Slashdot Mirror
PGP & GPG
Ben Rothke writes "PGP (Pretty Good Privacy), as most Slashdot readers know, is one of the most popular software encryption programs ever. It is so good and so effective that in the early 1990s the FBI launched a multi-year investigation against Phil Zimmerman, the creator of PGP, for possible violation of federal export laws, especially ITAR (International Traffic in Arms Regulation). After many years of investigation, the FBI ultimately dropped its case against Zimmerman. Even though PGP is synonymous with end-user encryption, there have only been a few books written on the subject. Jump to 2006, and PGP & GPG: Email for the Practical Paranoid is a welcome title." Read the rest of Ben's review.
PGP & GPG: Email for the Practical Paranoid
author
Michael Lucas
pages
216
publisher
No Starch Press
rating
8
reviewer
Ben Rothke
ISBN
1593270712
summary
Pretty good overview of PGP & GPG
On page 167 in Appendix A of the book, the author candidly writes that PGP "comes with a very good and complete manual at over 300 pages". With that, one may question why one would spend $24.95 on a book which covers much of the same information as the bundled documentation.
The reality is that there is a large class of people that will simply not read any form of documentation. Rather, they prefer something with an ISBN number. Such people are a boon to authors (of which I am one) and publishers. For that group, PGP & GPG: Email for the Practical Paranoid provides a pretty good overview of how to use PGP.
The book is written for an end-user who, while comfortable with the workings of technology, is new to the sometimes strange world of public key cryptography. The author writes in an easy-to-read style and, through repetition, inculcates the principal ideas of encryption and cryptography to the reader.
The introduction and first chapter provide a good presentation of the concepts of encryption, cryptography and public-key cryptography. The idea of public-key cryptography, on which PGP is based, is not so intuitive, and many people struggle with the basic concepts. The first chapter, appropriately titled 'Cryptography Kindergarten' is a good read for those who are public-key cryptography challenged.
On a side note, the notion that even smart end-users can be intimidated by public key cryptography was detailed in a now seminal research paper 'Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0.'
The premise of the paper is that user errors cause or contribute to most computer security failures, yet user interfaces for security still tend to be clumsy, confusing, or near-nonexistent. The authors argue that effective security requires a different usability standard, and that it will not be achieved through the user interface design techniques appropriate to other types of consumer software. The authors conclude that PGP 5.0 is not usable enough to provide effective security for most computer users despite its attractive graphical user interface. Even though PGP is in version 9.x, it still suffers from usability flaws.
Cryptography purists may recoil when the author repeatedly uses the term 'military-grade encryption.' Military-grade encryption and military-grade cryptography are overused terms, most often by marketing departments, but there is no real definition of 'military-grade encryption' -- and even if there were, it would be classified. Most people use 'military-grade encryption' to mean really strong crypto, much like those who use the term 'Olympic-size swimming pool' to refer to a really large pool. But the term 'military-grade encryption' is so misused by so many people that it is a lost cause to try to fight it.
In the rest of the book, chapters 2 - 11, the author details the varied usages of PGP & GPG. The book also details the differences between OpenPGP, PGP and GPG.
The difference between them is that PGP is a commercial piece of software, GPG (Gnu Privacy Guard) is open source, and OpenPGP is a protocol that defines a standard format for encrypted messages, signatures, and certificates for exchanging public keys.
The author astutely writes that while PGP provides really strong security, this is only if, and this is a huge if, it is implemented correctly. Chapter 11 notes that although OpenPGP provides a reliable method of authentication and encryption, it is also not unbreakable. OpenPGP can be vulnerable to many different types of attacks and weaknesses, including poor implementation, hardware or software compromise, fake keys and more. It is important to realize that OpenPGP provides significant, but not unbreakable security.
At 180 pages and priced at $24.95, PGP & GPG: Email for the Practical Paranoid is an excellent book that shows the end-user in an easy to read and often entertaining style just about everything they need to know to effectively and properly use PGP and OpenPGP.
For those that want to save money and perhaps save a few trees, the free documentation that comes along with the product is similarly worth reading.
You can purchase PGP & GPG: Email for the Practical Paranoid from bn.com.
Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
On page 167 in Appendix A of the book, the author candidly writes that PGP "comes with a very good and complete manual at over 300 pages". With that, one may question why one would spend $24.95 on a book which covers much of the same information as the bundled documentation.
