. For most of history, humans
were best. Then, in the 1990s, Deep Blue beat the best human. For a while after
that, a good human paired with a good computer could beat either one alone. But
a few years ago, that changed again, and now the best computer simply wins.
There will be an intermediate period for many applications where the human-AI
combination is optimal, but eventually, for fact-based tasks, the best AI will
likely surpass both.

The enduring role for humans lies in making judgments, especially when values
come into conflict. What is the proper immigration policy? There is no single
?right? answer; it?s a matter of feelings, values, and what we as a society
hold dear. A lot of societal governance is about resolving conflicts between
people?s rights -- my right to play my music versus your right to have quiet.
There?s no factual answer there. We can imagine machines will help; perhaps once
we humans figure out the rules, the machines can do the implementing and kick
the hard cases back to us. But the fundamental value judgments will likely
remain our domain.

This essay originally appeared in IVY.

** *** ***** ******* *********** *************

Upcoming Speaking Engagements

[2025.11.14] This is a current list of where and when I am scheduled to speak:

My coauthor Nathan E. Sanders and I are speaking at the Rayburn House Office
Building in Washington, DC at noon ET on November 17, 2025. The event is hosted
by the POPVOX Foundation and the topic is ?AI and Congress: Practical Steps to
Govern and Prepare.?
I?m speaking on ?Integrity and Trustworthy AI? at North Hennepin Community
College in Brooklyn Park, Minnesota, USA, on Friday, November 21, 2025, at 2:00
PM CT. The event is cohosted by the college and The Twin Cities IEEE Computer
Society.
Nathan E. Sanders and I will be speaking at the MIT Museum in Cambridge,
Massachusetts, USA, on December 1, 2025, at 6:00 pm ET. Nathan E. Sanders and I
will be speaking at a virtual event hosted by City Lights on the Zoom platform,
on December 3, 2025, at 6:00 PM PT. I?m speaking and signing books at the
Chicago Public Library in Chicago, Illinois, USA, on February 5, 2026. Details
to come. The list is maintained on this page.

** *** ***** ******* *********** *************

Since 1998, CRYPTO-GRAM has been a free monthly newsletter providing summaries,
analyses, insights, and commentaries on security technology. To subscribe, or to
read back issues, see Crypto-Gram's web page.

You can also read these articles on my blog, Schneier on Security.

Please feel free to forward CRYPTO-GRAM, in whole or in part, to colleagues and
friends who will find it valuable. Permission is also granted to reprint
CRYPTO-GRAM, as long as it is reprinted in its entirety.

Bruce Schneier is an internationally renowned security technologist, called a
security guru by the Economist. He is the author of over one dozen books --
including his latest, A Hacker?s Mind -- as well as hundreds of articles,
essays, and academic papers. His newsletter and blog are read by over 250,000
people. Schneier is a fellow at the Berkman Klein Center for Internet & Society
at Harvard University; a Lecturer in Public Policy at the Harvard Kennedy
School; a board member of the Electronic Frontier Foundation, AccessNow, and the
Tor Project; and an Advisory Board Member of the Electronic Privacy Information
Center and VerifiedVoting.org. He is the Chief of Security Architecture at
Inrupt, Inc.

Copyright � 2025 by Bruce Schneier.

--- BBBS/LiR v4.10 Toy-7
 * Origin: TCOB1: https/binkd/telnet binkd.rima.ie (618:500/1)