LISTSERV - LSTOWN-L Archives - COMMUNITY.EMAILOGY.COM

LSTOWN-L Archives

LISTSERV List Owners' Forum

LSTOWN-L

	LISTSERV Archives
	LSTOWN-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Topic:	[<< First] [< Prev] [Next >] [Last >>]

What PGP Does for Me

"John W. Redelfs" <[log in to unmask]>

Wed, 24 Feb 1993 11:05:05 -0900

text/plain (65 lines)

>Eric quotes someone:
>>At a minimum, I would use  encryption techniques on *every* anonymous or
>>pseudonymous message. I've seen postings  using PGP and other public key
>>schemes; that's  a step  in the right  direction. Plaintext  *cannot* be
>>considered  secure or  confidential in  today's network  environment; no
>>'alias server' or third-party email  forwarding can provide the level of
>>privacy/confidentiality you want.
 
Eric responds:
> What does PGP  do for you? What you  want to hide is the  identity of the
> sender -  username, hostname,  full name.  The header  isn't going  to be
> encrypted. PGP buys you nothing. Plus, I wouldn't entrust my safety to an
> algorithm such as PGP or RSA.
 
If the contents of a message cannot be determined to be controversial,
what difference does it make if everyone knows who sent it?  A plot to
hijack an aircraft carrier could be freely discussed on a list for
homemakers baking for state fair competitions.
 
If only criminals, revolutionaries and terrorists were using
encryption, major code breaking technology could be marshalled to
intercept and read all encrypted traffic.
 
On the other hand, if encryption became widespread--remember, it's
just software that could be quite invisible to the user--then code
breaking efforts would be used only when other reasons exist to
suspect something illegal.
 
Why couldn't a user wanting privacy encrypt his posts, send them by
modem to a remote service offering anonymous posting, and post the
encrypted traffic anonymously from there?  If the owner of the
anonymous posting service kept his records encrypted, how would anyone
find out who the original author was?
 
Years ago in one of the first issues of OMNI I read an article on the
effect that computers would have on privacy.  At the time it was
commonplace to do a lot of handwringing about the supposed loss of
privacy that would be effected by the new computer technology.
 
The article was written by a couple of mathematicians who claimed that
computers would make encryption so easy that codes could be generated
that would be EFFECTIVELY unbreakable, not PERFECTLY unbreakable, but
requiring so much CPU time to decode that no one would bother.
 
I spent several years working as a locksmith.  There are no locks or
security systems that cannot be defeated.  But there are many that
make it easier to go elsewhere to break in.  As locks and alarms
become more sophisticated, so do thieves.  But the reverse is also
true.  Wouldn't it be that way with encryption?
 
It seems to me that with encryption, practical privacy can be achieved
even though absolute privacy will remain forever beyond our reach.
 
Eric is right, encryption would fail to solve the problem of the
unencrypted header.  On the other hand, if the message is encrypted,
how does a snoop know whether it contains anything worth following up?
He could ferret out a poster that is merely sending a Christmas letter
to his mother.  Why bother?
 
 
 
 
-------- All my opinions are tentative pending further data. --------
-------------- John W. Redelfs, [log in to unmask] --------------

ATOM RSS1 RSS2

COMMUNITY.EMAILOGY.COM