The reality is that there is a large class of people that will simply not read any form of documentation. Rather, they prefer something with an ISBN number. Such people are a boon to authors (of which I am one) and publishers. For that group, PGP & GPG: Email for the Practical Paranoid provides a pretty good overview of how to use PGP.
The book is written for an end-user who, while comfortable with the workings of technology, is new to the sometimes strange world of public key cryptography. The author writes in an easy-to-read style and, through repetition, inculcates the principal ideas of encryption and cryptography to the reader.
The introduction and first chapter provide a good presentation of the concepts of encryption, cryptography and public-key cryptography. The idea of public-key cryptography, on which PGP is based, is not so intuitive, and many people struggle with the basic concepts. The first chapter, appropriately titled 'Cryptography Kindergarten' is a good read for those who are public-key cryptography challenged.
On a side note, the notion that even smart end-users can be intimidated by public key cryptography was detailed in a now seminal research paper 'Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0.'
The premise of the paper is that user errors cause or contribute to most computer security failures, yet user interfaces for security still tend to be clumsy, confusing, or near-nonexistent. The authors argue that effective security requires a different usability standard, and that it will not be achieved through the user interface design techniques appropriate to other types of consumer software. The authors conclude that PGP 5.0 is not usable enough to provide effective security for most computer users despite its attractive graphical user interface. Even though PGP is in version 9.x, it still suffers from usability flaws.
Cryptography purists may recoil when the author repeatedly uses the term 'military-grade encryption.' Military-grade encryption and military-grade cryptography are overused terms, most often by marketing departments, but there is no real definition of 'military-grade encryption' -- and even if there were, it would be classified. Most people use 'military-grade encryption' to mean really strong crypto, much like those who use the term 'Olympic-size swimming pool' to refer to a really large pool. But the term 'military-grade encryption' is so misused by so many people that it is a lost cause to try to fight it.
In the rest of the book, chapters 2 - 11, the author details the varied usages of PGP & GPG. The book also details the differences between OpenPGP, PGP and GPG.
The difference between them is that PGP is a commercial piece of software, GPG (Gnu Privacy Guard) is open source, and OpenPGP is a protocol that defines a standard format for encrypted messages, signatures, and certificates for exchanging public keys.
The author astutely writes that while PGP provides really strong security, this is only if, and this is a huge if, it is implemented correctly. Chapter 11 notes that although OpenPGP provides a reliable method of authentication and encryption, it is also not unbreakable. OpenPGP can be vulnerable to many different types of attacks and weaknesses, including poor implementation, hardware or software compromise, fake keys and more. It is important to realize that OpenPGP provides significant, but not unbreakable security.
At 180 pages and priced at $24.95, PGP & GPG: Email for the Practical Paranoid is an excellent book that shows the end-user in an easy to read and often entertaining style just about everything they need to know to effectively and properly use PGP and OpenPGP.
For those that want to save money and perhaps save a few trees, the free documentation that comes along with the product is similarly worth reading.
You can purchase PGP & GPG: Email for the Practical Paranoid from bn.com.
Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
The first chapter, appropriately titled 'Cryptography Kindergarten' is a good read for those who are public-key cryptography challenged.
So basically 99.9% of users online today.
(Pretty Good Privacy), as most Slashdot readers know, is one of the most popular software encryption programs ever.
This statement may indeed be true. And yet, 98 out of 100 people on the street would have no idea what PGP is. What does that say about software encryption programs.
No one knows, no one cares and very few have been affected by their ignorance.
PGP & GPG: Email for the Practical Paranoid
title soon to become "PGP & GPG: encryption for the practical suspicious target of the homeland security dept."
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
That was the most difficult google search I've ever done ... Gnu Privacy Guard
GNU privacy guard. Duh!
I hadn't known there were so many idiots in the world until I started using the Internet -Stanislaw Lem
I can't say I ever found any PGP product good for any application. It was way too complicated and just not what was needed.
Instead, I found my holy grail of encryption in Truecrypt (http://truecrypt.org )which simply has rocked for the longest time (I'm in no way associated with it). Its free, and as far as I'm concerned as far as free encryption tools go, nothing can touch it, esp if you use one of the double pass encyption methods down the list, and don't label your volumes as truecrypt volumes or keep the encrytion program and the encrypted data on the same harddrive (use a USB key). No way they can identify what it is if you leave no clues.
