Slashdot Mirror
Is Crypto Solely for Criminals?
deran9ed writes: "Interesting outlook from an article on IDG detailing the use of encryption, and the negative campaigns against it. "When the Feds -- be they CIA, FBI, NSA, or Treasury Department -- discuss crypto, they make it sound as if anyone using it must be a child pornographer, drug smuggler, or terrorist." I wonder if the government feels the same about corporations encrypting their business plans in order to avoid having them stolen. Here's the article." The author has a point. SSL and SSH (or whatever it's called now) are widely used. But how many people routinely encrypt their email?
Khelben H. Vasq
I know I know "Bad LICH back to your Floor Boards"
It actually does't seem to matter anymore what you do... I was invloved in an accident in which the primary instegator drove off, but I ended up being pushed into a full sized pickup truck (parked) which then totaled my car. Because the person that hit me drove off & their were no witnesses & the police needed someone to blame they decided I'd make a nice target & hence decided I would be guilty of negligence while driving until I prove I am innocent... I frankly don't believe anyone in law enforcement believes that 'innocent until proven guilty' thing anymore...
Internet or no internet you are just one step away from being proclaimed guilty in the states...
we are all invisible unless we choose otherwise
Wow, you must have a stressful life. What do you have to do, beat the suitors off with a stick?
Is your company running tools written by ma
Hmm... That needs to be encrypted. I'm married. ;-)
The truth shall set you free!
I think the likelihood of all of the above happening is laughably low as you describe a cracker doing all that. A crew of feds on a sting with a search warrant, however...
"Beware of he who would deny you access to information, for in his heart, he dreams himself your master."
Notes does ask for your password (which in this case is also your passphrase) on start-up. This is used to decrypt your RSA private key (stored in your ID file). This is necessary because Notes uses strong encryption to authenticate you to the server and the server to you.
However, you can configure Notes to use a custom NT Gina to cache your NT password and use it to authenticate to Notes. This probably isn't as secure - particularlly because NT4 doesn't use a very strong hash to store passwords - but users hate having different passwords, so there you go.
If you encrypt or sign a message, it's automatically decrypted by other clients and verified. The sysadmin does not have direct access to the message, but likely has an archived copy of your ID with a known password, so he/she can impersonate you and get the message.
The sysadmin can also force all mail to be encrypted, or even force all RPC calls to the server to be encrypted (you can also force this for your client).
Notes encryption works very similarily to SMIME or PGP, uses strong RSA, and is generally considered to be good stuff. The problem is that all the mechanisms are proprietary, so it doesn't integrate well with other systems (such as Internet mail). This is mainly due to the fact that their infrastructure was put in the 1980s, so it predates things like SMIME by than 10 years or more.
Note that the huge deployed base of Notes in large corporations would make any government key recovery or storage plan a little problematic...
--
Business. Numbers. Money. People. Computer World.
Ack! Looks like you are right, the Mac version is way behind and no longer linked. This post explains it, sort of. Looks like Dave ran into some problems doing the port quite awhile back, since he relies on Novell libraries, and Novell quit supporting Macs. From the date of the post one might deduce that the problems proved insurmountable, or at least more trouble than he thought it was worth.
Not being a Mac user I remained blissfully ignorant of this till now. Sorry :(
"That old saw about the early bird just goes to show that the worm should have stayed in bed."
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
Right, however the IT department should be providing an encryption solution to users that they have proper backdoor access to.
If you are trying to hide something from management, the smart thing is to use your home computer with your home e-mail account and your home encryption key. Either that, or use Hushmail, but some outfits might bust you for that too.
--
Business. Numbers. Money. People. Computer World.
Lower storage costs and less network traffic are dependent upon how you encrypt. If you do a plain old encrypt a file and send it as an attachment, the file will be a little smaller (just zipping the file can get it smaller than that). But, if you do ascii ciphertext it will take 761 characters (not including PGP declarations) with a 2048/1024 DH-DSS bit key just to say 'hello'.
Depending on how they were encrypting, the mail admins may have been justified in reducing the load on their servers.There's one-click access to PGP, too, through the Outlook Express/Outlook/Eudora plug-ins. This is insufficient, just as it's insufficient to go the CA route.
What do you have to do to get "one click" encryption through the CA route? You have to send $50 off to some place. You have to send photocopies of your driver's license and passport. You have to go through an out-of-band verification process. You get your certificate. You have to set up your email client to use your certificate (and most of them have the most annoyingly vague documentation on how to do it).
Then you can click on "Encrypt"... but a passphrase dialog still pops up.
Going the Verisign/CA route is no easier than going the PGP route. In fact, it's probably considerably more difficult. I've been using PGP for years, but I've never bothered with getting a Verisign certificate. It's simply too much inconvenience and too much hassle.
I don't see it as being a "dumb users" problem, as is the typical slashdot fare for answering any question that starts with 'why.' Look at how easy hushmail is, if you can work hotmail you can work hushmail.
The problem to me seems more like this takes place in an industry that hasn't embraced hardware encryption for LANs let alone encryption for casual email. Once we show "dumb users" that the internet can be made a lot safer vendors will be making crypto products with hushmail like usability regradless of the government's anti-crypto chilling effect.
Most symmetric algorithms have fixed keylength, you can't just add bits.
--
Soma: because a gramme is better than a damn.
Encrypting material on mailing lists has a significant "what's the point?" factor. Most mailing lists are so easy to get on that encrypting traffic on the email list serves no useful purpose.
Any mailing list which is open to the public gets no benefit from encryption. Any mailing list which is closed only gets minimal benefit; the security of a message drops to the square of the recipients. If your intent is merely to protect mailing list data from casual eavesdropping along the way, though, here's a scheme.
1. Joining the list is done through the typical process, but a public key is given to the server as part of the process. (Out-of-band verification, etc., is assumed and won't be covered here.)
2. Whenever someone posts to the list, they sign the message and encrypt it with the server's public key.
3. When the server gets a message, it decrypts the message. It now has plaintext + signature. After verifying the signature, it sends the message out to each listmember, encrypting it for their specific key.
4. When a client gets a message, it decrypts-and-verifies that it came from the listserver. It then verifies that it came from the original sender.
... Note that this scheme is horribly naieve and is extremely vulnerable to attack. It also doesn't solve the key management issue; but instead of every listmember needing every listmember's key and all the assorted key management that entails, the burden is shifted entirely to the server.
It's a simpler scheme than every participant encrypting for every other participant's key, and simpler schemes tend to be more robust and secure. That doesn't mean that this scheme is robust and secure.
As I said, encrypting mailing lists has a large what's-the-point factor. There are so many ways to attack a mailing list that I doubt one could be secured.
The latest pgp freeware for Windows has a pgp plugin for icq. I havent used it, but I'd love it
if all my icq contacts would use it. Too bad
the learning curve for pgp is still steep for
newbies after all these years.
Why the fuck would a government impersonate it's citizens????
Why the fuck a government attempt to screw it's citizens (unless, of course, it's been totally subverted) ???? And why citizens instead of ranting about that would actually do something about it, like vote them out of office????
Why those incredible assaults come from countries where individual rights are paramount???? France doesn't have as high a reputation for individual rights as anglo-saxon countries, yet there are no widespread perception of wholesale government spying on and impersonating their citizens!!!!
Must be some collective neurosis...
--
This is possible with Outlook Express (and Netscape or Outlook too I think), using the standard SMIME. The problem is that to use it, you need a certificate, and to get a certificate you have to pay (Verisign or Thawte : doesn't matter, they are the same company holding now a monopoly). What is really sad is that, even if you are ONLY interested in encryption and don't care about authentification, you still need a certificate from a CA.
I once tried to make some home-made certificate with OpenSSL, but it's really complicated and not very compatible with Outlook Express... until someone makes a "point and click" certificate generator for Win32, SMIME will never take off.
