Slashdot Mirror
Safeguarding Data From Big Brother Sven?
An anonymous reader writes "Now that the Swedish government (in its infinite wisdom) has passed a law allowing them to monitor email traffic, a question that I think a lot of people are asking (or at least should be asking) is: 'What can I do to improve my privacy?' The answer is not obvious.
So, what are the best solutions for seamless email encryption, search privacy, etc? What are your experiences with PGP vs GPG vs ...? In this day and age, why is the use of this type of privacy technologies still so limited? Why isn't there a larger movement promoting the use of privacy tools? Also, what is in your opinion the largest privacy concern? Search tracking? Email transfer?
I believe this is an interesting question not only for Swedes, but for everyone. Lots of traffic is passing through Sweden, but more importantly, the Swedish government is not alone in using this type of surveillance."
Reader j1976 writes with a related question: "For most users with email addresses within large organizations, implementing their own email encryption scheme is not feasible, partly because of the technological aspects, but also since users in organizations often do not have administrative access to their workstations. What can an organization do, centrally, to lift the burden of encryption from the users? Are there any transparent schemes for email encryption which could be installed for the organization as a whole?"
...(Of all places) there was a pretty good segment this morning regarding email encryption, even including a short interview with Phil Zimmerman. What was VERY interesting about it, to me, was the attitudes of the "man / woman in the internet cafe'" interviews they did, and how most people just "didn't care" about privacy issues regarding email. One fellow naively stated "I try to live my life in such a way that no one would have an issue with what I do." In my opinion, though, what YOU or I might consider innocuous might garner unwanted attention from government. As we are headed seemingly toward a more "European" philosophy here in the USA where the government assumes the duties of "personal watchdog" over your "lifestyle," what you eat, what you drink or smoke, what you teach your kids, etc., this would seem to be a foolhardy attitude.
Any technology distinguishable from magic is insufficiently advanced.
Because no matter what country you live in some of your Internet traffic is likely to pass through Sweden. They snoop and tell your government about your stash of __________ (insert your own illegal/grey market goods etc. here). Wala - your government has "proof" you are engaged in illegal activity and busts down your door. Moreover, you apparently haven't been watching the news regarding the change in behavior people exhibit when they know/think they are being watched.
It's too complex for most. If it were as simple as me putting code on my machine and sending encrypted emails to my family and friends I would do it. Sadly, I have to step them ALL though putting GPG or PGP onto their machines, creating a pair of keys then sending my and all of their friends their public key. Want to place bets how many of them would send their private key themselves?
If MS would simplify it and make all of this just happen. I bet that there would be a big gaping hole for the gov't to make use of. Not to mention the security holes that would go along with it as well.
-- Many men would appreciate a woman's mind more if they could fondle it
The reason PGP, and GPG as well, fail is because PKI is just too difficult to setup and maintain. I'm sure some nerd who lives in his mom's basement is going to contest this but the fact remains it's too difficult to do in most corporations let alone end users. Making a key, remembering the password, managing keys, revoking keys, it's all just a total pain in the ass. If you truly want secure email for the masses it has to be transparent. This is just a given. People are not going to do PKI. This is the main reason we don't have mass adoption of PGP encrypted email.
The second reason and it's to a lesser extent but still a strong motivator IMO for the lack of secure options for communication are that corporations and governments don't WANT secure applications being adopted. How else can the government spy on you or corporations steal secrets from each other if things are encrypted. This isn't paranoid fantasy land I live in. I don't think any intelligent person today doesn't know especially over the last 8 years that the governments are doing everything they can to spy on you, record you, monitor you and track you. Wether its the TSA, DHS, warrant-less wiretapping whatever we are living in a 1984'esqe society. Seamless and mass adoption of strong encryption and anonymity by the masses would *seriously* curtail their ability to spy on you and find dissidents and evil doers who read catcher in the rye. So IMO these are the two strongest compelling reasons we don't have encryption for the masses yet. Phil's ZFone project is a good step in the right direction though.
I'll go out on a limb and predict that in 5 yrs or less time, encryption will be a 'self admission of guilt' to ALL governments.
....so depressing ;(
I really hope I'm wrong. but the trend is there if you just look.
we already have people saying 'if you are not a terrorist, you should have nothing to hide'. this is just a half step away from saying 'if you DO use encryption, you MUST be hiding something that we should see'.
mark my words.
you may think that you are out-smarting the governments but they have the money, the guns and all the power. and they're NOT about to give this bit of power (over the people) up.
if you encrypt a laptop and pass thru customs, you are FORCED to reveal your password or at the least, 'open' the disk for them to view the contents of. so tell me, how did encryption help here?
don't give me that crap about truecrypt, either. how long will it take before their border people know how to detect this?
--
"It is now safe to switch off your computer."
Visual IRC: Fast. Powerful. Free.