Unfortunatly, I found out today on Wikipedia that Truecrypt has a rather lest than sparkling history... it seems rather sordid actually from what its homepage would allude to....
http://en.wikipedia.org/wiki/Truecrypt
PGP's probelm was it was never really integrated into an email system, and it had that totally messy key system that really was not worth bothering with or learning unless you were a highly trained memeber of secret police agency (as opposed to John Q public). There definatly is a begging need for good encryption of plain text ascii emails, but PGP just doesn't step up to the job. It needs to be integrated end to end in sendmail or whatever other mail transport servers, and inside the big heavyweight email programs used out there... PINE, Netscape Mail, the webmail services, and perhaps even OUtlook.
Skip Truecrypt, encrypt your data in a small volume and attach it as a file to who you want to send it to... in fact, encrypt whole harddrives or create files that can be mounted as virtual harddrives.
Truecrypt: http://truecrypt.org/
Zimmerman is more of a posterboy against the man than really than anything else in my practical opinion. I don't know any compgeek that uses PGP, or anyone that uses it to encrypt their mail.
Until Microsoft starts bundling their Certificate Services in Vista Home editions as a My-Identity-broker kind of thing, X.509 is useless for most people. X.509 is in Outlook because Outlook is the frontend for Exchange.
GPG/PGP are asymmetric cryptosystems that don't rely on PKI infrastructure, just per-user public/private keypairs. Not enterprise friendly but they can be used to bootstrap a trusted online relationship.
THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON
There's a Public Key field in the User Preferences page on Slashdot, but does anyone know where you go to pick up other users' keys?
A google search would have saved you about 100 keystrokes.
Attention deficit disorder is a complicated issue, spanning several major... HEY LET'S GO RIDE BIKES!
"Cryptography purists may recoil when the author repeatedly uses the term 'military-grade encryption.' ... there is no real definition of 'military-grade encryption' -- and even if there were, it would be classified."
Ahem, reference http://www.nsa.gov/ia/industry/crypto_suite_b.cfm
While Suite A is classified, Suite B, specifically AES, is specifically mentioned as being suitable for up to TOP SECRET info.
Military grade is not a useless term, as it is therein defined.
HOO-AH!
Yeah, I've noticed this on most IT books. And I'm not one of those people "who want an ISBN". I don't think those people even read the books...
I wonder if there is a book called "Linux man pages explained - with complete printouts"...
OpenPGP can be vulnerable to many different types of attacks and weaknesses, including poor implementation...
So one is vulnerable from poor implementation and the other provides really strong security? Hardware or software compromise is a flaw of only OpenPGP? Seems like a slightly tilted comparison.
Slashdot +1 funny -4 Insightful +1 informative -2 Redundant
Karma: Somewhere between SCO and Microsoft
Actually, the obligatory troll in this case is the old "HELLO WORLD HELLO WORLD" gag.
The failure of secure email to proliferate has nothing to do with PGP's usability issues. 99% of email users already have S/MIME integrated into their mail readers as a standard feature - very usable and secure, yet almost universally unused. It's not about the user interface, it's about perceived need (or lack thereof).
When people say "X.509" when talking about email security, what they mean is S/MIME. It is pretty clear S/MIME is going to win the battle to be the most common form of email security on the Internet. It has built-in support on Outlook, Thunderbird, hell--even mutt.
If people CHOOSE to trust a PKI, S/MIME works WAY better than PGP because key distribution is much easier. If they don't want to do a PKI, they can still trust individual certificates, just like PGP. They can verify certificates by reading thumbprints over the phone, if they like.
Basically, S/MIME can do everything PGP/MIME can do except the "web of trust." And WoT is just WAY too much work for 99.9% of the population. PGP will eventually vanish.
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
Acronyms should be defined in the summary.
Patrick Doyle
I mod down every jackass who puts his moderation policy in his sig. Oh, wait a sec....
What I'd like to see is an Outlook plugin (or OExpress) that does the following. (Please note that I wrote O/OE because they are the major players)
* GPG included to make it easy for the user. Just one install for the whole package.