As much as I hate Lotus Notes, I do have to give it credit in one regard: Notes can be configured to encrypt mail by default. Within the large corporation I work for, every piece of intracompany email is encrypted.
"When the Feds -- be they CIA, FBI, NSA, or Treasury Department -- discuss crypto, they make it sound as if anyone using it must be a child pornographer, drug smuggler, or terrorist."
Edsfay areway ealousjay ofway ourway yptocray. Eythay antway otay oghay itway allway otay emselvesthay.
I run exim at work as our SMTP server. It supports TLS for using ssl when sending and receiving (if it converses with a mail client or other server that supports it).
I've educated the users about ticking the ssl option on their email clients, so emails are automatically encrypted at least to our mail server, and sometimes on the next hop too (I have spotted in the logs a few other servers talking via ssl to us).
This doesn't give you the same benefits of encrypting the message before you send. The mail is unencrypted when in the mail spool, there's no guarantee the hops'll all be encrypted, but it's a start at least - and if more servers do bring TLS facilities online, then you'll get encryption happening automatically without the users having to worry about it.
Actually, it depends. Some mail servers (MS Exchange, for example) have a 'single instance' store of messages, so that each unique message only exists once in the database. Adding encryption means it must be encrypted for each recipient, which means that single instance just isn't possible. Granted, this is a rather poor excuse for trying to get a small group of people to stop using PGP.
I used up all my sick days, so I'm calling in dead.
In this case it's interesting to note the difference between Canada and the US's stance on encryption. This is from the Goverment of ontario, and tells you that you SHOULD encrypt your email.
-- Don't make me replace you with a small shell script.
This seems like a horribly contrived lead-in, but I can't resist. I've been planning the announcement of the Passive Privacy System proposed specification for a week or so, but we seem to have a window.
PPS is a propposed way of getting everyone to exchange public keys and passivlely encrypt email without a) burdoning the average user with the details of cryptography or b) providing enough impact on the average non-PPS user to matter.
It requires a great deal of work, both on the spec side and the coding side to come up with plugins for MUAs. But, in the end I think that the world will benefit from the resulting increase in passive key exchange and encryption.
Please, feel free to send mail about PPS to me.
Thanks.
Thawte still assigns free personal certs. Thier 'web of trust' set up where you have to
visit 3 notary publics is a bit of a stretch though. I can't imagine any normal email user
going out of thier way to do this.
Good points. I agree with most, that is to say, you took the words right out of my mouth.
I would also add that if I want to encrypt email, all my friends have to as well (if I'm very strict about it).
Also, could we not put in a header in the mail to direct you to a server to get the public key?
Woz
How about instant messages? I don't know anything on this, but can say aol read your aol ims?
As I recall, all the major messaging services (AIM,MSN,Yahoo) except one (ICQ) go through the server, therefore they should have no problem reading them.
Or how about the next step, could you encypt your instant messages? just wondering
A friend and I used PGPNet, a free handy-dandy addon to PGP (comes with, actually), and we achieved something along these lines with ICQ on Win95/98.
By setting up our PGPNet sessions, me on my cable, to his dial-up subnets, and him on his dialup to my cable IP, and then sending a few ICQ messages back and forth, we eventually managed to get a PGPNet connection established.
I can't guarantee that it was encrypting our messages (there aren't many ports of TCPdump to Windows), but what I DO know is that our ICQ messages were a lot more reliable. They used to take from 5-50 seconds to send, and sometimes would fail to send entirely, or get lost en route. After PGPNet said 'Connection Established', however, they sent almost instantaneously, and with 100% reliability. File transfers, chats, and everything worked admirably.
What I've been looking for, however, is a way to automatically encrypt any communications between two IPs, rather like PGPNet does, except for Linux. stunnel does something similar, but you really have to set it up beforehand, per-service, and it's rather annoying.
~Sentry21~
Certainly the Feds could do such a thing. But the fact is, crackers have already performed similar feats in compromising systems, and you cannot discount the possibility it could happen to you.
I wonder what side the slashdot community is going to take on this issue...
It has to do with importance. If the only time you encrypt email is when it's important, then it becomes very easy for an attacker to say--"oh, hey! This fellow usually sends one encrypted email a week, but this week he's sent off 25. I wonder what's up?"
Simply knowing that a message is important can often be all the help an attacker needs. This is called "traffic analysis" (analyzing patterns in who talks to whom about what, whether the conversations are normal or priority traffic, etc).
By routinely encrypting all your traffic, that denies an attacker the ability to say "... hey, encrypted traffic is coming down the wire; something's up."
for lovers>>
--
This would be like taking every word you ever said, taping it, and handing it over the the government. There it's put on permanent public display, for anyone and everyone to use against you whenver they need to.
What with everyone suing everyone nowadays, I wouldn't want to flame someone on Usenet, and then be sued for a few million dollars because I digitally signed it. Oops, made their case easier!
I think signing is great in the few places where it's necessary, but that's rare. You don't put your signature on every single word you speak; why would you want to do differently for digital communications?
I can explanate how to administrate your network. You must configurate and segmentate it, so it can computate.
There's always been the principle of innocent until proven guilty. But as soon as there's anything electronic in the picture, it's suddenly the opposite; you're under suspicion for anything and have to prove your innocense, and nobody seems to complain.
--
"Oppression and harassment is a small price to pay to live in the land of the free." -- Montgomery Burns.
I've heard this statement over and over, and while I advocate encryption even in e-mail, my common sense tells me that this analogy is extremely flawed. I don't fear that my postman will read this card for two reasons
Putting the stuff in a letter so the government won't read it, makes no sense either, for they have the right tools. So the only reason to write a letter is, so the people living with the person won't read it. Of course, they can always rip the letter open and invent some excuse. Shouldn't happen to often though.
However, a letter is always more personal and you can simply write more than on a postcard. :)
Free Manning, jail Obama.
My favorite passtime is now getting throw away email accounts in the names of most wanted criminals and terrorists, encrypting slashdot stories with strong keys, and having these accounts send each other their messages, in hopes that the NSA will waste computing power on it.
====
Crudely Drawn Games
I don't normally encrypt my e-mail. Most of the time it really doesn't matter. I'd expect that many people are the same way.
Realisticly, there's no reason to encrypt a message asking if a co-worker goes to lunch. The business plan for the next year though is a different storry.
MPM
There's two ways of looking at this one is to retort "Why should a democratically elected government be so afraid of its citizens?" If those citizens are so incompetent and dangerous that they shouldn't be allowed to have cryptography, what in hell are they doing with the power to elect the government? The fact that the government is trying to take away something that's useful to its citizens is sufficient reason to be nervous about its intentions and willingness to be responsive to electors.
The other side is that citizen paranoia is exactly why the governments are trustworthy. The citizens are always on the lookout for anything suspicious that the government is trying to do- which is their job as voters, I'll point out- and quick to criticize it. That acts as a substantial brake on the government doing anything terribly effective to take away the rights of its citizens. It's countries where people have long had a more accepting view of government as protector and not in need of supervision that government abuse is rampant.
There's no point in questioning authority if you aren't going to listen to the answers.
At our company we encrypt all email. Since a lot of the discussions are about patented or patent pending ideas, due dilligence requires that any email going over the net be encrypted. We expanded that to be all email to add to the noise factor should someone be watching.
Hushmail.com does that. If the other person is a hushmail user, you check the "Encrypt" button and it will be encrypted.
