this is mikel.org

Michael Boyle's weblog

State of the art, 2006:

by

State of the art, 2006:

Matt Haughey describes the difficulties he encountered when trying to give himself the ability to encrypt email: It’s the user experience, stupid. Very early on in my internet life I started using PGP and, as Haughey does, I periodically revisit the subject and assess how far things have progressed. As he reports, however, things haven’t progressed very far.

My most recent foray into encryption and such occurred a few weeks ago when I downloaded and tried the free GPG system. I found that not only could I not use my old key pair (though I still know my old password) but I couldn’t easily find out why, nor could I figure out a way to address the issue. So now there is a public key out there in the wild – a key of long standing and signed by several other people – with my name on it but with totally out-of-date email addresses attached to it and nothing I can do about that.

PGP Home

by

PGP Home

PGP Home. ‘Nuff said? Maybe not. There’s a new company in town, and it has bought Pretty Good Privacy from NAI. So it seems that PGP itself remains a viable encryption system – though frankly, that was more or less true independent of this announcement via the GPG initiative among others.

I’ve been harping on this

by

a lot, but in Declan McCullagh’s article on the Hanssen, the alleged double-agent for the Russians, he includes a quote which calls the whole accusation into question. On page two, he writes, “Freeh, who once lobbied for a permanent ban on the distribution of encryption software without a backdoor for his agency, could use this case as justification for restrictions that Congress would have to approve. In a statement, Freeh stressed that Hanssen used a ‘variety of sophisticated means of communication (and) encryption.'”

The problem for me is that these guys have shown for years that they’re not trustworthy. How do we know that Hanssen wasn’t a plant from the get-go who has been brought out now to further the anti-crypto agenda?

Update: The Times has posted an excerpt of the FBI affadavit about Hanssen. It doesn’t clarify much, but it’s fascinating reading.

I came across

by

an interesting article about encryption, specifically about PKI (public key infrastructure, such as PGP). It’s entitled Cheaper techniques take on PKI, and this quote is telling: “As the world has moved toward lighter-weight computing, PKI is becoming a tougher sell.”

PKI has always been a tough sell – it’s hard to imagine it being tougher. Regardless it’s an interesting update to the discussion, especially considering that one of the basic tenets of encryption states that security through obscurity is no security at all – and that’s just what it seems some of the newer systems mentioned seem to rely upon.

One thing is clear – if people want the privacy and security they say they do, then some encryption scheme will have to become commonplace. Equally clear – PGP isn’t currently seen as a viable option by general internet users, nor is a system like Freedom (from ZKS) catching on – they’ve reportedly had trouble selling it directly to end users.

Design Test Search Media Software NYTimes Blogging Sports Canadian Politics US Politics GNE Friend Business Montreal War Email Social Networks Personal Internet Web Design Canada Music Funny Browser Arts Copyfight Apple Web Wired Google International Affairs Microsoft
Michael Boyle Blog