* Automatically create keypair during installation
* Default option to keep passphrase cached (not safe, yes I know, I know)
* Automatically decrypt/sigcheck all incoming emails
* Automatically encrypt/sign all outgoing mails.
* Attach the pubkey to all outgoing mails where the address isn't in my keyring.
* Automatically (just ask for password confirmation or something) addition of incoming pubkeys to my keyring.
* GPL
* The people who got the pubkey would also get a link to where to download the plugin.
I'm sure someone can expand this list quite a bit and I'm sure I forgot half of what I wanted to put on that list, but it's a start anyway.
Anyone care to write such a plugin? Or is there one already that I don't know of?
I do think that if there was something to that effect that you would see a spike in encrypted emails going across the globe.
I used to encrypt/sign everything but since I was the only one using pgp/gpg it was kind of pointless.
You are not entitled to your opinion. You are entitled to your informed opinion. -- Harlan Ellison
Just the other day I saw the following on the website of an author selling her own book directly:
Sigh...
Secession is the right of all sentient beings.
Post like this make me crave the moderation "-1 lazy bastard"
... when you could just read the fine review?
...
From the ninth paragraph:
The difference between them is that PGP is a commercial piece of software, GPG (Gnu Privacy Guard) is open source,
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
I don't think anyone with who: A) has concern for their privacy and security, and B) is in their right mind, would want to use MicroSoft's Outlook email client. (Anyone recall the Outlook exploit that was executed without even opening the email?)
Aside from the fact that noone should use outlook, I read up a tiny bit on X.509. According to Wikipedia, X.509 uses signed certificates from CAs, meaning you have to PAY, and store your certificate with a "trusted company". Not only is this horrible for paranoids who wouldn't trust Verisign, but the US Gov. could subpoena your information from these companies, rendering your encryption useless (against the government).
PGP => Pay to Get Privacy
GPG => Get Privacy Gratis
First of all, you can get free personal S/MIME email certificates from Thawte, which is a trusted CA. Second of all, you don't have to use a commercial trusted CA. You can also be your own CA and issue yourself all the certificates you want. The only catch is that outside the domain of your CA, your CA will not be a trusted CA, so you either have to establish trust in advance with other users, or live with having an untrusted certificate.
If you don't know where you are going, you will wind up somewhere else.
(Pretty Good Privacy), as most Slashdot readers know, is one of the most popular software encryption programs ever.
This statement may indeed be true. And yet, 98 out of 100 people on the street would have no idea what PGP is. What does that say about software encryption programs.
So then, what does this say about Slashdot readers?
never bring a twinkie to a food fight.
I read up a tiny bit on X.509.
That is obvious.
According to Wikipedia, X.509 uses signed certificates from CAs, meaning you have to PAY,
No, you can set up your own CA (for free) with openssl. And in fact, you don't need a CA at all. You can use your own certificates that aren't signed by anyone, just like PGP/GPG. In fact, the underlying math (public-key cryptography) is exactly the same as PGP/GPG.
and store your certificate with a "trusted company".
Store your certificate? Bullshit. You send the CA a certificate signing request. They sign it, and send it back to you. The certificate is useless without your private key, and the private key doesn't leave your possession. Decryption can only be done with the private key. So don't lose it.
Not only is this horrible for paranoids who wouldn't trust Verisign,
You don't need to trust Versign for X.509 to work. The only time you need to trust Versign (or any other CA) is to identify the cert of someone you never met. How do you know that a cert really belongs to the person? Verisign (or some other CA) signed the certificate. How do you know if a PGP key really belongs to someone you never met? Someone signed it.
But do you trust the signer? That question occurs with certificates and PGP keys.
but the US Gov. could subpoena your information from these companies, rendering your encryption useless (against the government).
Even if the US Gov't seizes all of verisign's info, that won't help them break your cryptography, since the private key (see above) never left your possession and Verisign never had it.
It's one thing to be paranoid, it's another thing to be an idiot. Understand how cryptography works before you start to rant & rave.
Frankly, if the US Gov't really, really wants to break your encryption, they'll bug your computer, or your house, or call in the NSA, or send in the Marines.