"huhuhuhh, go away. we're like closed or something"
While I will not argue that encryption is an absolute necessity these days I will say that, from a security administrator's perspective, it can certainly be a pain in the ass. Previously we could setup intrusion detection systems and watch for attack signatures. Now with SSH, SSL, IPsec tunnels, VPN's, encrypted e-mail, etc. we're blind to what's coming through our perimeter. That leaves us with two options: 1. Let the encrypted traffic pass through transparently and hope for the best.. (i.e. let's just assume SSH is not able to be compromised on that system, or that your SSL web server running IIS doesn't have some unknown exploit on it), or 2. Stop it all at the border and force it to authenticate and then let it pass through.
Now, option 1 is probably what most of us are doing at this point but it's going to come back and bite us in the ass one of these days. Crackers are probably more than happy to expand their reach on your chewy internal network after they've penetrated your firewall and IDS by coming in via an SSH exploit or an Apache/SSL exploit. Option 2 becomes a major inconvenience to the users and you're still relying on even these authenticated encrypted users not to do anything that goes against your security policies. So what does that leave us with? We're between a rock and a hard place. We would need to move IDS onto all the servers as well.
An enormous part of the problem with having routinely encrypted email is that without taking basic manual security precautions it is impossible to eliminate man-in-the-middle attacks. If Alice has never sent email to Betsy, how does she go about getting her public key? From a PGP key server, say? How do you know the [insert government/industry black hat name here] isn't standing between you and them, replacing the real key for one they have the password to, and then passing on the email re-encrypted so Betsy would never know?
Perhaps you're smarter than I am, but every _transparent_ method of key verification I can think of is foiled by someone in control of your link to the outside world. In order to keep this from compromising your security, you'd need a different verification method. This would require, for instance, Alice calling Betsy over the telephone and having her read back her encryption key's fingerprint, and comparing it with the key she got over the net. This isn't something a casual computer user is willing to do regularly in order to check his security.
I have never seen statements from any government organisation suggesting crypto software is used only (or mostly) by criminals.
Have you?
But I have seen allot of statements about worries about criminals using crypto software from government organisations.
In the end the problem is that the police has had the possibility to tap phone wires etc to hunt down criminals like pedofiles and drug lords and those possibilities fades away with the arrival of better technology. In the end this means more drugs and child abusers in the world.
Of cause there is always the issue of personal integrity but I doubt anyone would suggest that those crimes aren't important to fight or don't you care about your children's future?
There are two sides of this coin.
From the article...
"Another problem with many crypto offerings is that they can leave you vulnerable to forensic-grade tools that can pull data from supposedly deleted files, including the temporary files that your e-mail application uses as a placeholder for the message before it's encrypted. It seems to me that the only way to get a truly secure solution is to write a mail application that has the encryption built in at the most fundamental level, so that even if temporary files are recovered, they may be rendered useless. "
Anyone know of clients like that?I recently produced an online recruitment and jobsearch site that allows recruitment agencies to post jobs by email (I'll resist a shamelss plug). The job post emails are encrypted, mostly at the request of the agencies who were worried about their usernames and password being intercepted as plain text.
-----
Linkage to the article here.
This post expresses my opinion, not that of my employer. And yes, IAAL.
What I mean is, envelopes aren't the most protective of barriers for the ingegrity of our letters, but it suits the purpose for general mail. I don't hear of many drug lords sending kilos of heroine in an envelope (and if they do, then they should be prosecuted to the fullest extent of the law on the principle of being a dumb-ass-at-large alone). If goverments think that sending email with a not-so-heavy-encryption is a sign of wrong doing than envelopes should give off the same feeling.
If people were given the opprotunity to know that they could send messages with a low-level encryption, I seriously doubt it would do the unlawful abiding citizens any good to use it as well. There has to be some sort of privacy granted to the people that use it for that sake of it, as opposed to those who just want to cover their tracks. Instead of taking rights away from people, goverments should be trying to make sure that there are ways to protect ourselves (which, they say, this is all about anyhow, right?). If I could be guaranteed that my email sent using PGP was safe enough to fly across this vaste open network of computers and be safe from prying eyes, as well as the prying eyes of the goverment, I would be pretty darn content. I mean, that is the same feeling one gets when they drop a letter into the mail box, right?
Something else to think of is that, if one were to play the devil's advocate, and believe that all of this controversy was the goverments trying to keep the law abiding citizens safe, than it really shouldn't matter. That is, unless it's in the case of one of the other posters that used encryption to send root passwds. I think back to the story about the U.S.P.S. and what they would and wouldn't send. More specifically the fact that they opened up a package because the weight seemed ill-proportioned to the size of the package (it was a brick wrapped in gift-wrap). If the anaology of the envelope would hold true, than doesn't the same for encryption?
I'm not saying that I agree with invasion of privacy for the sake of it, but, if you're really not doing anything that's wrong, why worry about it? Maybe people have to stop watching Conspiracy Theory and actually do something to help goverments embrace encrytion for the rights of citizens.
"From of old, there are not lacking things that have attained Oneness." - Lao Tzu
I don't normally encrypt my e-mail. Most of the time it really doesn't matter. I'd expect that many people are the same way.
:-)
I encrypt email when I can, partly because it doesn't matter and there is nothing special in the email - call me an asshole, but I feel that as long as crypto is only used for things that people want kept secret, it's use will remain a red flaq to privacy and rights abusing agencies and the like.
I find it morally offensive that putting your email in an envelope should tag you for "special treatment", and I suspect the only way to make the use of envelopes acceptable is for them to be in everyday use as a matter of habit, much like the extra hassle we go to in sealing our smail-mail letters in envelopes. It's interesting - we're so used to the envelope proceedure IRL, that it doesn't seem like it takes any extra effort, and yet the biggest reason I haven't written anyone a personal snail-mail letter for probably a year now is that e-mail is so much quicker, largely because I don't have to mess around with envelopes and the like. Bit of a double standard for me to complain about the CTRL-C, ALT-CTRL-E, Passphrase, CTRL-V key sequence needed to encrypt my email then!
can someone explain to me why anglo-saxons are so f***ing paranoid about their democratically-elected governments
Centuries of experience (ours and others). Governments are made up of INDIVIDUALS. Failing to hold them accountable and granting them sweeping powers is a recipe for disaster.
--
"that's not encryption - it's a new perl script that I'm working on..." - from some Matrix parody
I don't know about everybody else, but the only reason I don't encrypt my e-mail is because the other people aren't running PGP/GPG, or because I'm sending it to a mailing list. I have been known to commonly PGP sign my e-mails, however.
Why the fuck a government attempt to screw it's citizens (unless, of course, it's been totally subverted) ???? And why citizens instead of ranting about that would actually do something about it, like vote them out of office????
:-) and are granted immense powers with which to carry out this important duty.
Ok, I can't be bothered explaining this all in detail, so I'll be brief and over-simplify. Apologies for any innacuracies that result.
In the Real World, the government is elected, but it is not the government that does the dirty work. It's the various secret agencies charged with protecting National Interests (and any dirty laundry the government would prefer the voters not know about
Now the people who work in these agencies are NOT elected, and do not lose their jobs every time a government changes. They live in a world where secrecy is paramount, everyone is hiding something, and spies regularly turn up where you least expect them. The culture and atmosphere inside such an isolated group whose duty is to be paranoid, can get _very_ fucked up. (eg, such isolation that at least one agent thought that people who wore jeans were potential subversives.)
An example closer to (my) home: A person who campaigned against the New Right Economic theories (which were held to be completely above question at the time) had his house invaded by the SIS. Only by accident did he have any reason to suspect it was not a normal burglary, and only by several court trails did he even manage to get the SIS to cease their denials and admit they did it. Another man here was placed under survelience for 12 years (ending in a house search for spurious reasons) because he has writen some articles for a peace magazine. Back then, "peace" meant people who didn't like nuclear weapons, and surely the only people who could possibly have any reason to dislike nukes would be the commies. Ergo peace campaigners were the Red Commie Threat. And they were treated as such, dispite of their civil rights to free thought, speech, and association. (Only Decent Folk should have rights. It's ok to violate a Crim's rights in order to catch them and thus make society safer). So they had their rights abused regularly by enforcement agencies as a result. Nothing to do with the government, (though the government, like much of the public, would have had very little sympathy and considerable suspicion for such "peace" advocates.) People who were NOT criminal, but people who disagreed with the ideology of the day (and the twisted ideology of the agencies). That, and the fact that there is virtually always no recourse and no justice, is what is so scary.
