Slashdot Mirror

← Back to Stories (view on slashdot.org)

Lawyers Would Rather Fly Than Download PGP

Posted by kdawson on from the fly-once-to-exchange-keys dept.

An anonymous reader writes "The NYTimes is running a front-page story about lawyers for suspects in terrorism-related cases fearing government monitoring of privileged conversations. But instead of talking about the technological solutions, the lawyers fly halfway across the world to meet with their clients. In fact, nowhere in the article is encryption even mentioned. Is it possible that lawyers don't even know about PGP?" The New Yorker has a detailed piece centering on the Oregon terrorism case discussed by the Times.

3 of 426 comments (clear)

  1. Re:Communication more than just writing by Pendersempai · · Score: 3, Informative
    That's an interesting theory, but shot down in the first two paragraphs of the article:

    PORTLAND, Ore. Thomas Nelson, an Oregon lawyer, has lived in a state of perpetual jet lag for the last two years. Every few weeks, he boards a plane in Portland and flies to the Middle East to meet with a high-profile Saudi client who cannot enter the United States because he faces charges here of financing terrorism.

    Mr. Nelson says he does not dare to phone this client or send him e-mail messages because of what many prominent criminal defense lawyers say is a well-founded fear that all of their contacts are being monitored by the United States government.

  2. Re:Security not just about encryption. by Martin+Blank · · Score: 3, Informative

    That's not far from the truth. Each monitor has a unique signal that can be tuned in using TEMPEST gear, to which s0litaire indirectly referred in another reply to you. PGP has (had?) a viewer that was intended to defeat TEMPEST viewing. I don't know the details of it, but I recall it was a gray-on-gray scheme, and it had something to do with the relatively low resolution and color depth available on TEMPEST viewers.

    However, the FBI (and by loan or extension, the NSA) has some very good black bag people, and they are much more likely to add in a hardware keylogger or currently-undetectable rootkit nowadays. That's how the FBI got crucial evidence against Nicodemo Scarfo, Jr., son of former mob boss Little Nicky Scarfo, adding a hardware keylogger to grab his PGP password to allow them to decrypt his messages in concert with his private key, also copied at the time.

    --
    You can never go home again... but I guess you can shop there.
  3. Re:S/MIME, anyone? by bockelboy · · Score: 3, Informative

    That is correct. I work in an organization which deals exclusively in certificates (everyone also encrypts with S/MIME). The CA does not keep the private key.

    If the NSA compromises your CA, the best they can do is create another certificate which pretends to be yours. If the destination already had your certificate, then the public key they have won't match your private key.

    The grandparent needs to review PKI.