The simplicity of X.509? Is completly the other way around. PGP is simple
You probably never implemented a corporate PKI infrastructure. I myself love PKI (it's a freeking miracle I got married, I know) and have implemented or at least contributed in implementing several PKI's over the years. Simplicity is definitely not the first thing that comes to mind. Things like OCSP and CRL's you need to check the validity of a key, basically everything around issuing keys, key-escrow etc. it is al pretty complicated. Not nescecairly the theory, but the actual implementation and integration. Plus not to mention expensive. And don't even get me started on the legal side of it, the contracts you need, the legal requirements, webtrust etc.etc.. Brrrrrrr.
PKI is cool, has a lot of potential etc. Put it's not simple in anyway. Microsoft may make it look simple (did I just say that?), by basically "trusting" loads of CA's defaultly but how much is that trust worth exactly? Not much in my eyes. Oke, the encryption during transit... that should be ok. But is the signer of that email really who he says he is?
Between me, my friends and my colleguae's we use GPG. Bunch of my friends are on Mac's like me others are on Linux or BSD flavored machines. Some even use Windows. I don't even know al the plug-ins everyone uses. Hell, I don't know the name of mine. It integrated with Apple Mail and I just press the buttons etc, type in my passphrase and it works. Simple. Plus the keys I trust, I explicitly trusted by hand. Basically this kind of trust is loads better then accepting any mail certificate issued by the Verisigns of the world.
Here is the Mac link: http://macgpg.sourceforge.net/ . Loads of GUI GPG tools.
The glass is half-full. With poison. And there are cracks in the glass. The dirty, dirty glass.
John: Cool. Here's mine.
Et voila - we can now start sending private messages back and forth (neglecting man-in-the-middle issues with the key exchange that can be trivially avoided with a single phone call or in-person meeting). Notice the missing step: neither of us paid Verisign or another CA for the privilege of saying "Hey, wanna go to lunch?" in private.
Dewey, what part of this looks like authorities should be involved?
So a large class of people prefer to read, what, barcodes??
Check out eCryptfs, which has recently been accepted upstream into the
-mm Linux kernel:
http://ecryptfs.sf.net/
This encrypts on a per-file basis, so that you can grab and copy the
file from the lower filesystem (which can be pretty much anything --
ext3, jfs, reiserfs, nfs...) without even having to mess with all that
partitioning stuff.
It's a great cryptographic filesystem now with just passphrase
support. It looks like they're going to be done with the public key
subsystem (with pluggable PKI support) before too long. HMAC
(integrity verification) will come next, and then when they get into
the policy stuff, eCryptfs will go beyond any crypto filesystem that
anyone has ever written, Open Source or not.
Coincidentally, the header format is inspired by the OpenPGP
specification (RFC 2440).
Conversely, all it takes to to use PGP is a few seconds with the wizard to generate your key and you're all set. It doesn't ask you for your passport number or your ssn, or your birthday or anything else. Integration with mail readers is slightly harder, but solutions exist for PGP and GPG for most popular readers. Once you have the key you're all set to use it for as long as you like. If you're paranoid about impersonation you can even get a few friends to sign your key.
Just as a an example, I set up a shopping cart of the type I mentioned and they thought it was the mutts nutz until I showed them that I was receiving both parts of the credit card numbers by email at a private email account. Even then I don't think they thought it was a problem. I left shortly afterwards.
I wonder whose harvesting those numbers now...
BTW, I deleted that shopping cart, so I am not guilty of abusing the system. It was done to prove a point.
|/usr/games/fortune
All-in-all, I think it's a practical down-to-earth simple solution. Seriously, don't laugh just because it's not technical enough for you.. So while you're busy being a tech-snon, the world will be busy getting stuff done. This works; for now.
"" How about taking the safety labels off everything, and let the stupidity-problem solve itself? """
There is only one thing missing here Who controlls the 509 certs.. Everyone seems to miss that companies pay Microslop to include them as trusted CA providers.. Yes.. 75k to get trusted and 10K per year to stay trusted.. I have been using pgp/gpg for years.. it works fine.. I use it to encrypt my hard disk and confidential mail to my friends.. Fred
For those who are curious: "The dimensions of an Olympic pool are required to be 25 metres by 50 metres." http://www.faqfarm.com/Q/What_are_the_dimensions_o f_an_Olympic-sized_swimming_pool
I am still looking for the definition of 'military-grade encryption'.
that's pretty secure compared to this site
http://www.rncca.com/
why they have a password is beyond me when they list the password on the site?