In other words, the reason people are paranoid is because misdirected uses and abuses of power happen and happen regularly. If you know people who campaign on issues, or who are in activist circles, or who are protestors for a cause, then finding first-hand accounts of such abuses is unlikely to be difficult - agency activities are not even remotely as exotic as they seem to most citizens. And that's a huge part of the problem - the idiotically niave "Haha, she's obviously got an inflated sense of self importance to think the secret service is interested in her", thus denying victims even recognition of their injustice, and replacing sympathy with scorn.
It's a real problem, and if you can't be bothered contacting people who have been injustly targeted by agencies, at the very least do not scoff about it.
As to your questions, even the democratically elected governments have great restrictions on the information they can get on the activities of certain agencies, and more to the point, it's in both parties interests that the difficult questions simply don't get asked. So they don't.
The only other unmentioned use I can find for crypto is trading mp3s...
Those who need *really* secure communication knows this already, and would verify the fingerprint by a secure method. What would getting all people to encrypt it, lead to?
First off, you have to catch the key when it's first negotiated, or it won't work. You'd have to actually have to *be* in the middle, as in having a system to take out encrypted mail, decrypt (with your man-in-the-middle key), encrypt (with recipients key) and put it back into the stream in close-to-real time to work. You have to catch every following mail, or it won't work either, people would suddenly find mail with unknown (man-in-the-middle) keys.
Compared to now. Listen in. You don't even need access to change it. You don't need any real processing capability, just storage store (should you ever need to read it).
Why make it easier than it should need to be? Just because cars both with and without alarm get stolen, why get one without if you can get one with for the practicly the same price? (Only as it is now, the one with alarm is far more cumbersome to use, but that could be fixed - if we want to...)
Kjella
Live today, because you never know what tomorrow brings
<rant>
Being a strong advocate of cryptography, I would advise many to use it on a daily basis for one of many reasons. Signatures for one are a definite identifier, and one can almost (99% percent of the time) be sure the sender is legitimate, it can even save you in a legal bind, unless of course a man in the middle attack took place beforehand (then you'd have to prove that which is extremely difficult).
Having worked in the industry for some time now, I've had to send out confidential information based on a company's plan to provide certain services relating to business, and in order to make sure no one else gained access, whereas the company could lose a foothold in its market, I've used PGP religiously. Even when sending normal messages from my account I always at least sign email by default to ensure the recipient it is me and no one else sending them data, after all this is the companies bread and butter, so why should anyone think we've something to hide on a criminal sense other than the fact that we would enjoy it if our data was for our eyes only.
</rant>
<fyi>
Well it seems this may be a Windows based problem. Using a combination of scripts, I make sure things are gone when I want them gone. I've heard this on a security list before though, and although when it comes to Windows I wouldn't know how to answer this. The latest versions of Mutt, and Pine provide its users with a lot better protection than a Windows based program. (No this is not a Windows flame)
</fyi> <note>
Familiarity is a problem for most, as simplicity can sometimes be even more deadly. One would think that in the digital age, with all the evolving constantly going on, people would think twice about using terms, words, number combinations to ensure their passwords are as safe as can be. Sadly it isn't, what can be a nice approach is for some of the developers to generate a passphrase along with the user, maybe use their MAC address along with their word or number, etc. to make it a bit more difficult to break, however due to the fact people love simplicity, they'd probably scribble it on a post it pad and leave it lying around like dumb asses
. </note>
<assessment>
Government's outlook on crypto has always seemed to disturb me. Anything they cannot get their paws on, they seem to despise and attempt to discredit, shame it by any means using all their resources. This was recently seen when the NSA stated, Usama bin Laden was using high tech crypto and steganography to hide his actions. While I don't doubt this, crypto has been around for a long time, and even if they outlawed it, it'd become so taboo in the digital age I think people would crave for it.
They tried passing a law which stated something like encryption when used in the commission of a crime will result in more penalties or something to that extent earlier this year under the public's nose.
360 degrees of Karma
As far as legitimate use goes, Debian comes to mind immediately. The developers use md5 hashes and gpg signed .dsc and emails to ensure that the packages they upload aren't corrupted by some grumpy cracker in transit or after upload. Their build system automatically checks these things, making us Debian users feel about 10^10 times more safe :-)
You know, I hear this claim pretty routinely, but I know that the best publically known factoring algorithms are superpolynomial at best. Do you know of any evidence to support the assertion that the NSA can quickly factor integers?
From time to time I have heard about cases where law enforcement tapped some poor sap's lines, and gave the encrypted stuff they found to the NSA, who forwarded back the plaintext after a couple of years. I've never heard whether these were "strong" algorithms being crypanalyzed or exploits on other parts of the cryptosystem.
If you "the NSA can factor quickly" folks have any evidence, please let the rest of the world know! After all, it's not too late to abandon RSA. Factoring may, but doesn't necessarily, solve discrete logs, so DSA/ElGamal encryption might still be safe. If not, elliptic curves or some such might work.
Quantum mechanics: the dreams that stuff is made of.
Its definitely not funny. You were right, the server's SysAdmin(s) was(were) reading your email. Somebody's supposed to be charged with insuring that no proprietary information leaves the door.
I suspect that if I tried to use encryption at the office and ran pgp on my desktop, I'd be frog-marched right out the door before being flipped into the ditch. In the military, I'd be shot.
The problem with encryption is one of control. I can't encrypt anything but I can request that it be reviewed and encrypted before being sent. Likewise, if I get encrypted email, it has to be decrypted on the server and reviewed before I get it.
Its not my server. Its the corporations.
If I have something to say, I always remember that its going out in clear text on an unsecured channel, or its going to be reviewed, and that anything I put down will come back to haunt me.
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
Pegasus Mail does this. By default it uses the built-in encryptor, a variant of the old crypt program, to encrypt the message with the passphrase you give it, but it also has a documented interface for third parties to add decryption modules. The QDPGP plugin handles PGP. It's pretty damn slick.
Pegasus has been around a long time, it's free-beer, and it's by far the best email program around IMHOP. Very regularly I hear or read someone wanting their email program to do this or that, and almost always pmail does it already. The only good reason not to use it is it doesn't run on linux. If you use windows, dos, or mac, I really can't see why anyone would use anything else. And the Linux port might materialise soon.
"That old saw about the early bird just goes to show that the worm should have stayed in bed."
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.
They have no idea what's in it, but more importantly, neither does the NSA!
Actually, this is a very important way to help keep your mail secure. If I send one piece of e-mail to a friend, that one message can be "cracked" with enough effort - the NSA will run it through some dedicated hardware or whatever.
Alternatively, I send you ten messages, all about the same size. We've agreed on the algorithm already, and I have your public key. So, I send you one encrypted message, and nine chunks of /dev/random. You just decrypt all ten; nine fail, and you delete them, the other is the message. The NSA, meanwhile, have ten message to brute-force instead of one - which makes their lives ten times harder.
Better still, I send ten messages, all encrypted with keys of yours - nine of which are just junk. Again, this makes life much harder for those trying to crack your messages...
...that the feds should waste their time worrying about people who are using crypto for *good* purposes? Should we establish a billion dollar fund to help them track down people sending their grandmother a get well email with PGP?
