Like prohibition before it, crypto will see the light of day...policing it can't and NEVER will work. I agree...you cannot have secure e-commerce with key escrow...it's self-defeating. NO ONE has the right to know what I am doing with encryption...NO ONE...
I take Spock's philospohy here: "The needs of the many outweight the needs of the few." To try and police encryption use for fear of a malevolent few actually engaging in illegal trade is futile at best and idiotic at worst. Open source technology is great in that we can really see that nothing we use is tampered with...has no back door and is viable and safe for use. I would rather eat dog shit than use a closed-source encryption program. To not encrypt your email for serious business use is an unforgivable sin, unless it is not important to you that others see the transmission.
The 9th Circuit Court of Appeals upheld that crypto is protected by the First Ammendment, and to get that overturned will NOT happen in our lifetime...the government will continue to develop new and more powerful tools, but with the advent of quantum computing not far over the horizon, the existing crypto standards will all change anyway...
Hence the reason why I run OpenBSD and a very locked down set of NetBSD servers to run my little party...Tried, true and trusted...I use what I know and trust, and that is BSD...M$ is a repulsive server option and anyone who employs their products for secure servers deserves a good cracking if they get it...why not use the best thing out there...
If you had the money and wanted the best wine, you wouldn't be shopping at Walmart....you'd have your ass down at the snooty wine shop getting your ass kissed over a bottle of Martuex Chignon. The same goes for secure servers...I like the idea of Mac going UNIX as well as the next guy, but it's not ready for the prime time secure server market...too young and too untried...give me an OpenBSD server anyday...
I tend to agree with you...
I'm a Mac user, but I prefer OS 9.*...:) My server expertise lies with Solaris and BSD...so anything that deals with OS X, I will have to pick up when the time comes...Like any UNIX variant, OS X will have its fair share of bugs and problems that will eventually be worked out. I would probably buy OS X Server if I was paid enough...so I could learn all the little intracacies before I put it up as a production machine...
Like anything else, security is a process, not a product. It is a frame of mins that all sysadmins must get into to be effective against server contamination. Preventing this kind of thing tkaes not only skill on the part of the UNIX admins, but the people that work on and with the server need to be schooled as well to threats. All to often this is overlooked. Anything and everything is a potential target...vigilance and skill pay off if applied correctly...
Slashdot Mirror
Like prohibition before it, crypto will see the light of day...policing it can't and NEVER will work. I agree...you cannot have secure e-commerce with key escrow...it's self-defeating. NO ONE has the right to know what I am doing with encryption...NO ONE... I take Spock's philospohy here: "The needs of the many outweight the needs of the few." To try and police encryption use for fear of a malevolent few actually engaging in illegal trade is futile at best and idiotic at worst. Open source technology is great in that we can really see that nothing we use is tampered with...has no back door and is viable and safe for use. I would rather eat dog shit than use a closed-source encryption program. To not encrypt your email for serious business use is an unforgivable sin, unless it is not important to you that others see the transmission. The 9th Circuit Court of Appeals upheld that crypto is protected by the First Ammendment, and to get that overturned will NOT happen in our lifetime...the government will continue to develop new and more powerful tools, but with the advent of quantum computing not far over the horizon, the existing crypto standards will all change anyway...
Hence the reason why I run OpenBSD and a very locked down set of NetBSD servers to run my little party...Tried, true and trusted...I use what I know and trust, and that is BSD...M$ is a repulsive server option and anyone who employs their products for secure servers deserves a good cracking if they get it...why not use the best thing out there... If you had the money and wanted the best wine, you wouldn't be shopping at Walmart....you'd have your ass down at the snooty wine shop getting your ass kissed over a bottle of Martuex Chignon. The same goes for secure servers...I like the idea of Mac going UNIX as well as the next guy, but it's not ready for the prime time secure server market...too young and too untried...give me an OpenBSD server anyday...
I tend to agree with you... I'm a Mac user, but I prefer OS 9.*... :) My server expertise lies with Solaris and BSD...so anything that deals with OS X, I will have to pick up when the time comes...Like any UNIX variant, OS X will have its fair share of bugs and problems that will eventually be worked out. I would probably buy OS X Server if I was paid enough...so I could learn all the little intracacies before I put it up as a production machine...
Like anything else, security is a process, not a product. It is a frame of mins that all sysadmins must get into to be effective against server contamination. Preventing this kind of thing tkaes not only skill on the part of the UNIX admins, but the people that work on and with the server need to be schooled as well to threats. All to often this is overlooked. Anything and everything is a potential target...vigilance and skill pay off if applied correctly...