Haha, and if you click cancel, you still get directed to the page.
See previous comment
It's a very dark ride.
x.509 has a useful niche. PGP has a useful niche. I believe you are confusing tools.
I admin a PKI system inside the company I work for and it's the bees knees. I add public keys to the keychain. If you aren't on the keychain, then you won't have access to some things on the LAN. Simple, discreet control.
Let me be clear: There is a way around *every* security system. Running PGP/PKI systems meaningfully raises the bar.
Declaring x.509 "the winner" sounds like you have a very serious investment in it's success as opposed to the more professional perspective, right tool for the job.
OT Info:
As a general warning to all: MS's efforts in x.509 are the usual Embrace, Extend, Extinguish thereby crippling interoperability. Note that they've got Red Hat publicly endorsing their efforts now. http://www.identityblog.com/
Whereas shibboleth http://shibboleth.internet2.edu/ is supposed to be the neutral party.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
When I first read the title I hoped the ability for these systems to communicate correctly was what was being addressed. I've been working with a bank for weeks now trying to get things I encrypt with GPG to be decryptable by their PGP "Universal Server" product. They can install PGP Desktop on a PC and decrypt my messages just fine. They have this larger/fancier package that decrypts upstream of their Exchange server and internally passes on the unencrypted emails to their folks. It also has a webmail (https) interface for outsiders to send/receive things to them, etc.. It simply refuses to decrypt something created by GPG and PGP's support has been thoroughly useless so far. Hrm...
Email encryption and certification gathers in efficacy in direct proportion to its ubiquitousness. PGP Home costs $99, which no casual user to going to pay, and GPG asks questions, during the key set up, which your casual user is not going to understand. Distributing your public key can also have lots of "gotchas" that requires too much thinking for the casual user.
I am an advocate of a free and easy to use encryption and certification technology for sending and receiving trusted emails that cannot be intercepted. I believe that a free, single page "GPG for Dummies" PDF would be great.
Uncanny timing on this article for me -- I just this morning set up both PGP and GPG clients on my Windows machine. I found some inspiration in this tutorial on PGP:
http://www.haltabuse.org/pgp/win/index.shtml
The tutorial talks about version 7 or 8 of the software when it was still freeware. Version 9 it appears still offers the basic functionality for free, but I have to admit that I was a bit put off by the fact that it's presented as a 30 day trial with a EULA that includes passages like this:
You hereby expressly consent to PGP Corp's processing of personal data you provide to PGP Corp (which may be collected by PGP Corp or its distributors) according to PGP Corp's current privacy policy which is incorporated into this Agreement by reference (see ). If "you" are an organization, you will ensure that each member of your organization (including employees and contractors) about whom personal data may be provided to PGP Corp has given his or her express consent to PGP Corp's processing of such personal data. Personal data will be processed by PGP Corp or its distributors in the country where it was collected, or in the location of PGP Corp or its distributors; United States laws regarding processing of personal data may be less stringent than the laws in your jurisdiction.
Standard EULA boilerplate perhaps, but I found it unnerving in a product that's supposed to protect your privacy.
I also downloaded GPG4Win from
http://www.gpg4win.org/
and got it running. I just succeeded in encrypting a message with the one and decrypting it with the other, so I think I'll go with GPG.
Amazing that such tools aren't de rigueur by now.
Innovation makes enemies of all those who prospered under the old regime... -- Machiavelli
"The right tool for the job" argument would lead to everyone being burried in billions of tools. I think email security is one of those areas where people don't want multiple tools, and will eventually settle on one for the vast majority of uses. Nobody can predict the future, so you can falsely accuse me of having a vested interest and claim that the people really want multiple tools if you want... but I think you'll be proven wrong in the long run.
There is 1 SMTP. There is one SSL. There is one HTTP. There will probably be one "email security" system, too. And it will NOT involve maintaining a "web" if the majority of the Internet will be using it.
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
My guesses include:
* They've coerced the author to build in a backdoor (a la clipper).
* They've spent enough billions on serious hardware that they can brute-force it in a reasonable time.
* They've got some very clever mathematician to figure out a viable attack.
I think you can safely scratch #1, while also safely assuming #2. The trick is how timely, and how much encrypted traffic there is overall. If you or your message has been flagged as a high priority decrypt, then they're likely to throw a lot of crunch at it.