Of course they're going to concentrate on kiddie porn and terrorists. For their intents and purposes the world of crypto might as well be comlpetely composed of that type of person. Just so long as they do not make absolute and blanket statements painting crypto users as such.
"Beware of he who would deny you access to information, for in his heart, he dreams himself your master."
The problem with this is that you can't have a secure, knowledge-free cryptosystem. The short of it is that in order to securely communicate, the system has to authenticate the receiving end. This can only happen if the sender and receiver share some secret; otherwise, there is no way to prevent man-in-the-middle attacks, or even outright impersonation.
This means you cannot have a system where not even the sender knows the cert/passphrase/whatever -- because then there is fundamentally no way to distinguish between the supposed sender or receiver, and an imposter.
Quantum mechanics: the dreams that stuff is made of.
Personally, I don't encrypt my email because I don't send anything sensitive. If I did though, the $14.95 wouldn't kill me (especially since my OS, browser, and all my apps are free).
I don't, but that's because I feel I have absolutely nothing to hide. Porn, unsettling comments about George Bush, comments about professors on the school's mail server, etc: if I can't take responsiblity for what I view and say, why do it in the first place?
I agree that encryption should be around for those want it, and without it the average Joe will automatically lose to the "man". But do I think that encryption is primarily used by people causing trouble? Well... yes. It's hard to argue logistically otherwise (unless you're going to bring up freedom fighters in some third world country, in which case I would agree you have a point). But if average Joe is using encryption, you've got to understand that someone out there is going to ask "Why? What's he sending that's so important?"
- I don't care if they globalize against free speech. All my best free thoughts are done in my head.
However my buisnessplans, source code, very private emails to girlfriend and secret documents, etc are very valueable to me, if the competition gets a hold of them, im screwed.
Shouldn't that be:
if the competition, or my wife, gets a hold of them, im screwed.
;)
Why those incredible assaults come from countries where individual rights are paramount???? France doesn't have as high a reputation for individual rights as anglo-saxon countries, yet there are no widespread perception of wholesale government spying on and impersonating their citizens!!!!
Yeah, not for at least a hundred years! Ok, 75. No? Would you believe 50? Ok, 50.
Sheesh, I know lots of people who are older than that. I hope to be older than that somebody, myself, and without having to live through my goverment spying on and/or impersonating me as they might well have done 50 years ago.
Of course. But that's not the main point of encrypting email. The point is to prevent the vacuum-cleaner approach, which the intelligence community is quite fond of. Plaintext email is begging for something like Carnivore.
Pretty much all countries have been intercepting telegrams that cross their borders ever since telegraphy existed. The explosion of personal/commercial email must look like a bonanza to these folks. Vastly more grist for their mill.
The danger is not that government can intercept your communications - they've always been able to. The danger is that it's so much cheaper and easier to intercept, enabling massive programs of pattern matching and neural net scanning.
They developed the technology to factor primes quickly years ago. All this whining about Cryptography is just a red herring so that the terrorists and child pornographers will continue using it rather than trying to develop something else.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
When I've talked to Outlook users about using encryption, the barrier is that they don't want to use passwords for it. They've clicked "remember my password" for their POP3 account, and they don't want to remember another one to decrypt or sign emails.
I think that generations to come will use encryption because they're already comfortable with email. Yes, just using Eudora is a struggle for my mom, but it's easy for my sister, and it will be second nature for my daughter. Using crypto will be a much smaller hurdle in the future because everyone will alredy be at a higher level of expertise to begin with.
Likewise I think PKI will get better as more people become familiar with the technology.
There's a huge learning curve for the written word. Most people spend years in English classes and still don't get it right! Crypto is easier than that.
We Norwegians like to look at ourselfs at the most democratic nation in the world. :-)
Still there have been accusations against the largest political party here for using the
civilian inteligence POT (a brance of the police)
to keep track of political opponents.
And there is no doubt that people with "red"
political oppinions have been under surveilance,
a new law makes it possible for peole to se their
"folder" and lot of people have used this opportunity to see if what they suppspected was
true.
It doesn't matter how easy it is to use crypto software. If you send an e-mail to a random employee saying "Hi, this is Bob from the IT department. We're having a problem with your e-mail account. Please send me your private key and passphrase so that we can fix it.", chances are that the key will be sent back to you.
And as soon as some idiot encrypts ILoveYouAnnaKournikova.jpg.vbs, then that file is going to travel throughout the organization with no chance of e-mail filters catching it.
- Crypto software is hard to use.
- Public-key infrastructure is still mostly a myth.
- Crypto requires learning.
... Those reasons are the big ones for why more email isn't encrypted. 95% of the population lacks the technical skill to use encrypted email, and 95% of the population doesn't recognize the need to encrypt mail anyway.Before anyone even thinks of refuting this one, think about this: anything that requires more technical know-how than Outlook Express or Eudora is automatically going to fail in the marketplace. Why? Because 95% of the market finds their own technological skills tapped out at the level of using Outlook Express for basic email, to say nothing of doing something as advanced as (gasp) installing a crypto plug-in.
As long as crypto software has any kind of significant learning curve, crypto software is not going to be widely-used. SSH is widely-used today, mostly because for casual use it's indistinguishable from telnet--the sysadmin (who has tech savvy) takes care of key management and the users just have to be told "type ssh instead of telnet".
For all the millions which have been invested in PKI, it's mostly a crapshoot. The typical user still doesn't have a bat's chance in hell of using a public-key infrastructure properly. If Joe User wants to encrypt a message for John User, Joe doesn't know where to find John's public key, wouldn't know how to import the key even if he had it, and wouldn't know to do an out-of-band fingerprint verification before using it.
Sometime, take a look at the documentation that comes with PGP. It's pretty good, all things considered. It's also about the heftiest documentation I've ever seen for a consumer software product.
Users don't want to learn. Users think (not unreasonably) that programmers should make programs work the way the users think they should, instead of demanding that users learn the way the programmers think the program should work.
For the record, my public key is available on Slashdot. I encourage anyone who sends email to me to use it. Even without a fingerprint verification, it's better than nothing.
The problem is that there is still one person who knows about the keyphrase or certificate...you. A better encryption system would make use of one-time keyphrases or certs that not even you know of. Recent announcements on /. sound like they're headed this way. The only question is will the public ever see it or will someone get kidnapped in the middle of the night a stuffed into the trunk of a car.
"Beware of he who would deny you access to information, for in his heart, he dreams himself your master."
Unless I'm sending something absolutely unimportant, like "meet me at the movies at 8", I almost always use encryption when talking about anything personal, like "meet me in front of the bank at 8 with car running". It's not really that I worry about people intercepting the message while being routed across the net, since I'm not exactly a criminal and anyone who knows me is not smart enough to intercept my email, but I fear that someone will gain access to the recipient's mailbox (boss monitoring email, friend is over playing around on computer..) and reads a message I would rather they not see.
A problem with relying on encryption of email solving this problem is that most mail clients will allow you to save the message in a decrypted form for filing once it has been received and decrypted. It would be much more secure if mail clients didn't allow you to save a message in decrypted form, and required you to identify yourself to the decrypter every time you wanted to go back and read an email.
The biggest problem with email encryption is that so few people have keys. I have tried to encourage friends and family members to use encryption by helping them create PGP/GnuPG keys and encrypting everything I send them. Sometimes they encrypt when they send back. Encryption of email might be more common if all the major mail clients shipped with encryption software bundled and installed/setup keys with the default installation.
More people would probably use encryption if they were aware they can do it, had access to the software to do it, and had it setup/knew how to use it.