However, if you're not flagged and more people start to use encryption, you're more likely to get lost in the noise.
Your #3, I have no idea. I don't really have enough math knowledge to have a good grasp on the difficulties such a mathematician would face.
It's not offtopic, dumbass. It's orthogonal.
PGP will eventually vanish.
Don't put too much trusts in certs. For example, you can ssl in the middle, so in theory smime in the middle should be possible. I actually figured out in one case ssl in the middle only works transparently when a valid CA root cert existed. A self signed cert gave it up that my ssl traffic was being intercepted when the popup informed me the host didn't match where I was going. If you don't believe this look as the Bluecoat proxy servers. One hotel I stayed in did this, so I VPNed using ipsec to home to do my banking.
PGP, I prefer the GNU version as the source is visible, veted and verified not to have back doors. And I can check for myself. PGP allows me to trust you without the need for a 3rd party trust. Do you trust all the root and trusted CAs in IE? I sure don't.
Calling for PGP to "vanish" is quite premature.
I have thought about that. In theory, the web mail provider could create an app that would act as a mini web server running on your computer which would do all of the actions requiring the private key. You could have it show a pop-up every time it is needed saying what it will do and ask for your passphrase.
Centralization breaks the internet.
Uh, why could one not just run a Windows mail client and encrypt the files? You could even use the win32 build of Evolution that was on /. a few days ago if you wanted.
Centralization breaks the internet.
But with GPG multiple people need to trust a key before I do. With X509 I trust one person, the CA, not to be evil. With GPG 5 people need to be evil depending on your settings before you trust a bad key.
Inventions have long since reached their limit, and I see no hope for further development.-- Frontinus, 1st cent. AD
No because people clueless enough to be tricked by phishing scams would be too clueless to verify signatures.
What could be better than a jet powered motorcycle? http://www.youtube.com/watch?v=u8l6GTHLSWE
PGP is big in the secure file transfer worlds of banking, insurance and the like. It's quite common to "PGP" a file and then send it via FTP or SSH.
Someone else mentioned S/MIME encryption. I have two things to say about that:
#1: An analogy: PGP is to S/MIME as SSH is to SSL. The first technologies are designed for individuals to each trust each other; the latter technologies are designed to rely on a trusted third party (specifically, a CA).
#2: Despite not-wide-use in email, S/MIME is having its revenge in the form of the AS/x protocols, most commonly AS/2. This protocol is widely used in retail, distribution and pharmas and uses S/MIME encryption to both send files and receive cryptographically secure receipts. (Drop me a line at jonathan.lampe@standardnetworks.com if you want to chat about this further; I'm looking for some beta testers for a related application!)
A slashdotter in a relationship with a WOMAN?
LIAR!
#2: No, given everything public sector mathematicians and cryptographers know, #2 isn't viable even for the NSA. Even if the NSA owned a galaxy full of conventional supercomputers.
#3: The simple answer is that the mathematicians need to find a shortcut to factor a big number (find that 7 and 3 are factors of 21). Mankind has been working on this problem for a couple thousand years to no avail.
I feel safe because:
A. If the NSA has created huge practical quantum computers to crack assymmetric encryption, they're not wasting the resource or risking the phenomenal secret on me or anything remotely as inconsequential as me.
B. If the NSA can factor large numbers, or has found a practical break to symmetric encryption, again this would be so mondo huge that they wouldn't waste it on anybody but North Korea-types.
I have to say, I don't personally use them, but I think the hushmail.com people really do crypto right. First, it is (now) genuine OpenPGP encrypted email, i.e. as standard as standard gets. And for people who aren't experts, there's really no key exchange to work out. If you both use hushmail.com, you can sign/encrypt your messages and the site takes care of hooking you up.
I'm all for traditional fingerprint checking and GPG keysigning parties, and yes I even got RMS to sign my key for cool factor. But for "mortals" I think the hushmail.com system is about right.
Fair enough. But note that I did say that the NSA would only expend the effort on those they consider high priority, and that all others would blend in as use of encryption increases.
Thanks for the clear and concise explanation of the mathematical breakthrough required for a shortcut.
It's not offtopic, dumbass. It's orthogonal.
When I tried to get (free) certificates from Thawte, Comodo and CAcert, this was all done in a browser, I specified the length of key that I wanted, and presumably the key was generated on their computers rather than by my browser. Presumably in this case it would be very easy for them to keep a copy of my private key.
I take it when you pay for a certificate you can generate your own and get them to sign it?
Love it, but I'm tied to my state of birth, probably for the rest of my life.
And I'm so far beyond minarchism into anarcho-capitalism now that I think I'd gripe no matter what reforms they implemented. :) But of course I'd be a lot happier.
Secession is the right of all sentient beings.
Funny indeed. The password check is a piece of JavaScript on the page. It seems that they used to accept three different passwords and the code that they use to check the password has been rotten. Whitness the following:
Notice how pass2 and pass3 are undefined? An exception will not be raised if password is not correct and the script will be terminated before it can execute the window.location line. Bonus WTF points for the fact that the password is displayed in the dialog that prompts for it!
_________________________
Spelling and grammar mistakes left as an exercise for the reader.
Not sure what the problem is here. There are still a lot of people who are not online. There are still a lot of people that have long train or bus rides and want to read something along the way. Yeah, there is free stuff, but it is not always accessible to everyone.
Honestly, I have never found the web of trust to be usefull. For people I have real-life contact with, we can just exchage keys in person. For people that I converse with online, we can exchange public keys via email, and we will know that all email signed with those keys are from the same person, even though we don't know who that person is apart from their online presence. For companies that I do business with (like my bank), they could provide me with thier public keys either via a secure link (like ssl website), in person at one of the branches, or better yet included each time I renew my card.
From my perspective, the fact that someone else signed your key, even someone I know, really doesn't make it any more trustworthy to me, and is just as meaningless as a CA. CAs do have another advantage in that they provide better infrastucture for revoking compromised keys than web of trust. In what situations do you find the web of trust to be usefull?
But from the end user's point of view (assuming you got it all working right) it just works.
They don't have to mess around with certificates or anything. All they have to know how to do it press the encrypt or sign options on the email before sending it.
The email program plug-in will check the companies address book for all the public key certs it need to encrypt and it is the companies admins who are responsible for making sure that new hires get their keys and that the address book is up to date.
And when the user receives a message it is even simpler. They just open it. And unless an error occurs (decryption or signature failed, an expired / revoked key was used, etc.) after a moment the email just opens.
The user is (or should be) totally shielded from certificates, trust paths, revocation, etc. So there is a lot of work on the admins to make it simple for the users.
Now the downside is that some users need to communicate outside the company, and setting that up can be even harder for the admins, and frustrating for the users as they have to wait on the admins to get the appropriate certificates or cross certifications in place for it to work.
Read the free docs online, then hand chip a stone axe, and go cut down all the trees you want.
It's free, and you get the personal satisfaction of seeing the trees die yourself, rather than outsourcing that part.
Hi,
If read my give and take below with Abcd1234 about military grade encryption, he refuses to concede that there is no such thing, as the book reviewer stated.
I still challenge anyone to provide an authoritative definition of what military grade encryption is.
Karen
I went there and saw where it tells you the password on the page, but had no clue when and where I was supposed to provide the password, nor what it was for. I clicked the link, and saw the list.
Then I read this post, and realized there's supposed to be a Javascript password check. But of course I don't see it, because I have Javascript turned off! :)
Secession is the right of all sentient beings.
I don't think crypto is going to be ubiquitous while it is the mess it is now. I think PGP has a very good UI, but it costs money (though 8.0 is free from pgpi.com). I think GPG has terrible UI (none at all), and what tools that exist to put a UI on it such as WinPT are pretty sucky too. I don't think GPG did itself any favours by only shipping as an executable-only format using stdin & stdout to report everything. GPG *needs* a reentrant DLL version of itself which allows front-ends to talk in terms of structures and error messages rather than decipher what comes out of stdin. I've seen wrapper libs around gpg but it's not enough, it needs a reentrant version. Not only would this make the thing work better from the UI, but key servers etc. would be much faster too.
Still, once you get Enigmail working with GPG, it's an excellent crypto system. I have a customer who insists on talking to me with OpenPGP and Enigmail makes it very easy. IIRC crypto speed and file sizes are far better in OpenPGP over X509 too.