I live in San Diego, and work for an ISP in Oaklahoma administering the network systems remotely over SSH. The guys out there handle all of the sales and such then e-mail to me the usernames and passwords, credit card info, demographics, etc. This is exactly the kind of information that /needs/ to be encrypted when sent over the Internet, especially for such an insecure system of data transfer as e-mail. If that stuff was sent in plain text I'd have hundreds of sucessful crack attempts, instead of a pretty tight and secure box. Even the best security measures will ammount to nothing if we broadcast user/pass combinations to just anybody who's watching.
A more appropriate analogy are the specially shielded and sealed envelopes that banks occasionally use to send you new PIN codes. But when was the last time you used one of those?
I genrally just don't send anything I wouldn't want the gov't to read. It's simpler to be safe rather than sorry.
More race stuff in one place,
than any one place on the net.
Same here.
The difficulty with encrypting everything at this point is that I communicate frequently with people who don't really feel inclined (at least, not yet) to get PGP or GPG; that and most of my e-mails aren't terribly confidential.
However, by signing everything, it may encourage people to find out for themselves what digital "signatures" and encryption involve after they repeatedly see "BEGIN PGP SIGNATURE" at the bottom of all my correspondence, in addition to the direct benefit of having some form of verification for e-mails.
:wq
Hm, if it is going that way then the bad guys will have no choice except to start hiding their encrypted data. I am trying to imagine FBI and CIA scanning all bypassing images and mp3 files for hidden patterns of data. Perhaps then someone will try to ban the steganography? Funny. Instead of making noise more money should be invested in developing cryptoanalysis techniques.
Once upon a time, we sent mail via telegraph, messenger, smoke signals, etc... Now almost everyone would shudder at the thought of sending anything more than "Hi, wish you were here." in the open via mail. People understand that things like:
1. Confirmation of product orders
2. Notifications of important events
3. Upcoming job changes
need to be kept private. If I want my mom to know that my wife is pregnant, I should have the right to tell her and noone else. If I order a large, black, metal-studded dildo for myself, only I should be able to see the confirmation.
Call me an optimist, but I belive that people will eventually see that privacy is a right. If you are in your own home, on the street, at work, or in legal trouble you have the right to a private conversation.
Also, why has noone pointed out that our government encrypts almost everything? I work for a government agency and nothing at all comes into or out of my office without encryption. If our government has the right to demand that information be kept secret from its citizens and enemies, don't we have the right to pprivacy from our government and out enemies?
I'd rather you do it wrong, than for me to have to do it at all.
How many people _REALLY_ use encrpytion on a regular basis?
And I'm not talking about ecryption that is fairly transparent to the user, such as SSL or SSH. I mean, how many people go out of their way to encrypt every email they send? Not many. With all the people in this world who send email, I'd be surprised if one percent or two actually make a habit of encrypting email. And that's being generous.
How many of those that do use encryption use it for other than legal purposes? I bet that the percentage he higher than those who send email without encryption. Then law-enforcement officials step in and do one of the things they are best at (regardless on how illegal it may be), stereotyping. With that they can make broad claims such as "Criminals are more likely to use encryption when sending email." Regardless that there is no evidence to back that up. They do this to help fight crime by narrowing the focus of their resources.
The media and politicians take general statements such as the one above and distort it until it suits there own purposes. "Only criminals use encryption!" What's really scarey is the average citizen will not question such statements and accept them as being true! If they do question it, it along the lines of "I don't use encryption, my friends don't use encryption, so it must be true."
"When the Feds -- be they CIA, FBI, NSA, or Treasury Department -- discuss crypto, they make it sound as if anyone using it must be a child pornographer, drug smuggler, or terrorist."
Statements like that, as disheartening as they are, don't really surprise me. Don't be surprised either when politicians start passing laws making the use of encryption to further criminal activity a crime. Yeah, it sounds stupid, but laws similar to that already exist.
Go not unto/. for advice, for you will be told both yea and nay (but have nothing to do with the question)
That still doesn't explain it. A PGP mail sent to multiple recipients is IDEA-encrypted with one single session key, and the session key is RSA-encrypted in the header, once for each recipient. So there's still just one identical copy of the message sent to everyone. Storing a single instance of the message will work fine.
(Substitude IDEA/RSA with something else for newer versions of PGP.)
---
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Phil Zimmerman is still alive. You think he would have ever even lasted as long as to release PGP if they couldn't break his stuff?
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
/.
First off, it hasn't "always" been "innocent until proven guilty" even in your country. Did you sleep through history class?
Second, this is not the norm today throughout the world (although it is now commonplace). For instance, I am told that France still requires all accused criminals to prove their innocence.
Slashdot once again proven to be overrun by technologically talented know-nothings; frog-bashing at 11.
--Charlie
Right on. Encryption is also a tool that helps prevent your information from being violated. Notice that the availabilty of weapons and training (selfdefence) are proactive. They are things you can do yourself to learn to deal with potentailly unpleasant situations. You have options other than: wait for the cops to get there (though this may still be your safest one). Encryption is a similar tool for the defence of your information... And in this day and age direct information attacks such as true name fraud (basically by collecting enough information about you to functionally impersonate you) are much more lucrative than any pick pocketing.
--locust
As Bruce Schneier pointed out, if you're communicating with somebody, there has to be a cover story of why you and the somebody are exchanging JPGs of giraffes, and the cover story has to have existed before you started using stenography. "Hiding" it inside a .JPG doesn't do you much good, if the fact that you're suddenly exchanging .JPGs is itself a clue that Something Is Up. Traffic analysis is a powerful tool - the first people outside the high levels of the US Government that knew that Operation Desert Storm was in gear were the pizza parlors that noted a BIG increase in late-night deliveries to Department of Defense buildings in Washington DC.
Well, one big problem with PGP is the lack of integration with mailers. SMIME capable mailer (like Netscape and Outlook/OE) generally automatically verify the signature and display the results to the person reading the message.
I have an older version of the PGP add-on for Outlook, and it doesn't automatically verify messages. I'd have to reach all the way up and push a toolbar button, an for most mailing list messages, I can't be bothered!
Perhaps this is because the SMIME is based around the 'trusted root' idea, where PGP can be used in a completely decentralized mode. (You wouldn't be able to verify my PGP sig because I'm not on any key servers, for example.)
Decrypting the above message is a violation of the DMCA act - you will be punished! Oh yeah, and this entire message was also encrypted with binary ascii. If you're reading this, you've just broken the law again!
ALL YOUR BASE ARE BELONG TO US!
SIG: HUP
In the United States, we have such a bewildering array of confusing and, in some cases, contradictory laws, it is very nearly impossible to go through the day without violating a few.
So, since we're all criminals, in way anybody who uses cryptography is a criminal. But so is anybody who doesn't.
-
Well, it's /.-ed. If the article is simply along the lines "Why don't people really use encryption on a daily basis? Is it just because it's for doing bad things?" then I have this to say:
Until people in general take a more serious-minded approach to computer security in their daily lives, speculating about why people don't use one tool or another tool is pointless, and basing speculations about the nature of the tool on that speculation is also pointless.
It all comes down to what we expect to be an adequate security awareness in the general net population. Apparently, not even sysadmins really take the time to truly safeguard the systems they run, as witnessed by the latest big credit card hack. If sysadmins themselves don't take security seriously enough to plug holes in their setup that are two years old, what will this imply about the general populace's attitude toward computer security?
Come back when electronic security has become more of an accepted part of our daily lives, and we can talk about whether crypto is for criminals or not.
Police have a hard job, but worst I think is the corrosive daily contact with criminals and their horrible acts. Without special precautions, they are sure to eventually see the world as made up of victims, perpetrators and cops [potential or actual].
A user of encryption doesn't much look like a cop, although in one way he is -- enforcing privacy and wiretap laws. A user of encryption doesn't look much like a victim, although they are potential victims of wiretap or other eavesdropping. So encryptors must be criminals.
I've got a good one for you:
The Republic of Ireland and Britain have widely different laws regarding crytography.
So, take it that one country makes it illegal to withold your encryption keys, even providing for jail time and fines if you 'lose' your key and can't prove that the loss genuine. That same country can have a minister or local authority, among others, issue a warrent to police to seize your encryption keys. Also, ISPs are warrented to have systems set up to intercept and decrypt e-mails.
On the other hand, the other country makes it illegal for the police to force you to give them your encryption keys. Warrents are still the realm of the justice system and e-mails are not intercepted by-in-large.
Now guess which country is which: Ireland, which garners a relatively huge amount of IT investment from across the globe, and Britain, which doesn't get as much investment as its skilled workforce, developed infrastructure and cheap(er) overheads would seem to warrent.
As most of you may know, this big difference all came about with the RIP bill in Britain which introduced a lot of these draconian measures. At the same time in Ireland, legality of electronic signatures, privacy of encryption keys etc... were being insured by new legislation.
I amn't suggesting that this difference is the sole cause of the investment in Ireland, but it doesn't hurt the matter at all. Plus it also shows the demand for the legitimate use of cyrptography by big business.
Read this(old) wired story for more.
8)
Concrete analysis...
00DD, ryptoc si oodg orf uttingp p3sm no imsterA!!1
There are two kinds of people: 1) those who start arrays with one and 1) those who start them with zero.
I use ssh for remote access to my home network. There's no way I'd use telnet... it's not that I have something to hide, it's just that ssh protects my personal information and resources (i.e. my home computers). ssh is as easy to use as telnet, too!
I also use ssh (and ppp) to create a VPN between my computer at work and my network at home since I need to work at home sometimes and my company won't provide a real VPN for non-modem users.
Encryption is safe (safer, at least, than plain-text), easy to use a good way to protect my privacy (which we all know, is constantly threatened).
When we are all using wireless internet, cryptography will become essential to stop passers-by sniffing all the internet traffic. It is important that we work the bugs out of the software before then.
One way to look at using crypto is that you don't send postcards discussing private matters, you put a letter in an envelope so the postman can't read it.
;)
I encrypt my email so only the recepient can read it - if the security services here in the UK want to read my email, they will use the RIP bill to get the private key and passphrase from me. At least then I'll know they are interested in me
Interesting opinion. Now Chris, did you steal that from another webpage, or was that your own opinion?
---
...about 3 years ago, a bunch of us started pgp-ing our email at work, both internally and externally. Within a week, an email from the IT department went around asking people NOT to use encryption, as 'it is causing an undue load on the mail server'. Baloney, they just couldnt read our mail any more....
So if the sender and receiver can know it, then someone else can guess it. And if the system is open, then it is more likely to be studied on how it can be cracked. Truly a double-edged sword.
"Beware of he who would deny you access to information, for in his heart, he dreams himself your master."
and send it to random friends all over the country, none of whom use encryption.
They have no idea what's in it, but more importantly, neither does the NSA!
--
Someone you trust is one of us.
You absolutely are, given that your business plan appears to be to steal other peoples' reviews.
People have long memories, you know.
-- the most controversial site on the Web
Since people are granted the "flimsy" protection of an envelope, without really having to worry about their privacy being invaded, would it be far-fetched if we were granted "flimsy" encryption as well?
The best analogy I can think of for the "flimsy" encryption of an envelope is ROT13. We don't worry about postal mail privacy because the system has been around forever, but a postal employee with a light bulb can capture credit card numbers more easily than a script kiddie with an NT/IIS hack kit can.
Sure, digital information is easier to inspect in large quantities, but I bet that somewhere in the world, in some despotic little country, there is a 'postal code reader' in a mail room that includes a backlight and an OCR system. Posties on the line wouldn't even have to know about it.
PS, for those of you who are so concerned about email encryption; you do shred your bills etcetera when you discard them, right?
If you say, "now I'll be modded down because of X", I'll happily oblige.
I work for IBM, so of course we use Lotus Notes. Quite frankly my feelings about it are mixed... But, it does allow for both encryption and digital signatures, which most people I work with use all the time. Why wouldn't you encrypt sensitive email? Anything marked "confidential" has to go in a locked drawer if you print it out, so why not a "locked drawer" when you send it?
More to the point, I like the fact that digital signing gives me a much stronger case if someone ever wants to call one of my decisions into question. Producing an email (or ICQ log ala eFront) is easy, but unverifiable. Producing a digitally signed message showing you had clearly stated your position is a godsend. (or a curse I suppose, depending on your actions...)
Anyway, I think cryptography has a much place in the civilian cooperate sector as the military.
Note: Yes, I work for IBM, and I use Lotus notes as an example. This is because it is what I am farmiliar with, and I'm not doing this to troll or advertise. Quite frankly, I don't care if you use it or not.
If you use windows, dos, or mac, I really can't see why anyone would use anything else.
Hmmm. After a brief look at pmail.com, I can't turn up any info about a Mac version -- looks like Dos/Windows only. Am I missing something?
--
Libertarianism is rich wolves and poor sheep playing gambler's ruin for dinner.
that is sent to the remote office... automatically, thanks to VPN.
"And like that
Crypto is needed to secure information from being sniffed, accidently or purposedly seen by a third party or to avoid its diffusion over the limits you set it to be distributed. And crypto is used not only to exchange informations between different parties, or to hide secrets. For example we and many other networks use ssh, VLANs, VPNs and other tools to administer servers, communication equipment or to create private information channels. And most of these tools possess encryption algorythms to avoid information leakage.
For years many organisations use crypto tools for their tasks. And I am pretty sure that Government Agencies even partially support such use. The problem here is not the use of crypto but which crypto tools are used. Unfortunately, here Agencies do play the wrong hand. Their ideas, porposals about crypto are clearly out of sync with modern needs. They would like to see us using those tools that would ease their work. Sorry but it is pretty clear that today these same tools are just easy enough to be broken, bugged or overcome by criminals, terrorists and spies. Some can even be broken by teenagers due to some stupid design flaw or something similar. Anyway, most agencies may accept their defeat, no matter the hardships they fall in, because they have a duty in priority - secure their countries from different types of menace. So the may say some bad words about PGP, SSH and similars but still don't do a finger against them.
And I do believe that most agencies don't speak about crypto users as crooks... With exception of police forces lacking basic infrastructure and knowledge about Internet. There yes, they think they can "secure the world" for you. They look at you with such wild eyes when you say that you use crypto tools to administer the network. Yes, these ones do ask "what you wanna hide" and similar things and look at you most as a gang boss. But these people are not those who decide should crypto be used or not... First there are regulations and laws. Second the control on the use of crypto tools is mostly given not to police but to intelligence agencies. So you may say "go walk" if the guys don't understand your work.
But there is also a group of organisations that for the last years started to talk too much about crypto, hacks and open standards/sources. And speak about their supporters and users asd terrorists, crooks, pyramid makers and criminals. These organisations are the software corporations. I wouldn't be admired that the author messed things a little bit. Note that he first speaks about Zimmerman vs. Network Associates and the fact that these guys wanna hide something. And only then he speaks about the Agencies. I wouldn't be admired that N.A. started a campaign against Zimmerman and started to claim that opening everything would only help criminals and crooks. And calls to help the poor Agencies that live so badly in this hard crypto world...
The bottom line is, people use crypto WHERE IT COUNTS. Usually this is when dealing with anything related to money. And no one is coming out against this use of crypto. In fact it's been strengthened in most browsers from 40 to 128 bit strength.
There may be management tools that I am not aware of, but it has been my experience that PGP is hard to impliment when you are sending a message to a large mailing list. You have to know everybody on the list and encrypt the message to each of their public keys.
Don't get me wrong. I am all for PGP, but this is one problem that I haven't found an elegant solution for.
I currently use PGP only for sensitive email, but I would like to be able to use it for all internal email.
The important thing about the setup is that it is encrypted to the point where it doesn't matter if we hook up to a customers network and use their internet connection, not even if we have to discuss exactly how much they are going to pay for an Ad-Hoc change to the system while we are onsite. Anybody can see the benefits of this setup, or rather the problems of not securing the communication.
But when it comes to home broadband access, it's a totally different matter. Here in Denmark, most of the cable companies are also providing a network connection of some sort. In most cases, the setup is such that anybody within a block of flats can sniff the traffic to and from the rest of the flats in the same block. In such a setup, it is vitally important that you believe really much in the integrity of your neighbours, or cover up your network traffic.
//Wegge
If crypto is outlawed, only outlaws will use crypto? Its a bit cheesy, but i think in this discussion it makes sence, if we consider crypto to be for outlaws only, we de-educate the people, and tell them that using crypto is like being an outlaw.
:)
However my buisnessplans, source code, very private emails to girlfriend and secret documents, etc are very valueable to me, if the competition gets a hold of them, im screwed. So when i send them out encrypted, am i an outlaw? Hell no, i just dont want every script kiddie to get his hands on my info/passwords/documents/etc..
Crypto is about more then just hiding stuff from 'The Man', its about keeping things private from all people.
Thereby, does paying with a credit card over a SSL connection make me a criminal 'cause i dont want every script kiddie to have it ?
-- Chris Chabot
"I dont suffer from insanity, i enjoy every minute of it!"
The problem is, encrypting email is a lot less automatic than when encryption is used for secure web transactions. When I visit and want to buy something I don't have to manually get their key, click the encrypt button, enter keys, send. No all you have to do is check that you've entered a secure zone. If in email programs all you had to do was click the "use encryption" tickbox and have the program sort all the details out then a lot more people would use encryption.
My friend told me he's worried about the same thing here in Melbourne. There's not enough security conscious companies out there and even fewer mainstream users. I think because since WW1 encription has been a primarily governmnet led field. Previous to that a lot of encryption theory was done by mathematicians. At least that's what Discovery Channel says.
But it seems the US government wants to capitalize on the ignorance of encryption to control it's image. Instead they should encourage its use and development.
The function of gpg I use the most is the signature, I very rarely use the encryption functions, in fact the last time I got an encrypted e-mail was 5 months ago and it was the new root password for a system I admin.
Quite frankly if the police have a desperate need to know the root password on a server I admin, then they can have it...if they want to get in that desperatly they will anyway.
Simple fact is, if the police want into your data, they will get in eventualy...I have nothing that I desperatly need to hide, just things I would rather keep to myself. I mean, if you can't trust the police, who can you trust.
That was irony for the humourly challenge.
--
Yeah, I had a sig once; I got bored of it.
If the problem with users using crypto is that most don't know how or aren't technically savvy enough, why not abstract this from the user completely to make mail traffic (more) secure to snooping? People are under the assumption that there's nothing that can be done from the time that they hit send, and I'm not sure that's completely accurate.
What about encrypting at the SMTP level? e.g. the information is transmitted plaintext to your local outgoing mail server, but then that server relays the mail traffic in an encrypted form - to other servers to which it knows how to get the proper public key from. This isn't ideal, but it would be at least a little better. Along the same lines - when CPU power is cheap, why not encrypt at the router level, too? Why do people assume that the government has some god-given right to have the ability to snoop on my private converstations?
Along the same lines, why not integrate the encryption/identity stuff into the OS - this is harder in windows, but could more easily become a part of gnome, or whatever.
Just some thoughts.. and I encrypt work and project related stuff when I travel in case my notebook gets swiped - and I'd like to retain that right. Crypto filesystems are the ideal here, though - again, as transparent as possible.
..don't panic
This used to be a hobby of mine when I was bored back in college.
I'd log on the the local Unix cluster and probe the /tmp directory for anything interesting. I'd look at what people were editing, etc. Sometimes the files were writable (their umask set to 000). Insert some typos! Heh. Binary files would get run through 'strings' to look for goodies.
strings was especially good to use on the swap file. /dev/mem and /dev/kmem may have been protected, but the swap was wide open and often contained things like passwords. Muhahahah!
Other tricks? create a file, seek to some far off location like 10000000L, write a byte there, close the file. Then open and search the file for interesting things. Early unix did not zero out newly created files, so you could browse stuff that was earlier rm'ed and left intact on the disk. Woo hoo! Deleted pr0n!
Ditto memory. malloc some big block of memory and then dump it to disk and search for interesting data left in there. I got the root password with this one. Tee hee!
So, if I was very interisted in encrypting data on my HD, where would I go about getting software to encrypt it well enough that then FBI technicians would be swearing my name for a month?
Most people employ a sort of "steganographic" calculus in their decision that it's not worthwhile to encrypt email to begin with. After all, there are billions of pieces of email sent every day. why would anybody want to read my message to Grandma? In essence, my daily, banal emails are hiding in plain sight.
And when it comes to more sensitive information that really does need to be encrypted, such as credit card info, it's customary to go to an SSL-enabled site to do so. So most people, I think, instinctively choose a level of security which is appropriate to their situation.
On more than one occasion I have accidentally received incorrectly addressed email intended for another recipient. In the vast majority of cases, it's like, "See you Thursday at the ball game, Michael." However, I did once receive a large (>1 MB) corporate spreadsheet with sales figures and such. I wrote back to the sender and she asked me to please delete it asap. It would certainly have been better for this person had she encrypted the message beforehand.
There are two kinds of people: 1) those who start arrays with one and 1) those who start them with zero.
I used to be really proud that I signed all my e-mail with a PGP signature so that everyone knew that it was really me sending the e-mail. Then I got curious as to whether anyone was actually checking my signature, so I copied a signature from an old message into a few messages to mailing lists that I'm on. These are fairly geeky mailing lists, one regularly talks about crypto, another was a LUG list. Not a single person noticed the wrong signature. I don't bother to use PGP anymore.
Crypto is only as good as the other people using it.
--
Why can't I moderate something "Wrong" or at least "Grossly Misinformed"?
It's not hard to use. People are stupid. Say it. Yes..
I just recently wrote a company wide policy regarding the use of email. In the policy it is now mandated that when sending any information over the internet that may contain client information it must be encrypted. Each user is then audited at a random basis and checked to ensure they are following the procedure if not, termination of that employee is possible.
Sometimes I do care, so I'll encrypt it. A bit more hassle for the recipient, but worth the trouble. We're talking competition sensitive stuff here.
Then, if you're really concerned about interception, you should probably think about steganography. This is the art of hiding the encrypted message so that it won't be obvious that there's an encrypted message being sent. For example, you could hide your encrypted bits inside a picture or an audio file. There is software available to do this automatically. The security advantage is that the message needs to be recognized as being encrypted in the first place, which is not all that trivial.
For most of my messages, all this is way too much trouble. But I guess criminals would find this attractive...
MSN 8: Now Microsoft even has bugs in their ad campaigns.
I'd consider using crypto just to piss off carnivore.
"You know you don't act like a scientist, you're more like a game show host." Dana Barret
The question should be "Is not using crypto begging for trouble?" in which I would promptly answer yes. I've recently had my email account hacked (or I'm under that suspicion) and I've had to move to a more secure online email service which offers encryption among other security features. The breached account wasn't my primary address where I send and receive ultra-sensitive email, but whenever you recieve attachments of your own log-in screen (among other odd events) it still pisses you off.
I'll be the first to admit I got sloppy, but now I encrypt all my email. If that makes me look like a criminal, so be it.
I routinely use crypto for every message I send. If it is confidential, nobody can read it - so much the better. If it's a routine meneal message, it's pissing the NSA/GCHQ off - none the worse.